Commit 0d3f1c4e authored by Cédric de Saint Martin's avatar Cédric de Saint Martin

Merge branch 'master' into accords

Conflicts:
	setup.py
parents 26b56802 55327aa7
No related merge requests found
Changes
=======
0.46 (Unreleased)
-----------------
* No change yet.
0.45 (2012-03-29)
-----------------
* slaprunner: change number of available partitions to 7 [Alain Takoudjou]
0.44 (2012-03-28)
-----------------
* minor: apachephp: update apache configuration to work with Apache2.4
0.43 (2012-03-28)
-----------------
* minor: erp5: add missing .zcml files into egg. [Cedric de Saint Martin]
0.42 (2012-03-26)
-----------------
* erp5: Add web_checker recipe. [Tatuya Kamada]
* erp5: Add generic_varnish recipe. [Tatuya Kamada]
* erp5: Simplify erp5_update to only create the ERP5 site. [Romain Courteaud]
* erp5: Allow to pass CA parameters from section. [Łukasz Nowak]
0.41 (2012-03-21)
-----------------
* Release new "generic" version of KVM, includes frontend.
[Cedric de Saint Martin]
0.40.1 (2012-03-01)
-----------------
......
include CHANGES.txt
include slapos/recipe/generic_zope/template/site.zcml
include slapos/recipe/apache_frontend/template/notfound.html
recursive-include slapos/recipe *.in
recursive-include slapos/recipe *.bin
recursive-include slapos/recipe README.*.txt
recursive-include slapos/recipe *.js
recursive-include slapos/recipe *.zcml
......@@ -6,7 +6,7 @@ parts =
# Contains libasound
recipe = hexagonit.recipe.cmmi
url = ftp://ftp.alsa-project.org/pub/lib/alsa-lib-1.0.24.1.tar.bz2
#md5sum = d55a9d7d2a79d738a1b7a511cffda4b6
md5sum = 7cc05f25e1d5b65da8fb3fdcd540f226
configure-options =
--disable-static
--disable-aload
......@@ -18,4 +18,4 @@ configure-options =
--disable-ucm
--disable-alisp
--disable-old-symbols
--disable-python
\ No newline at end of file
--disable-python
[buildout]
parts = apache-php
extends =
extends =
../apache/buildout.cfg
../bzip2/buildout.cfg
../cclient/buildout.cfg
../curl/buildout.cfg
../curl/buildout.cfg
../freetype/buildout.cfg
../gettext/buildout.cfg
../libiconv/buildout.cfg
......@@ -19,13 +20,14 @@ extends =
[apache-php]
# Note: Shall react on each build of apache and reinstall itself
recipe = hexagonit.recipe.cmmi
url = http://fr2.php.net/distributions/php-5.3.8.tar.gz
md5sum = f4ce40d5d156ca66a996dbb8a0e7666a
url = http://fr2.php.net/distributions/php-5.3.10.tar.gz
md5sum = 2b3d2d0ff22175685978fb6a5cbcdc13
configure-options =
--with-apxs2=${apache:location}/bin/apxs
--with-libxml-dir=${libxml2:location}
--with-mysql=${mariadb:location}
--with-zlib-dir=${zlib:location}
--with-bz2-dir=${bzip2:location}
--with-mcrypt=${libmcrypt:location}
--with-gd
--with-jpeg-dir=${libjpeg:location}
......@@ -37,7 +39,7 @@ configure-options =
--with-mysqli=mysqlnd
--with-curl=${curl:location}
--with-zip-dir=${zip:location}
--with-imap=${cclient:location}
--with-imap=${cclient:location}
--with-iconv-dir=${libiconv:location}
--with-gettext=${gettext:location}
--with-ldap=${openldap:location}
......@@ -48,12 +50,13 @@ configure-options =
--enable-session
--enable-exif
--enable-zip
--enable-bz2
--enable-ftp
environment =
PKG_CONFIG_PATH=${libxml2:location}/lib/pkgconfig:${openssl:location}/lib/pkgconfig
PATH=${pkgconfig:location}/bin:${libxml2:location}/bin:%(PATH)s
LDFLAGS =-L${libtool:location}/lib -Wl,-rpath -Wl,${libtool:location}/lib -L${mariadb:location}/lib -Wl,-rpath -Wl,${mariadb:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -L${libmcrypt:location}/lib -Wl,-rpath -Wl,${libmcrypt:location}/libblkid
PATH=${pkgconfig:location}/bin:${bzip2:location}/bin:${libxml2:location}/bin:%(PATH)s
LDFLAGS =-L${bzip2:location}/lib -Wl,-rpath -Wl,${bzip2:location}/lib -L${libtool:location}/lib -Wl,-rpath -Wl,${libtool:location}/lib -L${mariadb:location}/lib -Wl,-rpath -Wl,${mariadb:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -L${libmcrypt:location}/lib -Wl,-rpath -Wl,${libmcrypt:location}/libblkid
[libmcrypt]
......@@ -64,4 +67,4 @@ md5sum = c4f491dd411a09e9de3b8702ea6f73eb
[xml-rpc]
recipe = hexagonit.recipe.cmmi
url = http://downloads.sourceforge.net/project/phpxmlrpc/phpxmlrpc/2.2.2/xmlrpc-2.2.2.tar.gz
md5sum = 59a644c636c6d98267d0c99b406ae9e8
\ No newline at end of file
md5sum = 59a644c636c6d98267d0c99b406ae9e8
......@@ -13,14 +13,30 @@ extends =
../sqlite3/buildout.cfg
../zlib/buildout.cfg
[apr]
recipe = hexagonit.recipe.download
version = 1.4.6
url = http://mir2.ovh.net/ftp.apache.org/dist/apr/apr-${:version}.tar.bz2
md5sum = ffee70a111fd07372982b0550bbb14b7
[apr-util]
recipe = hexagonit.recipe.download
version = 1.4.1
url = http://mir2.ovh.net/ftp.apache.org/dist/apr/apr-util-${:version}.tar.bz2
md5sum = 52b31b33fb1aa16e65ddaefc76e41151
[apache]
# inspired on http://old.aclark.net/team/aclark/blog/a-lamp-buildout-for-wordpress-and-other-php-apps/
recipe = hexagonit.recipe.cmmi
depends =
${gdbm:version}
url = http://mir2.ovh.net/ftp.apache.org/dist//httpd/httpd-2.2.22.tar.bz2
md5sum = 9fe3093194c8a57f085ff7c3fc43715f
configure-options = --disable-static
version = 2.4.1
revision = 1
url = http://mir2.ovh.net/ftp.apache.org/dist/httpd/httpd-${:version}.tar.bz2
md5sum = 7d3001c7a26b985d17caa367a868f11c
configure-command = cp -ar ${apr:location}/apr-${apr:version} srclib/apr/; cp -ar ${apr-util:location}/apr-util-${apr-util:version} srclib/apr-util; ./configure
configure-options = --prefix=${buildout:parts-directory}/${:_buildout_section_name_}
--disable-static
--enable-authn-alias
--enable-bucketeer
--enable-cache
......@@ -47,6 +63,7 @@ configure-options = --disable-static
--enable-dav-fs
--enable-so
--enable-ssl
--disable-lua
--with-included-apr
--with-ssl=${openssl:location}
--with-z=${zlib:location}
......@@ -72,11 +89,27 @@ environment =
CPPFLAGS =-I${libuuid:location}/include
LDFLAGS =-Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib -Wl,-rpath=${libexpat:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${gdbm:location}/lib
[mod_antiloris-apache-2.4.patch]
# http://www.apachelounge.com/viewtopic.php?p=19139
# http://www.apachelounge.com/viewtopic.php?p=20551
recipe = hexagonit.recipe.download
url =${:_profile_base_location_}/${:filename}
filename = mod_antiloris-apache-2.4.patch
download-only = true
md5sum = 4f074f035d3b37f3f3e71cd9616440f3
[apache-antiloris]
# Note: Shall react on each build of apache and reinstall itself
recipe = hexagonit.recipe.cmmi
url = http://sourceforge.net/projects/mod-antiloris/files/mod_antiloris-0.4.tar.bz2/download
md5sum = 66862bf10e9be3a023e475604a28a0b4
patch-options = -p0
patches =
${mod_antiloris-apache-2.4.patch:location}/${mod_antiloris-apache-2.4.patch:filename}
depends =
${apache:version}
${apache:revision}
${mod_antiloris-apache-2.4.patch:md5sum}
configure-command = ${apache:location}/bin/apxs
configure-options = -c mod_antiloris.c
make-binary = ${:configure-command}
......
--- mod_antiloris.c.orig 2009-07-28 15:27:42.000000000 +0200
+++ mod_antiloris.c 2012-03-06 11:05:50.167576066 +0100
@@ -1,5 +1,5 @@
/*
- mod_antiloris 0.2
+ mod_antiloris 0.5
Copyright (C) 2008 Monshouwer Internet Diensten
Author: Kees Monshouwer
@@ -22,11 +22,16 @@
#include "http_connection.h"
#include "http_log.h"
#include "ap_mpm.h"
+#include "ap_release.h"
#include "apr_strings.h"
#include "scoreboard.h"
#define MODULE_NAME "mod_antiloris"
-#define MODULE_VERSION "0.4"
+#define MODULE_VERSION "0.5.1"
+
+#ifdef APLOG_USE_MODULE
+APLOG_USE_MODULE(antiloris);
+#endif
module AP_MODULE_DECLARE_DATA antiloris_module;
@@ -58,6 +63,8 @@
/* Parse the IPReadLimit directive */
static const char *ipreadlimit_config_cmd(cmd_parms *parms, void *mconfig, const char *arg)
{
+ signed long int limit;
+
antiloris_config *conf = ap_get_module_config(parms->server->module_config, &antiloris_module);
const char *err = ap_check_cmd_context (parms, GLOBAL_ONLY);
@@ -65,7 +72,7 @@
return err;
}
- signed long int limit = strtol(arg, (char **) NULL, 10);
+ limit = strtol(arg, (char **) NULL, 10);
/* No reasonable person would want more than 2^16. Better would be
to use LONG_MAX but that causes portability problems on win32 */
@@ -80,7 +87,7 @@
/* Array describing structure of configuration directives */
static command_rec antiloris_cmds[] = {
- AP_INIT_TAKE1("IPReadLimit", ipreadlimit_config_cmd, NULL, RSRC_CONF, "Maximum simultaneous connections in READ state per IP address"),
+ AP_INIT_TAKE1("IPReadLimit", ipreadlimit_config_cmd, NULL, RSRC_CONF, "Maximum simultaneous connections per IP address"),
{NULL}
};
@@ -103,12 +110,15 @@
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, MODULE_NAME " " MODULE_VERSION " started");
ap_mpm_query(AP_MPMQ_HARD_LIMIT_THREADS, &thread_limit);
ap_mpm_query(AP_MPMQ_HARD_LIMIT_DAEMONS, &server_limit);
+ ap_add_version_component(p, MODULE_NAME "/" MODULE_VERSION);
return OK;
}
static int pre_connection(conn_rec *c)
{
+ char *client_ip;
+
antiloris_config *conf = ap_get_module_config (c->base_server->module_config, &antiloris_module);
sb_handle *sbh = c->sbh;
@@ -123,16 +133,26 @@
worker_score *ws_record;
ws_record = &ap_scoreboard_image->servers[sbh->child_num][sbh->thread_num];
- apr_cpystrn(ws_record->client, c->remote_ip, sizeof(ws_record->client));
+ apr_cpystrn(ws_record->client, c->client_ip, sizeof(ws_record->client));
- char *client_ip = ws_record->client;
+ client_ip = ws_record->client;
/* Count up the number of connections we are handling right now from this IP address */
for (i = 0; i < server_limit; ++i) {
for (j = 0; j < thread_limit; ++j) {
- ws_record = ap_get_scoreboard_worker(i, j);
+#if AP_SERVER_MAJORVERSION_NUMBER == 2 && AP_SERVER_MINORVERSION_NUMBER > 2
+ ws_record = ap_get_scoreboard_worker_from_indexes(i, j);
+#else
+ ws_record = ap_get_scoreboard_worker(i, j);
+#endif
switch (ws_record->status) {
case SERVER_BUSY_READ:
+ case SERVER_BUSY_WRITE:
+ case SERVER_BUSY_KEEPALIVE:
+ case SERVER_BUSY_DNS:
+ case SERVER_BUSY_LOG:
+ case SERVER_CLOSING:
+ case SERVER_GRACEFUL:
if (strcmp(client_ip, ws_record->client) == 0)
ip_count++;
break;
@@ -143,7 +163,7 @@
}
if (ip_count > conf->limit) {
- ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "Rejected, too many connections in READ state from %s", c->remote_ip);
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "[client %s] Antiloris rejected, too many connections", c->client_ip);
return OK;
} else {
return DECLINED;
@@ -151,17 +171,10 @@
}
-static void child_init (apr_pool_t *p, server_rec *s)
-{
- ap_add_version_component(p, MODULE_NAME "/" MODULE_VERSION);
-}
-
-
static void register_hooks(apr_pool_t *p)
{
ap_hook_post_config(post_config, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_process_connection(pre_connection, NULL, NULL, APR_HOOK_FIRST);
- ap_hook_child_init(child_init, NULL, NULL, APR_HOOK_MIDDLE);
}
module AP_MODULE_DECLARE_DATA antiloris_module = {
[buildout]
parts =
aspell
extends =
../ncurses/buildout.cfg
[aspell]
recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/aspell/aspell-0.60.6.1.tar.gz
md5sum = e66a9c9af6a60dc46134fdacf6ce97d7
......@@ -10,7 +10,7 @@ parts =
[automake-1.11]
recipe = hexagonit.recipe.cmmi
md5sum = c2972c4d9b3e29c03d5f2af86249876f
url = http://ftp.gnu.org/gnu/automake/automake-1.11.1.tar.bz2
md5sum = 93ecb319f0365cb801990b00f658d026
url = http://ftp.gnu.org/gnu/automake/automake-1.11.3.tar.gz
environment =
PATH =${autoconf:location}/bin:${perl:location}/bin:%(PATH)s
[buildout]
extends =
../dcron/buildout.cfg
../libxml2/buildout.cfg
../logrotate/buildout.cfg
../rdiff-backup/buildout.cfg
../nodejs/buildout.cfg
parts =
nodejs
npm
cloud9
[cloud9]
<= cloud9-git
[cloud9-git]
# Online IDE written in javascript/node.js
# URL : c9.io
# You can use it using the following command :
# NODE_PATH=${:destination}/node_modules ${nodejs:node_location} ${:cloud9_js_location}
recipe = plone.recipe.command
stop-on-error = true
commit = 97db1467c517d265438684bd2a70b0b76ee282f6
repository = https://github.com/ajaxorg/cloud9.git
location = ${buildout:parts-directory}/${:_buildout_section_name_}
git-binary = ${git:location}/bin/git
npm-binary = ${nodejs-0.4:location}/bin/node ${npm:location}/bin/npm
command = export GIT_SSL_NO_VERIFY=true; (${:git-binary} clone --quiet ${:repository} ${:location} && cd ${:location} && ${:git-binary} reset --hard ${:commit} && ${:git-binary} submodule update --init && cd support/jsdav && PATH=${nodejs-0.4:location}/bin:$PATH LDFLAGS=-L${libxml2:location}/lib ${:npm-binary} install) || (rm -fr ${:location}; exit 1)
update-command =
[cloud9-npm]
# Online IDE written in javascript/node.js
# URL : c9.io
# You can use it using the following command :
# NODE_PATH=${:destination}/node_modules ${nodejs:node_location} ${:cloud9_js_location}
recipe = slapos.recipe.npm
# Node part has to be specified, otherwise system node is used.
node = nodejs-0.6
# List of packages to install
packages =
cloud9
# Specify environment jsDAV (dependency of cloud9) needs libxml2
environment =
LDFLAGS=-L${libxml2:location}/lib -Wl,-rpath=${libxml2:location}/lib
......@@ -8,8 +8,8 @@ extends =
[file]
recipe = hexagonit.recipe.cmmi
url = ftp://ftp.astron.com/pub/file/file-5.10.tar.gz
md5sum = 4cea34b087b060772511e066e2038196
url = ftp://ftp.astron.com/pub/file/file-5.11.tar.gz
md5sum = 16a407bd66d6c7a832f3a5c0d609c27b
configure-options =
--disable-static
environment =
......
......@@ -20,8 +20,8 @@ depends =
${liberation-fonts:location}
${ipaex-fonts:location}
x86 = http://releases.mozilla.org/pub/mozilla.org/firefox/releases/7.0.1/linux-i686/fr/firefox-7.0.1.tar.bz2 42c2559892f26ed2a0563faaf693a00f
x86-64 = http://releases.mozilla.org/pub/mozilla.org/firefox/releases/7.0.1/linux-x86_64/en-US/firefox-7.0.1.tar.bz2 20d6c8e3dfc97d08d1dec7d0479f924f
x86 = http://releases.mozilla.org/pub/mozilla.org/firefox/releases/11.0/linux-i686/fr/firefox-11.0.tar.bz2 a7e9c614ddac993476ef771afaedf568
x86-64 = http://releases.mozilla.org/pub/mozilla.org/firefox/releases/11.0/linux-x86_64/fr/firefox-11.0.tar.bz2 b358865c08145211314a62660e871614
script =
if not self.options.get('url'): self.options['url'], self.options['md5sum'] = self.options[guessPlatform()].split(' ')
......
......@@ -4,6 +4,7 @@ extends =
../freetype/buildout.cfg
../libxml2/buildout.cfg
../pkgconfig/buildout.cfg
../bzip2/buildout.cfg
../zlib/buildout.cfg
parts =
......@@ -23,5 +24,5 @@ configure-options =
environment =
PATH=${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${libxml2:location}/lib/pkgconfig
CPPFLAGS=-I${zlib:location}/include
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
CPPFLAGS=-I${zlib:location}/include -I${bzip2:location}/include
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib
......@@ -3,6 +3,7 @@
[buildout]
extends =
../bzip2/buildout.cfg
../zlib/buildout.cfg
parts =
......@@ -10,10 +11,10 @@ parts =
[freetype]
recipe = hexagonit.recipe.cmmi
url = http://download.savannah.gnu.org/releases/freetype/freetype-2.4.8.tar.bz2
md5sum = dbf2caca1d3afd410a29217a9809d397
url = http://download.savannah.gnu.org/releases/freetype/freetype-2.4.9.tar.bz2
md5sum = 77a893dae81fd5b896632715ca041179
configure-options =
--disable-static
environment =
CPPFLAGS=-I${zlib:location}/include
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
CPPFLAGS=-I${bzip2:location}/include -I${zlib:location}/include
LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
......@@ -20,6 +20,7 @@ configure-options =
--without-emacs
--disable-acl
--disable-openmp
--without-git
environment =
CPPFLAGS=-I${libxml2:location}/include -I${zlib:location}/include -I${ncurses:location}/include
......
......@@ -9,24 +9,25 @@ parts = ghostscript
[ghostscript-common]
recipe = hexagonit.recipe.cmmi
depends =
${libtiff:version}
configure-options =
--disable-cups
--disable-cairo
--with-system-libtiff
--without-x
--with-drivers=FILES
# it seems that parallel build sometimes fails for ghostscript.
make-options = -j1
environment =
PATH=${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${fontconfig:location}/lib/pkgconfig
CPPFLAGS=-I${libtiff:location}/include
LDFLAGS=-Wl,-rpath=${fontconfig:location}/lib -L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib -L${libtiff:location}/lib -Wl,-rpath=${libtiff:location}/lib
LD_LIBRARY_PATH=${fontconfig:location}/lib
PKG_CONFIG_PATH=${fontconfig:location}/lib/pkgconfig:${libtiff:location}/lib/pkgconfig
LDFLAGS=-Wl,-rpath=${fontconfig:location}/lib -L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib -Wl,-rpath=${libtiff:location}/lib
LD_LIBRARY_PATH=${fontconfig:location}/lib:${libtiff:location}/lib
[ghostscript]
<= ghostscript-9
[ghostscript-9]
<= ghostscript-common
url = http://downloads.ghostscript.com/public/ghostscript-9.04.tar.bz2
md5sum = 9f6899e821ab6d78ab2c856f10fa3023
url = http://downloads.ghostscript.com/public/ghostscript-9.05.tar.bz2
md5sum = 8bcef1f33ddf8a4d12b2cf8da385c191
......@@ -13,8 +13,8 @@ parts =
[git]
recipe = hexagonit.recipe.cmmi
url = http://git-core.googlecode.com/files/git-1.7.8.3.tar.gz
md5sum = 7a4bc5160166537d4da5eb48a7670dff
url = http://git-core.googlecode.com/files/git-1.7.8.4.tar.gz
md5sum = e6c3319d76d52a830af395046fc56143
configure-options =
--with-curl=${curl:location}
--with-openssl=${openssl:location}
......
......@@ -13,13 +13,13 @@ md5sum = 7c2710ef439f82ac429b88fec88e9a4c
[gcrypt]
recipe = hexagonit.recipe.cmmi
url = ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.6.tar.gz
md5sum = bfd45922eefb8a24d598af77366220d4
url = ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.5.0.tar.gz
md5sum = 78f8f8bec4580f75b25816f7896d0389
configure-options =
--with-gpg-error-prefix=${gpg-error:location}
environment =
CPPFLAGS=-I${gpg-error:location}/include
LDFLAGS=-Wl,-rpath -Wl,${gpg-error:location}/lib -Wl,${gpg-error:location}/lib/libgpg-error.so.0
LDFLAGS=-lgpg-error -L${gpg-error:location}/lib -Wl,-rpath=${gpg-error:location}/lib
[gnutls]
# XXX-Cedric : update to latest gnutls
......@@ -28,7 +28,8 @@ url = ftp://ftp.gnupg.org/gcrypt/gnutls/gnutls-2.8.6.tar.bz2
md5sum = eb0a6d7d3cb9ac684d971c14f9f6d3ba
configure-options =
--with-libgcrypt-prefix=${gcrypt:location}
--disable-static
environment =
CPPFLAGS=-I${zlib:location}/include -I${readline:location}/include -I${ncurses:location}/include -I${ncurses:location}/include/ncursesw -I${gcrypt:location}/include -I${gpg-error:location}/include
LDFLAGS=-L${readline:location}/lib -L${ncurses:location}/lib -L${gcrypt:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -Wl,-rpath -Wl,${readline:location}/lib -Wl,-rpath -Wl,${ncurses:location}/lib -Wl,-rpath -Wl,${gcrypt:location}/lib -Wl,-rpath -Wl,${gpg-error:location}/lib -Wl,${gcrypt:location}/lib/libgcrypt.so.11
LDFLAGS=-lgcrypt -L${readline:location}/lib -Wl,-rpath=${readline:location}/lib -L${ncurses:location}/lib -Wl,-rpath=${ncurses:location}/lib -L${gcrypt:location}/lib -Wl,-rpath=${gcrypt:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${gpg-error:location}/lib -Wl,-rpath=${gpg-error:location}/lib
PKG_CONFIG=${zlib:location}/lib/pkgconfig
......@@ -5,6 +5,7 @@
parts =
graphviz
extends =
../bzip2/buildout.cfg
../fontconfig/buildout.cfg
../freetype/buildout.cfg
../libpng/buildout.cfg
......@@ -50,5 +51,5 @@ configure-options =
environment =
PATH=${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${fontconfig:location}/lib/pkgconfig:${freetype:location}/lib/pkgconfig
CPPFLAGS=-I${zlib:location}/include
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
CPPFLAGS=-I${bzip2:location}/include -I${zlib:location}/include
LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
......@@ -7,10 +7,11 @@ parts =
[groonga]
recipe = hexagonit.recipe.cmmi
url = http://packages.groonga.org/source/groonga/groonga-1.2.9.tar.gz
md5sum = 47117baa401a3db08362e00f94fced12
url = http://packages.groonga.org/source/groonga/groonga-2.0.0.tar.gz
md5sum = 09e6a34db15cf42b6a3aff07e0f841ff
configure-options =
--disable-static
--disable-glibtest
--disable-benchmark
--disable-document
--without-mecab
......@@ -10,6 +10,6 @@ configure-command = true
# otherwise use "generic".
# For ARCH value, x86_64 and i[3456]86 are supported.
make-options =
TARGET="$(uname -sr 2>/dev/null|grep -q '^Linux 2\.6' && echo linux26 || echo generic)"
TARGET="$(uname -sr 2>/dev/null|grep -Eq '^Linux (2\.6|3)' && echo linux26 || echo generic)"
ARCH="$(uname -m 2>/dev/null|grep -E '^(x86_64|i[3456]86)$')"
PREFIX=${buildout:parts-directory}/${:_buildout_section_name_}
......@@ -27,8 +27,10 @@ filename = imagemagick-6.6.6-1-no-gsx-gsc-probe.patch
[imagemagick]
recipe = hexagonit.recipe.cmmi
url = ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick-6.7.3-10.tar.bz2
md5sum = 3c1d1a04b1ed2998217e16001b58069f
url = ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick-6.7.5-10.tar.bz2
md5sum = 99bc7ec1e756fa75f1af6150df3d1383
depends =
${libtiff:version}
configure-options =
--disable-static
--without-x
......
......@@ -29,8 +29,8 @@ slapos_promisee =
directory:javaws
file:lib/rt.jar
file:bin/java
x86 = http://javadl.sun.com/webapps/download/AutoDL?BundleId=52240 0bd27d325c5ce11ce863d982ad052f7f
x86-64 = http://javadl.sun.com/webapps/download/AutoDL?BundleId=52242 a4d929bc4d6511290c07c3745477b77b
x86 = http://download.oracle.com/otn-pub/java/jdk/6u30-b12/jre-6u30-linux-i586.bin 3e80243483bc825c34ae01a4373cce5f
x86-64 = http://download.oracle.com/otn-pub/java/jdk/6u30-b12/jre-6u30-linux-x64.bin a4d28c49251d6b9c2d300b3d61f1ce95
script =
if not self.options.get('url'): self.options['url'], self.options['md5sum'] = self.options[guessPlatform()].split(' ')
download_file = self.download(self.options['url'], self.options.get('md5sum'))
......@@ -43,7 +43,7 @@ script =
subprocess.call([auto_extract_bin])
self.cleanup_dir_list.append(extract_dir)
workdir = guessworkdir(extract_dir)
self.copyTree(os.path.join(workdir, "jre1.6.0_27"), "%(location)s")
self.copyTree(os.path.join(workdir, "jre1.6.0_30"), "%(location)s")
[java-sdk-1.6.0]
recipe = slapos.recipe.build
......
......@@ -4,7 +4,7 @@ parts =
[libjpeg]
recipe = hexagonit.recipe.cmmi
url = http://www.ijg.org/files/jpegsrc.v8b.tar.gz
md5sum = e022acbc5b36cd2cb70785f5b575661e
url = http://www.ijg.org/files/jpegsrc.v8d.tar.gz
md5sum = 52654eb3b2e60c35731ea8fc87f1bd29
configure-options =
--disable-static
......@@ -3,6 +3,7 @@ extends =
../zlib/buildout.cfg
parts =
libpng12
libpng
[libpng-common]
......@@ -13,7 +14,12 @@ environment =
CPPFLAGS =-I${zlib:location}/include
LDFLAGS =-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
[libpng12]
<= libpng-common
url = http://download.sourceforge.net/libpng/libpng-1.2.47.tar.bz2
md5sum = 4389dab9fcd2f9d57ac14701b9115f59
[libpng]
<= libpng-common
url = http://download.sourceforge.net/libpng/libpng-1.5.5.tar.bz2
md5sum = 3270bf2990c3174ae939388398de751e
url = http://download.sourceforge.net/libpng/libpng-1.5.9.tar.bz2
md5sum = 684ba5f05da436a99c6303a83c7856d6
......@@ -12,15 +12,15 @@ find-links =
[libreoffice-bin]
recipe = slapos.recipe.build
# here, two %s are used, first one is for directory name (eg. x86_64), and second one is for filename (eg. x86-64).
version = 3.4.5
version = 3.5.1
url = http://download.documentfoundation.org/libreoffice/stable/${:version}/rpm/%s/LibO_${:version}_Linux_%s_install-rpm_en-US.tar.gz
# supported architectures md5sums
md5sum_x86 = 34786e6aa570782abac551ab092f3fb3
md5sum_x86-64 = 2159a50daab707c02b669a83f635ff0c
md5sum_x86 = ee46fdafb8361b8e131994508c2723b3
md5sum_x86-64 = ddda58719358e5c97ca5d1c118646574
# where office code can be found?
officedir = libreoffice3.4
officedir = libreoffice3.5
# script to install
script =
......@@ -38,7 +38,11 @@ script =
rpmsdir = os.path.join(workdir, [q for q in os.listdir(workdir) if q == 'RPMS'][0])
rpmlist = [os.path.join(rpmsdir, q) for q in os.listdir(rpmsdir) if q.endswith('.rpm') and 'javafilter' not in q and 'xsltfilter' not in q]
[self.pipeCommand([[sys.executable, '${:rpm2cpio}', rpm], ['${:cpio}', '-idum']], cwd=storagedir) for rpm in rpmlist]
self.copyTree(os.path.join(storagedir, 'opt', '${:officedir}'), location, ['basis3.4', 'ure'])
self.copyTree(os.path.join(storagedir, 'opt', '${:officedir}'), location, ['ure-link'])
os.symlink('ure', os.path.join(location, 'ure-link'))
# backward compatibility for cloudooo configuration
os.mkdir(os.path.join(location, 'basis-link'))
os.symlink(os.path.join('..', 'program'), os.path.join(location, 'basis-link', 'program'))
# helper binaries
cpio = ${cpio:location}/bin/cpio
......
......@@ -9,10 +9,11 @@ parts =
[libtiff]
recipe = hexagonit.recipe.cmmi
#url = http://download.osgeo.org/libtiff/tiff-3.9.5.tar.gz
version = 4.0.1
#url = http://download.osgeo.org/libtiff/tiff-${:version}.tar.gz
# server is down - circumvent
url = http://www.imagemagick.org/download/delegates/tiff-3.9.5.tar.gz
md5sum = 8fc7ce3b4e1d0cc8a319336967815084
url = http://www.imagemagick.org/download/delegates/tiff-${:version}.tar.gz
md5sum = fae149cc9da35c598d8be897826dfc63
configure-options =
--disable-static
--without-x
......
......@@ -3,10 +3,13 @@
[buildout]
extends =
../cmake/buildout.cfg
../zlib/buildout.cfg
../groonga/buildout.cfg
../libaio/buildout.cfg
../libevent/buildout.cfg
../ncurses/buildout.cfg
../openssl/buildout.cfg
../pkgconfig/buildout.cfg
../readline/buildout.cfg
......@@ -22,9 +25,9 @@ download-only = true
[mariadb]
recipe = hexagonit.recipe.cmmi
version = 5.3.3-rc
version = 5.3.5-ga
url = http://downloads.askmonty.org/f/mariadb-${:version}/kvm-tarbake-jaunty-x86/mariadb-${:version}.tar.gz/from/http:/ftp.osuosl.org/pub/mariadb
md5sum = 715c61bb101acc7d37e893f6a9de9267
md5sum = 98ce0441b37c8d681855150495fdc03b
# compile directory is required to build mysql plugins.
keep-compile-dir = true
# configure: how to avoid searching for my.cnf?
......@@ -42,10 +45,9 @@ configure-options =
--with-extra-charsets=complex
--with-collation=utf8_unicode_ci
--with-big-tables
--with-embedded-server
--without-embedded-server
--with-plugins=max-no-ndb
--with-aria-tmp-tables
--without-plugin-innodb_plugin
--without-plugin-oqgraph
--without-readline
--with-ssl
......@@ -61,11 +63,68 @@ environment =
[mroonga-mariadb]
recipe = hexagonit.recipe.cmmi
url = https://github.com/downloads/mroonga/mroonga/mroonga-1.11.tar.gz
md5sum = 69e56246226e0b9969ee7f99e08aa7da
url = https://github.com/downloads/mroonga/mroonga/mroonga-2.00.tar.gz
md5sum = 49dab92863b5c3fa1d49344c73357ca2
configure-options =
--with-mysql-source=${mariadb:location}__compile__/mariadb-${mariadb:version}
--with-mysql-config=${mariadb:location}/bin/mysql_config
depends =
${mariadb:version}
environment =
PATH=${groonga:location}/bin:${pkgconfig:location}/bin:%(PATH)s
CPPFLAGS=-I${groonga:location}/include/groonga
LDFLAGS=-L${groonga:location}/lib
PKG_CONFIG_PATH=${groonga:location}/lib/pkgconfig
[mariadb-5.5-no_test-patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = 14e6d713c16298a10f40d29f2b799aca
filename = mariadb_5.5_create_system_tables__no_test.patch
download-only = true
[mariadb-5.5]
recipe = hexagonit.recipe.cmmi
version = 5.5.20
url = http://downloads.askmonty.org/f/mariadb-${:version}/kvm-tarbake-jaunty-x86/mariadb-${:version}.tar.gz/from/http://ftp.osuosl.org/pub/mariadb
md5sum = e618343b5039fa468c0e1e6098785e3c
# compile directory is required to build mysql plugins.
keep-compile-dir = true
patch-options = -p0
patches =
${mariadb-5.5-no_test-patch:location}/${mariadb-5.5-no_test-patch:filename}
configure-command = ${cmake:location}/bin/cmake
configure-options =
-DCMAKE_INSTALL_PREFIX=${buildout:parts-directory}/${:_buildout_section_name_}
-DBUILD_CONFIG=mysql_release
-DDEFAULT_CHARSET=utf8
-DDEFAULT_COLLATION=utf8_unicode_ci
-DWITH_SSL=system
-DWITH_ZLIB=system
-DWITH_READLINE=0
-DWITH_PIC=1
-DWITH_EXTRA_CHARSETS=complex
-DWITH_EMBEDDED_SERVER=0
-DWITHOUT_EXAMPLE_STORAGE_ENGINE=1
-DWITHOUT_DAEMON_EXAMPLE=1
-DWITH_SPHINX_STORAGE_ENGINE=1
-DCMAKE_C_FLAGS="-I${libaio:location}/include -I${ncurses:location}/include -I${openssl:location}/include -I${readline5:location}/include -I${zlib:location}/include"
-DCMAKE_INSTALL_RPATH=${libaio:location}/lib:${ncurses:location}/lib:${openssl:location}/lib:${readline5:location}/lib:${zlib:location}/lib
environment =
CMAKE_PROGRAM_PATH=${cmake:location}/bin
CMAKE_INCLUDE_PATH=${libaio:location}/include:${ncurses:location}/include:${openssl:location}/include:${readline5:location}/include:${zlib:location}/include
CMAKE_LIBRARY_PATH=${libaio:location}/lib:${ncurses:location}/lib:${openssl:location}/lib:${readline5:location}/lib:${zlib:location}/lib
LDFLAGS=-L${libaio:location}/lib
[mroonga-mariadb-5.5]
recipe = hexagonit.recipe.cmmi
url = https://github.com/downloads/mroonga/mroonga/mroonga-2.00.tar.gz
md5sum = 49dab92863b5c3fa1d49344c73357ca2
configure-options =
--with-mysql-source=${mariadb-5.5:location}__compile__/mariadb-${mariadb-5.5:version}
--with-mysql-config=${mariadb-5.5:location}/bin/mysql_config
depends =
${mariadb-5.5:version}
environment =
PATH=${groonga:location}/bin:${pkgconfig:location}/bin:%(PATH)s
CPPFLAGS=-I${groonga:location}/include/groonga
......
......@@ -3,6 +3,6 @@ parts =
noVNC
[noVNC]
recipe = hexagonit.recipe.download
url = https://github.com/kanaka/noVNC/tarball/master
recipe = slapos.recipe.build:download-unpacked
url = https://github.com/kanaka/noVNC/tarball/v0.2
strip-top-level-dir = true
[buildout]
extends =
../git/buildout.cfg
../pkgconfig/buildout.cfg
../openssl/buildout.cfg
../python-2.7/buildout.cfg
../zlib/buildout.cfg
parts =
nodejs
[nodejs]
# Server-side Javascript.
recipe = hexagonit.recipe.cmmi
url = http://nodejs.org/dist/v0.6.12/node-v0.6.12.tar.gz
md5sum = a12766ae4003c9712927d1fa134ed9f6
configure-options =
--openssl-includes=${openssl:location}/include
--openssl-libpath=${openssl:location}/lib
environment =
PATH=${pkgconfig:location}/bin:${python2.7:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${openssl:location}/lib/pkgconfig/
CPPFLAGS=-I${zlib:location}/include
LDFLAGS=-Wl,-rpath=${openssl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
[nodejs-0.4]
recipe = hexagonit.recipe.cmmi
url = http://nodejs.org/dist/node-v0.4.12.tar.gz
md5sum = a6375eaa43db5356bf443e25b828ae16
configure-options =
--openssl-includes=${openssl:location}/include
--openssl-libpath=${openssl:location}/lib
environment =
PATH=${pkgconfig:location}/bin:${python2.7:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${openssl:location}/lib/pkgconfig/
CPPFLAGS=-I${zlib:location}/include
LDFLAGS=-Wl,-rpath=${openssl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
[npm]
# Node.js Package Manager
# Deprecated. Included in node >= 0.6.3.
recipe = plone.recipe.command
location = ${buildout:parts-directory}/${:_buildout_section_name_}
stop-on-error = true
commit = 3136abc5c6b3ed332c4700ece24450fada63639b
origin = https://github.com/isaacs/npm.git
git-bin = ${git:location}/bin/git
node-bin = ${nodejs-0.4:location}/bin/node
command = (GIT_SSL_NO_VERIFY=true ${:git-bin} clone --quiet ${:origin} ${:location} && cd ${:location} && ${:git-bin} reset --hard ${:commit} && ${:location}/configure --prefix=${:location} && GIT_SSL_NO_VERIFY=true ${:git-bin} submodule update --init --recursive && ${:node-bin} cli.js install npm@1.0.106 -g -f) || (rm -fr ${:location}; exit 1)
update-command =
......@@ -19,12 +19,20 @@ url = ${:_profile_base_location_}/${:filename}
filename = ${:_buildout_section_name_}
download-only = true
[openssl-exlibs.patch]
recipe = hexagonit.recipe.download
md5sum = dfb8979460d6d75f2d23d1ea83bbb40a
url = ${:_profile_base_location_}/${:filename}
filename = ${:_buildout_section_name_}
download-only = true
[openssl]
recipe = hexagonit.recipe.cmmi
url = https://www.openssl.org/source/openssl-1.0.0g.tar.gz
md5sum = 07ecbe4324f140d157478637d6beccf1
url = https://www.openssl.org/source/openssl-1.0.1.tar.gz
md5sum = 134f168bc2a8333f19f81d684841710b
patches =
${openssl-nodoc.patch:location}/${openssl-nodoc.patch:filename}
${openssl-exlibs.patch:location}/${openssl-exlibs.patch:filename}
patch-options = -p0
configure-command = ./config
configure-options =
......@@ -33,13 +41,11 @@ configure-options =
--openssldir=${buildout:parts-directory}/${:_buildout_section_name_}/etc/ssl
--prefix=${buildout:parts-directory}/${:_buildout_section_name_}
--libdir=lib
shared
no-zlib
shared no-idea no-mdc2 no-rc5 zlib
-Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${buildout:parts-directory}/${:_buildout_section_name_}/lib
# it seems that parallel build sometimes fails for openssl.
make-options =
-j1
make-targets =
install && rm -f ${buildout:parts-directory}/${:_buildout_section_name_}/etc/ssl/certs/* && for i in ${ca-certificates:location}/certs/*/*.crt; do ln -sv $i ${buildout:parts-directory}/${:_buildout_section_name_}/etc/ssl/certs/`${buildout:parts-directory}/${:_buildout_section_name_}/bin/openssl x509 -hash -noout -in $i`.0; done; true
LDFLAGS="-Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${buildout:parts-directory}/${:_buildout_section_name_}/lib"
SHARED_LDFLAGS="-Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${buildout:parts-directory}/${:_buildout_section_name_}/lib"
--- engines/ccgost/Makefile~ 2010-08-24 23:46:34.000000000 +0200
+++ engines/ccgost/Makefile 2012-03-14 10:11:46.826419864 +0100
@@ -7,6 +7,7 @@
AR= ar r
CFLAGS= $(INCLUDES) $(CFLAG)
LIB=$(TOP)/libcrypto.a
+EX_LIBS=
LIBSRC= gost2001.c gost2001_keyx.c gost89.c gost94_keyx.c gost_ameth.c gost_asn1.c gost_crypt.c gost_ctl.c gost_eng.c gosthash.c gost_keywrap.c gost_md.c gost_params.c gost_pmeth.c gost_sign.c
@@ -32,7 +33,7 @@
$(MAKE) -f $(TOP)/Makefile.shared -e \
LIBNAME=$(LIBNAME) \
LIBEXTRAS='$(LIBOBJ)' \
- LIBDEPS='-L$(TOP) -lcrypto' \
+ LIBDEPS='-L$(TOP) -lcrypto $(EX_LIBS)' \
link_o.$(SHLIB_TARGET); \
else \
$(AR) $(LIB) $(LIBOBJ); \
......@@ -10,7 +10,7 @@ parts =
recipe = hexagonit.recipe.cmmi
depends =
${perl:version}
url = http://www.percona.com/redir/downloads/percona-toolkit/percona-toolkit-2.0.1.tar.gz
md5sum = 3a78c78672cb7c634bda35dfb2f817bf
url = http://www.percona.com/redir/downloads/percona-toolkit/2.0.4/percona-toolkit-2.0.4.tar.gz
md5sum = df7dffcccb48d50f143849629228d4b4
configure-command =
${perl:location}/bin/perl Makefile.PL
[buildout]
parts = poppler
extends =
../bzip2/buildout.cfg
../fontconfig/buildout.cfg
../freetype/buildout.cfg
../jbigkit/buildout.cfg
......@@ -17,10 +18,12 @@ extends =
recipe = hexagonit.recipe.cmmi
md5sum = b566d1fbaa29b9257bf0ecc130e7b2ca
url = http://poppler.freedesktop.org/poppler-0.17.2.tar.gz
depends =
${libtiff:version}
configure-options =
--disable-cairo-output
--disable-cms
--disable-curl
--disable-libcurl
--disable-gtk-doc-html
--disable-gtk-test
--disable-poppler-cpp
......@@ -31,5 +34,5 @@ configure-options =
environment =
PATH=${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${fontconfig:location}/lib/pkgconfig:${freetype:location}/lib/pkgconfig:${libpng:location}/lib/pkgconfig
CPPFLAGS=-I${libjpeg:location}/include -I${libpng:location}/include -I${libtiff:location}/include -I${zlib:location}/include
LDFLAGS=-L${jbigkit:location}/lib -Wl,-rpath=${jbigkit:location}/lib -L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib -L${libtiff:location}/lib -Wl,-rpath=${libtiff:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
CPPFLAGS=-I${bzip2:location}/include -I${libjpeg:location}/include -I${libpng:location}/include -I${libtiff:location}/include -I${zlib:location}/include
LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib -L${jbigkit:location}/lib -Wl,-rpath=${jbigkit:location}/lib -L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib -L${libtiff:location}/lib -Wl,-rpath=${libtiff:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
......@@ -30,16 +30,18 @@ depends =
# other settings in this part if we don't set it explicitly here.
prefix = ${buildout:parts-directory}/${:_buildout_section_name_}
version = 2.6
package_version = ${:version}.7
package_version = ${:version}.8
package_version_suffix = rc1
executable = ${:prefix}/bin/python${:version}
url =
http://python.org/ftp/python/${:package_version}/Python-${:package_version}.tar.bz2
md5sum = d40ef58ed88438a870bbeb0ac5d4217b
http://python.org/ftp/python/${:package_version}/Python-${:package_version}${:package_version_suffix}.tar.bz2
md5sum = df6ccdac7da3b7c7c79124b92110277e
patch-options = -p1
patches =
${python-2.6.6-no_system_inc_dirs.patch:location}/${python-2.6.6-no_system_inc_dirs.patch:filename}
configure-options =
--enable-ipv6
--enable-unicode=ucs4
--with-threads
......
......@@ -3,6 +3,7 @@ extends =
../bzip2/buildout.cfg
../gdbm/buildout.cfg
../gettext/buildout.cfg
../libexpat/buildout.cfg
../ncurses/buildout.cfg
../openssl/buildout.cfg
../readline/buildout.cfg
......@@ -12,21 +13,6 @@ extends =
parts =
python2.7
[python2.7]
<= python2.7.2
[python2.7.1]
<= python2.7common
package_version = 2.7.1
md5sum = aa27bc25725137ba155910bd8e5ddc4f
package_version_suffix =
[python2.7.2]
<= python2.7common
package_version = 2.7.2
md5sum = ba7b2f11ffdbf195ee0d111b9455a5bd
package_version_suffix =
[bootstrap2.7]
recipe = zc.recipe.egg
eggs = zc.buildout
......@@ -36,8 +22,12 @@ scripts =
arguments = sys.argv[1:] + ["bootstrap"]
python = python2.7
[python2.7common]
[python2.7]
recipe = hexagonit.recipe.cmmi
package_version = 2.7.3
package_version_suffix = rc1
md5sum = 72aaa940dfa2777de161d7cb27c91df7
depends =
${gdbm:version}
# This is actually the default setting for prefix, but we can't use it in
......@@ -49,9 +39,11 @@ executable = ${:prefix}/bin/python${:version}
url =
http://python.org/ftp/python/${:package_version}/Python-${:package_version}${:package_version_suffix}.tar.bz2
configure-options =
--enable-ipv6
--enable-unicode=ucs4
--with-system-expat
--with-threads
environment =
CPPFLAGS=-I${zlib:location}/include -I${readline:location}/include -I${ncurses:location}/include/ -I${ncurses:location}/include/ncursesw/ -I${bzip2:location}/include -I${gdbm:location}/include -I${openssl:location}/include -I${sqlite3:location}/include -I${gettext:location}/include
LDFLAGS=-L${zlib:location}/lib -L${readline:location}/lib -L${ncurses:location}/lib -L${bzip2:location}/lib -L${gdbm:location}/lib -L${openssl:location}/lib -L${sqlite3:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${readline:location}/lib -Wl,-rpath=${ncurses:location}/lib -Wl,-rpath=${bzip2:location}/lib -Wl,-rpath=${gdbm:location}/lib -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${sqlite3:location}/lib -L${gettext:location}/lib -Wl,-rpath=${gettext:location}/lib
CPPFLAGS=-I${zlib:location}/include -I${readline:location}/include -I${libexpat:location}/include -I${ncurses:location}/include -I${ncurses:location}/include/ncursesw -I${bzip2:location}/include -I${gdbm:location}/include -I${openssl:location}/include -I${sqlite3:location}/include -I${gettext:location}/include
LDFLAGS=-L${zlib:location}/lib -L${readline:location}/lib -L${libexpat:location}/lib -L${ncurses:location}/lib -L${bzip2:location}/lib -L${gdbm:location}/lib -L${openssl:location}/lib -L${sqlite3:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${readline:location}/lib -Wl,-rpath=${libexpat:location}/lib -Wl,-rpath=${ncurses:location}/lib -Wl,-rpath=${bzip2:location}/lib -Wl,-rpath=${gdbm:location}/lib -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${sqlite3:location}/lib -L${gettext:location}/lib -Wl,-rpath=${gettext:location}/lib
......@@ -12,18 +12,6 @@ configure-options =
--enable-multibyte
--disable-static
# readline-5.x is still used for GPL2 only softwares.
[readline5]
recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/readline/readline-5.2.tar.gz
md5sum = e39331f32ad14009b9ff49cc10c5e751
configure-options =
--enable-multibyte
--disable-static
--with-ncurses=${ncurses:location}
environment =
LDFLAGS =-Wl,-rpath=${ncurses:location}/lib
[readline]
recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/readline/readline-6.2.tar.gz
......
......@@ -120,17 +120,17 @@ Werkzeug = 0.8.3
buildout-versions = 1.7
collective.recipe.template = 1.9
hexagonit.recipe.cmmi = 1.5.0
lxml = 2.3.3
lxml = 2.3.4
meld3 = 0.6.8
netaddr = 0.7.6
slapos.core = 0.23
slapos.core = 0.24
slapos.libnetworkcache = 0.12
xml-marshaller = 0.9.7
z3c.recipe.scripts = 1.0.1
z3c.recipe.scripts = 1.0.1
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.23
# slapos.core==0.24
Flask = 0.8
# Required by:
......@@ -138,11 +138,11 @@ Flask = 0.8
hexagonit.recipe.download = 1.5.0
# Required by:
# slapos.core==0.23
# slapos.core==0.24
netifaces = 0.8
# Required by:
# slapos.core==0.23
# slapos.core==0.24
# slapos.libnetworkcache==0.12
# supervisor==3.0a12
# zc.buildout==1.6.0-dev-SlapOS-004
......@@ -150,9 +150,9 @@ netifaces = 0.8
setuptools = 0.6c12dev-r88846
# Required by:
# slapos.core==0.23
# slapos.core==0.24
supervisor = 3.0a12
# Required by:
# slapos.core==0.23
# slapos.core==0.24
zope.interface = 3.8.0
......@@ -21,9 +21,7 @@ recipe = hexagonit.recipe.cmmi
url = http://sphinxsearch.com/files/sphinx-2.0.2-beta.tar.gz
md5sum = fafe0f1a71d0ded32404c067eba7d0b3
configure-options =
--with-mysql
--with-mysql-includes=${mariadb:location}/include/mysql
--with-mysql-libs=${mariadb:location}/lib/mysql
--with-mysql=${mariadb:location}
--with-libstemmer
--with-iconv
--without-pgsql
......
......@@ -17,8 +17,8 @@ filename = stunnel-4-hooks.py
[stunnel-4]
recipe = hexagonit.recipe.cmmi
url = http://mirror.bit.nl/stunnel/stunnel-4.52.tar.gz
md5sum = f5e713dda0e8efa659f372832ecd0c2c
url = http://mirror.bit.nl/stunnel/stunnel-4.53.tar.gz
md5sum = ab3bfc915357d67da18c73f73610d593
pre-configure-hook = ${stunnel-4-hook-download:location}/${stunnel-4-hook-download:filename}:pre_configure_hook
configure-options =
--enable-ipv6
......
......@@ -23,6 +23,8 @@ stop-on-error = yes
recipe = hexagonit.recipe.cmmi
url = http://tesseract-ocr.googlecode.com/files/tesseract-3.00.tar.gz
md5sum = cc812a261088ea0c3d2da735be35d09f
depends =
${libtiff:version}
configure-options =
--disable-static
--datarootdir=${tesseract-share:location}
......
# Apache Tomcat - an open source software implementation of the Java Servlet and JavaServer Pages technologies.
# http://tomcat.apache.org/
[buildout]
parts =
tomcat
[tomcat]
<= tomcat6
[tomcat6]
recipe = hexagonit.recipe.download
strip-top-level-dir = true
url = http://apache.multidist.com/tomcat/tomcat-6/v6.0.35/bin/apache-tomcat-6.0.35.tar.gz
md5sum = 171d255cd60894b29a41684ce0ff93a8
[tomcat7]
recipe = hexagonit.recipe.download
strip-top-level-dir = true
url = http://apache.multidist.com/tomcat/tomcat-7/v7.0.25/bin/apache-tomcat-7.0.25.tar.gz
md5sum = 2aa59d23555d641b20efad4aed86b693
[buildout]
extends =
../openssl/buildout.cfg
../pkgconfig/buildout.cfg
../zlib/buildout.cfg
parts =
wget
[wget]
recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/wget/wget-1.13.4.tar.bz2
md5sum = 12115c3750a4d92f9c6ac62bac372e85
configure-options =
--enable-ipv6
--enable-opie
--disable-iri
--with-ssl=openssl
--with-libssl-prefix=${openssl:location}
--with-zlib-lib=${zlib:location}
environment =
PATH=${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${openssl:location}/lib/pkgconfig
LDFLAGS=-L${zlib:location}/lib -L${openssl:location}/lib
CPPFLAGS=-I${zlib:location}/include -I${openssl:location}/include
......@@ -13,8 +13,8 @@ parts =
libXdmcp
libXext
libXau
libXinerama
libSM
libXrender
[xorg-aclocal]
ACLOCAL=${xorg-util-macros:location}/share/aclocal
......@@ -33,6 +33,7 @@ configure-options =
--without-xmlto
--without-fop
environment =
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig
PATH=${libxml2:location}/bin:${pkgconfig:location}/bin:%(PATH)s
[xextproto]
......@@ -43,6 +44,9 @@ configure-options =
--disable-specs
--without-xmlto
--without-fop
environment =
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig
PATH=${pkgconfig:location}/bin:%(PATH)s
[xtrans]
recipe = hexagonit.recipe.cmmi
......@@ -53,6 +57,7 @@ configure-options =
--without-xmlto
--without-fop
environment =
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig
PATH=${pkgconfig:location}/bin:%(PATH)s
[libXau]
......@@ -62,7 +67,7 @@ md5sum = 4a2cbd83727682f9ee1c1e719bac6adb
configure-options =
--disable-static
environment =
PKG_CONFIG_PATH=${xproto:location}/lib/pkgconfig
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig:${xproto:location}/lib/pkgconfig
PATH=${pkgconfig:location}/bin:%(PATH)s
[xcbproto]
......@@ -99,7 +104,7 @@ recipe = hexagonit.recipe.cmmi
url = http://www.x.org/releases/X11R7.6/src/lib/libXext-1.2.0.tar.bz2
md5sum = 9bb236ff0193e9fc1c1fb504dd840331
environment =
PKG_CONFIG_PATH=${xcbproto:location}/lib/pkgconfig:${libXau:location}/lib/pkgconfig:${xproto:location}/lib/pkgconfig:${xorg-libpthread-stubs:location}/lib/pkgconfig:${xextproto:location}/lib/pkgconfig:${libX11:location}/lib/pkgconfig:${libxcb:location}/lib/pkgconfig
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig:${xcbproto:location}/lib/pkgconfig:${libXau:location}/lib/pkgconfig:${xproto:location}/lib/pkgconfig:${xorg-libpthread-stubs:location}/lib/pkgconfig:${xextproto:location}/lib/pkgconfig:${libX11:location}/lib/pkgconfig:${libxcb:location}/lib/pkgconfig
CPPFLAGS=-I${xcbproto:location}/include -I${libXau:location}/include -I${xproto:location}/include -I${xorg-libpthread-stubs:location}/include -I${xextproto:location}/include -I${libX11:location}/include -I${libxcb:location}/include
LD_LIBRARY_PATH=${xcbproto:location}/lib:${libXau:location}/lib:${xorg-libpthread-stubs:location}/lib:${xextproto:location}/lib:${libX11:location}/lib:${libxcb:location}/lib
LD_RUN_PATH=${xcbproto:location}/lib:${libXau:location}/lib:${xorg-libpthread-stubs:location}/lib:${xextproto:location}/lib:${libX11:location}/lib:${libxcb:location}/lib
......@@ -148,7 +153,7 @@ configure-options =
--without-xmlto
--without-fop
environment =
PKG_CONFIG_PATH=${xproto:location}/lib/pkgconfig:${xextproto:location}/lib/pkgconfig:${xtrans:location}/share/pkgconfig:${libxcb:location}/lib/pkgconfig:${xorg-libpthread-stubs:location}/lib/pkgconfig:${libXau:location}/lib/pkgconfig:${inputproto:location}/lib/pkgconfig:${kbproto:location}/lib/pkgconfig
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig:${xproto:location}/lib/pkgconfig:${xextproto:location}/lib/pkgconfig:${xtrans:location}/share/pkgconfig:${libxcb:location}/lib/pkgconfig:${xorg-libpthread-stubs:location}/lib/pkgconfig:${libXau:location}/lib/pkgconfig:${inputproto:location}/lib/pkgconfig:${kbproto:location}/lib/pkgconfig
LD_LIBRARY_PATH=${xproto:location}/lib:${xextproto:location}/lib:${libxcb:location}/lib
LD_RUN_PATH=${xproto:location}/lib:${xextproto:location}/lib:${libxcb:location}/lib
PATH=${pkgconfig:location}/bin:%(PATH)s
......@@ -329,7 +334,7 @@ configure-options =
--without-xmlto
--without-fop
environment =
PKG_CONFIG_PATH=${xproto:location}/lib/pkgconfig:${xtrans:location}/share/pkgconfig
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig:${xproto:location}/lib/pkgconfig:${xtrans:location}/share/pkgconfig
PATH=${pkgconfig:location}/bin:%(PATH)s
[libSM]
......@@ -341,10 +346,26 @@ configure-options =
--without-xmlto
--without-fop
environment =
PKG_CONFIG_PATH=${libICE:location}/lib/pkgconfig:${libuuid:location}/lib/pkgconfig:${xproto:location}/lib/pkgconfig:${xtrans:location}/share/pkgconfig
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig:${libICE:location}/lib/pkgconfig:${libuuid:location}/lib/pkgconfig:${xproto:location}/lib/pkgconfig:${xtrans:location}/share/pkgconfig
PATH=${pkgconfig:location}/bin:%(PATH)s
LIBUUID_CFLAGS=-I${libuuid:location}/include
[renderproto]
recipe = hexagonit.recipe.cmmi
url = http://www.x.org/releases/X11R7.6/src/proto/renderproto-0.11.1.tar.bz2
md5sum = a914ccc1de66ddeb4b611c6b0686e274
[libXrender]
recipe = hexagonit.recipe.cmmi
url = http://www.x.org/releases/X11R7.6/src/lib/libXrender-0.9.6.tar.bz2
md5sum = 3b3b7d076c2384b6c600c0b5f4ba971f
configure-options =
--disable-static
environment =
PKG_CONFIG_PATH=${libX11:location}/lib/pkgconfig:${renderproto:location}/lib/pkgconfig:${xorg-util-macros:location}/share/pkgconfig
PATH=${pkgconfig:location}/bin:%(PATH)s
CPPFLAGS=-I${libX11:location}/include -I${renderproto:location}/include -I${xproto:location}/include
[libXt]
recipe = hexagonit.recipe.cmmi
url = http://www.x.org/releases/X11R7.6/src/lib/libXt-1.0.9.tar.bz2
......
......@@ -4,5 +4,5 @@ parts =
[zlib]
recipe = hexagonit.recipe.cmmi
url = http://prdownloads.sourceforge.net/libpng/zlib-1.2.5.tar.gz?download
md5sum = c735eab2d659a96e5a594c9e8541ad63
url = http://prdownloads.sourceforge.net/libpng/zlib-1.2.6.tar.bz2?download
md5sum = dc2cfa0d2313ca77224b4d932b2911e9
......@@ -2,7 +2,7 @@ from setuptools import setup, find_packages
import glob
import os
version = '0.40.1'
version = '0.46-dev'
name = 'slapos.cookbook'
long_description = open("README.txt").read() + "\n" + \
open("CHANGES.txt").read() + "\n"
......@@ -47,6 +47,7 @@ setup(name=name,
'apache.zope.backend = slapos.recipe.apache_zope_backend:Recipe',
'certificate_authority = slapos.recipe.certificate_authority:Recipe',
'certificate_authority.request = slapos.recipe.certificate_authority:Request',
'check_port_listening = slapos.recipe.check_port_listening:Recipe',
'copyfilelist = slapos.recipe.copyfilelist:Recipe',
'cron = slapos.recipe.dcron:Recipe',
'cron.d = slapos.recipe.dcron:Part',
......@@ -58,14 +59,18 @@ setup(name=name,
'erp5scalabilitytestbed = slapos.recipe.erp5scalabilitytestbed:Recipe',
'equeue = slapos.recipe.equeue:Recipe',
'erp5testnode = slapos.recipe.erp5testnode:Recipe',
'generate.mac = slapos.recipe.generatemac:Recipe',
'nbdserver = slapos.recipe.nbdserver:Recipe',
'generic.onetimeupload = slapos.recipe.generic_onetimeupload:Recipe',
'helloworld = slapos.recipe.helloworld:Recipe',
'generic.cloudooo = slapos.recipe.generic_cloudooo:Recipe',
'fontconfig = slapos.recipe.fontconfig:Recipe',
'java = slapos.recipe.java:Recipe',
'kumofs = slapos.recipe.kumofs:Recipe',
'kvm = slapos.recipe.kvm:Recipe',
'kvm.frontend = slapos.recipe.kvm_frontend:Recipe',
'generic.kumofs = slapos.recipe.generic_kumofs:Recipe',
'haproxy = slapos.recipe.haproxy:Recipe',
'kvm = slapos.recipe.kvm:Recipe',
'libcloud = slapos.recipe.libcloud:Recipe',
'libcloudrequest = slapos.recipe.libcloudrequest:Recipe',
'lockfile = slapos.recipe.lockfile:Recipe',
......@@ -75,11 +80,11 @@ setup(name=name,
'mydumper = slapos.recipe.mydumper:Recipe',
'generic.mysql = slapos.recipe.generic_mysql:Recipe',
'mkdirectory = slapos.recipe.mkdirectory:Recipe',
'nbdserver = slapos.recipe.nbdserver:Recipe',
'nosqltestbed = slapos.recipe.nosqltestbed:NoSQLTestBed',
'notifier = slapos.recipe.notifier:Recipe',
'notifier.callback = slapos.recipe.notifier:Callback',
'notifier.notify = slapos.recipe.notifier:Notify',
'novnc = slapos.recipe.novnc:Recipe',
'lamp = slapos.recipe.lamp:Request',
'lamp.request = slapos.recipe.lamp:Request',
'lamp.static = slapos.recipe.lamp:Static',
......@@ -117,8 +122,12 @@ setup(name=name,
'generate.cloudooo = slapos.recipe.generate_cloudooo:Recipe',
'zeo = slapos.recipe.zeo:Recipe',
'tidstorage = slapos.recipe.tidstorage:Recipe',
'erp5.bootstrap = slapos.recipe.erp5_bootstrap:Recipe',
'erp5.promise = slapos.recipe.erp5_promise:Recipe',
'erp5.update = slapos.recipe.erp5_update:Recipe',
'erp5.test = slapos.recipe.erp5_test:Recipe',
'generic.varnish = slapos.recipe.generic_varnish:Recipe',
'webchecker = slapos.recipe.web_checker:Recipe',
],
'slapos.recipe.nosqltestbed.plugin': [
'kumo = slapos.recipe.nosqltestbed.kumo:KumoTestBed',
......
apache_frontend
==========
Frontend using Apache, allowing to rewrite and proxy URLs like myinstance.myfrontenddomainname.com to real IP/URL of myinstance.
\ No newline at end of file
Frontend using Apache, allowing to rewrite and proxy URLs like
myinstance.myfrontenddomainname.com to real IP/URL of myinstance.
apache_frontend works using the master instance / slave instance design.
It means that a single main instance of Apache will be used to act as frontend
for many slaves.
How to use
========
First, you will need to request a "master" instance of Apache Frontend with
"domain" parameter, like :
<?xml version='1.0' encoding='utf-8'?>
<instance>
<parameter id="domain">moulefrite.com</parameter>
<parameter id="port">443</parameter>
</instance>
Then, it is possible to request many slave instances
(currently only from slapconsole, UI doesn't work yet)
of Apache Frontend, like :
instance = request(
software_release=apache_frontend,
partition_reference='frontend2',
shared=True,
partition_parameter_kw={"url":"https://[1:2:3:4]:1234/someresource"}
)
Those slave instances will be redirected to the "master" instance,
and you will see on the "master" instance the associated RewriteRules of
all slave instances.
Finally, the slave instance will be accessible from :
https://someidentifier.moulefrite.com.
kvm_frontend
===
Introduction
------------
The ``slapos.recipe.kvm_frontend`` aims to provide proxy server to KVM instances.
It allows HTTPS IPv4/IPv6 proxying (with or without domain name), and supports
the WebSocket technology needed for VNC-in-webapplication noVNC.
It works following the master/slave instances system. A master instance is
created, containing all what is needed to run the proxy. Slave instances
are later created, adding one line in the master instance's proxy configuration
that specify the IP/port to proxy to the KVM.
The slave instance (kvm) is then accessible from
http://[masterinstanceIPorhostname]/[randomgeneratednumber]
Instance parameters
------------
Incoming master instance parameters
+++++++
``port`` - Port of server, optional, defaults to 4443.
``domain`` - domain name to use, optional, default to
"host.vifib.net".
``redirect_plain_http`` - if value is one of ['y', 'yes', '1', 'true'], instance
will try to create a simple http server on port 80
redirecting to the proxy. Optional.
Incoming slave instance parameters
+++++++
``host`` - KVM instance IP or hostname. Mandatory.
``port`` - KVM instance port, Mandatory.
``https`` - if value is one of ['n', 'no', '0', 'false'], will try to connect
to target in plain http. Optional.
Connection parameters
-------------
Outgoing master connection parameters
+++++++
``domain_ipv6_address`` - Proxy IP
``site_url`` - Proxy URL
Outgoing slave connection parameters are :
+++++++
``site_url`` - URL of instance
``domain_name`` - Domain name of proxy
``port`` - Port of proxy
......@@ -33,10 +33,33 @@ class Recipe(GenericBaseRecipe):
ip = self.options['ip']
port = self.options['port']
backend = self.options['backend']
key = self.options['key-file']
certificate = self.options['cert-file']
access_control_string = self.options['access-control-string']
apache_conf = dict()
scheme = self.options['scheme']
if scheme == 'http':
required_path_list = []
apache_conf['ssl_snippet'] = ''
elif scheme == 'https':
key = self.options['key-file']
certificate = self.options['cert-file']
required_path_list = [key, certificate]
apache_conf['key'] = key
apache_conf['certificate'] = certificate
apache_conf['ssl_session_cache'] = self.options['ssl-session-cache']
apache_conf['ssl_snippet'] = pkg_resources.resource_string(__name__,
'template/snippet.ssl.in') % apache_conf
if 'ssl-authentication' in self.options and self.optionIsTrue(
'ssl-authentication'):
apache_conf['ssl_snippet'] += pkg_resources.resource_string(__name__,
'template/snippet.ssl.ca.in') % dict(
ca_certificate=self.options['ssl-authentication-certificate'],
ca_crl=self.options['ssl-authentication-crl']
)
else:
raise ValueError, "Unsupported scheme %s" % scheme
access_control_string = self.options['access-control-string']
apache_conf['pid_file'] = self.options['pid-file']
apache_conf['lock_file'] = self.options['lock-file']
apache_conf['ip'] = ip
......@@ -45,11 +68,10 @@ class Recipe(GenericBaseRecipe):
apache_conf['error_log'] = self.options['error-log']
apache_conf['access_log'] = self.options['access-log']
apache_conf['server_name'] = '%s' % apache_conf['ip']
apache_conf['certificate'] = certificate
apache_conf['key'] = key
apache_conf['path'] = '/'
apache_conf['access_control_string'] = access_control_string
apache_conf['rewrite_rule'] = "RewriteRule (.*) %s$1 [L,P]" % backend
apache_conf['rewrite_rule'] = "RewriteRule (.*) %s%s [L,P]" % (backend,
self.options.get('backend-path', '/'))
apache_conf_string = pkg_resources.resource_string(__name__,
'template/apache.zope.conf.in') % apache_conf
apache_config_file = self.createFile(self.options['configuration-file'],
......@@ -58,7 +80,7 @@ class Recipe(GenericBaseRecipe):
wrapper = self.createPythonScript(self.options['wrapper'], __name__ +
'.apache.runApache', [
dict(
required_path_list=[key, certificate],
required_path_list=required_path_list,
binary=self.options['apache-binary'],
config=apache_config_file
)
......
......@@ -2,12 +2,16 @@
# Automatically generated
# List of modules
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
......@@ -18,24 +22,23 @@ LoadModule headers_module modules/mod_headers.so
# Basic server configuration
PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
Listen %(ip)s:%(port)s
ServerAdmin %(server_admin)s
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
ServerTokens Prod
ServerSignature Off
TraceEnable Off
# Apache 2.4's default value (60 seconds) can be a bit too short
TimeOut 300
# As backend is trusting REMOTE_USER header unset it always
RequestHeader unset REMOTE_USER
# SSL Configuration
SSLEngine on
SSLCertificateFile %(certificate)s
SSLCertificateKeyFile %(key)s
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLProxyEngine On
%(ssl_snippet)s
# Log configuration
ErrorLog "%(error_log)s"
......
SSLVerifyClient require
RequestHeader set REMOTE_USER %%{SSL_CLIENT_S_DN_CN}s
SSLCACertificateFile %(ca_certificate)s
SSLCARevocationPath %(ca_crl)s
# SSL Configuration
SSLEngine on
SSLCertificateFile %(certificate)s
SSLCertificateKeyFile %(key)s
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLProtocol -ALL +SSLv3 +TLSv1
SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH
SSLSessionCache shmcb:%(ssl_session_cache)s(512000)
SSLProxyEngine On
......@@ -3,7 +3,6 @@
# Basic server configuration
PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
Listen %(ip)s:%(port)s
PHPINIDir %(php_ini_dir)s
ServerAdmin someone@email
......@@ -25,20 +24,21 @@ CustomLog "%(access_log)s" common
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Require all denied
</Directory>
<Directory %(document_root)s>
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
Require all granted
</Directory>
DocumentRoot %(document_root)s
DirectoryIndex index.html index.php
# List of modules
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so
......
......@@ -45,13 +45,14 @@ class Recipe(GenericBaseRecipe):
def install(self):
path_list = []
# XXX: We gotta find better a way to get these options
ca_country_code = 'XX'
ca_email = 'xx@example.com'
ca_state = 'State',
ca_city = 'City'
ca_company = 'Company'
# XXX: end
ca_country_code = self.options.get('country-code', 'XX')
ca_email = self.options.get('email', 'xx@example.com')
# XXX-BBB: State by mistake has been configured as string "('State',)"
# string, so keep this for backward compatibility of existing
# automatically setup CAs
ca_state = self.options.get('state', "('State',)")
ca_city = self.options.get('city', 'City')
ca_company = self.options.get('company', 'Company')
self.setPath()
......
##############################################################################
#
# Copyright (c) 2011 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe
import sys
class Recipe(GenericBaseRecipe):
"""
Check listening port promise
"""
def install(self):
config = dict(
hostname=self.options['hostname'],
port=self.options['port'],
python_path=sys.executable,
)
vnc_promise = self.createExecutable(
self.options['path'],
self.substituteTemplate(
self.getTemplateFilename('socket_connection_attempt.py.in'),
config))
return [vnc_promise]
#!%(python_path)s
# BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically
import socket
import sys
hostname = "%(hostname)s"
port = %(port)s
connection_okay = False
try:
s = socket.create_connection((hostname, port))
connection_okay = True
s.close()
except (socket.error, socket.timeout):
connection_okay = False
if not connection_okay:
print >> sys.stderr, "%(port)s on %(hostname)s isn't listening"
sys.exit(127)
......@@ -3,6 +3,9 @@ ServerRoot "%(server_root)s"
Listen [%(ip)s]:%(port)s
# Needed modules
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authn_file_module "%(modules_dir)s/mod_authn_file.so"
LoadModule authz_host_module "%(modules_dir)s/mod_authz_host.so"
LoadModule authz_user_module "%(modules_dir)s/mod_authz_user.so"
......@@ -11,6 +14,7 @@ LoadModule auth_digest_module "%(modules_dir)s/mod_auth_digest.so"
LoadModule log_config_module "%(modules_dir)s/mod_log_config.so"
LoadModule headers_module "%(modules_dir)s/mod_headers.so"
LoadModule setenvif_module "%(modules_dir)s/mod_setenvif.so"
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module "%(modules_dir)s/mod_ssl.so"
LoadModule mime_module "%(modules_dir)s/mod_mime.so"
LoadModule dav_module "%(modules_dir)s/mod_dav.so"
......@@ -25,7 +29,6 @@ ServerTokens ProductOnly
DocumentRoot "%(document_root)s"
PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
DavLockDB "%(davlock_db)s"
<Directory />
......
......@@ -2,12 +2,16 @@
# Automatically generated
# List of modules
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
......@@ -19,7 +23,6 @@ LoadModule antiloris_module modules/mod_antiloris.so
# Basic server configuration
PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
Listen %(ip)s:%(port)s
ServerAdmin %(server_admin)s
TypesConfig conf/mime.types
......
##############################################################################
#
# Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe
import os
import sys
import urlparse
class Recipe(GenericBaseRecipe):
"""
Instanciate ERP5 in Zope
"""
def install(self):
parsed = urlparse.urlparse(self.options['mysql-url'])
mysql_connection_string = "%(database)s@%(hostname)s:%(port)s "\
"%(username)s %(password)s" % dict(
database=parsed.path.split('/')[1],
hostname=parsed.hostname,
port=parsed.port,
username=parsed.username,
password=parsed.password
)
zope_parsed = urlparse.urlparse(self.options['zope-url'])
config = dict(
python_path=sys.executable,
user=zope_parsed.username,
password=zope_parsed.password,
site_id=zope_parsed.path.split('/')[1],
host="%s:%s" % (zope_parsed.hostname, zope_parsed.port),
sql_connection_string=mysql_connection_string,
)
# Runners
runner_path = self.createExecutable(
self.options['runner-path'],
self.substituteTemplate(self.getTemplateFilename('erp5_bootstrap.in'),
config))
return [runner_path]
#!%(python_path)s
import httplib
import urllib
import base64
user = "%(user)s"
password = "%(password)s"
host = "%(host)s"
site_id = "%(site_id)s"
erp5_catalog_storage = 'erp5_mysql_innodb_catalog'
mysql_url = "%(sql_connection_string)s"
header_dict = {'Authorization': 'Basic %%s' %% \
base64.encodestring('%%s:%%s' %% (user, password)).strip()}
zope_connection = httplib.HTTPConnection(host)
# Check if an ERP5 site is already created, as ERP5 does support having
# 2 instances in the same zope, and this script should not destroy user data
zope_connection.request('GET', '/isERP5SitePresent', headers=header_dict)
result = zope_connection.getresponse()
if result.status == 204: # and (result.read() == "False"):
# Create the expected ERP5 instance
zope_connection.request(
'POST', '/manage_addProduct/ERP5/manage_addERP5Site',
urllib.urlencode({
'id': site_id,
'erp5_catalog_storage': erp5_catalog_storage,
'erp5_sql_connection_string': mysql_url,
'cmf_activity_sql_connection_string': mysql_url,
}),
headers=header_dict)
##############################################################################
#
# Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe
import ConfigParser
class Recipe(GenericBaseRecipe):
"""
Generate ERP5 promise configuration file
"""
def install(self):
promise_parser = ConfigParser.RawConfigParser()
promise_parser.add_section('portal_templates')
promise_parser.set('portal_templates', 'repository', self.options['bt5-repository-url'])
promise_parser.set('portal_templates', 'expected_bt5', self.options['bt5'])
promise_parser.add_section('external_service')
promise_parser.set('external_service', 'cloudooo_url', self.options['cloudooo-url'])
promise_parser.set('external_service', 'memcached_url', self.options['memcached-url'])
promise_parser.set('external_service', 'kumofs_url', self.options['kumofs-url'])
promise_parser.set('external_service', 'smtp_url', self.options['smtp-url'])
promise_parser.write(open(self.options['promise-path'], 'w'))
return [self.options['promise-path']]
<?xml version="1.0"?>
<!DOCTYPE fontconfig SYSTEM "fonts.dtd">
<fontconfig>
<cachedir>~/.fontconfig</cachedir>
%(font_folder_path_snippet)s
</fontconfig>
\ No newline at end of file
......@@ -57,6 +57,9 @@ class Recipe(GenericSlapRecipe):
known_tid_storage_identifier_dict = {}
snippet_zeo = open(self.options['snippet-zeo']).read()
for zeo_id, zeo_configuration_list in json_data['zeo'].iteritems():
if not type(zeo_configuration_list) in (type([]), type(set()), type(())):
raise ValueError('%s passed in json is not a list, json: %s.' % (
zeo_configuration_list, json_data))
storage_list = []
a = storage_list.append
for zeo_slave in zeo_configuration_list:
......@@ -92,7 +95,8 @@ class Recipe(GenericSlapRecipe):
zeo_connection_string = '\n'.join(zeo_connection_list)
zope_dict.update(
timezone=json_data['timezone'],
zeo_connection_string=zeo_connection_string
zeo_connection_string=zeo_connection_string,
site_id=site_id,
)
# always one distribution node
current_zope_port += 1
......@@ -151,32 +155,72 @@ class Recipe(GenericSlapRecipe):
longrequest_logger_interval=longrequest_logger_interval,
**zope_dict)
haproxy_backend_list.append('${%(part_name)s:ip}:${%(part_name)s:port}' % dict(part_name=part_name))
scheme = backend_configuration.get('scheme', ['https'])
# now generate backend access
current_apache_port += 1
current_haproxy_port += 1
part_list.append('apache-%(backend_name)s ca-apache-%(backend_name)s logrotate-entry-apache-%(backend_name)s haproxy-%(backend_name)s' % dict(backend_name=backend_name))
backend_dict = dict(
backend_name=backend_name,
apache_port=current_apache_port,
apache_public_port=current_apache_port+1,
haproxy_port=current_haproxy_port,
access_control_string=backend_configuration['access-control-string'],
maxconn=backend_configuration['maxconn'],
server_check_path='/%s/getId' % site_id,
haproxy_backend_list=' '.join(haproxy_backend_list)
haproxy_backend_list=' '.join(haproxy_backend_list),
ssl_authentication=backend_configuration.get('ssl-authentication',
False),
backend_path=backend_configuration.get('backend-path', '/') % {
'site-id': site_id}
)
publish_url_list.append('url-%(backend_name)s = https://[${apache-%(backend_name)s:ip}]:${apache-%(backend_name)s:port}' % dict(
backend_name=backend_name))
current_apache_port += 1
output += snippet_backend % backend_dict
if 'http' in scheme:
part_list.append('apache-public-%(backend_name)s logrotate-entry-apache-public-%(backend_name)s' % dict(backend_name=backend_name))
publish_url_list.append('url-public-%(backend_name)s = http://[${apache-public-%(backend_name)s:ip}]:${apache-public-%(backend_name)s:port}' % dict(
backend_name=backend_name))
if 'https' in scheme:
part_list.append('apache-%(backend_name)s ca-apache-%(backend_name)s logrotate-entry-apache-%(backend_name)s haproxy-%(backend_name)s' % dict(backend_name=backend_name))
publish_url_list.append('url-%(backend_name)s = https://[${apache-%(backend_name)s:ip}]:${apache-%(backend_name)s:port}' % dict(
backend_name=backend_name))
output += SECTION_BACKEND_PUBLISHER + '\n'
output += '\n'.join(publish_url_list)
part_list.append('publish-apache-backend-list')
master_dict = self.parameter_dict.copy()
if 'erp5-ca' in json_data:
erp5_ca = json_data['erp5-ca']
# Fetching exactly named parameters from json in order to raise proper
# error if required
master_dict.update(
erp5_ca_country_code = erp5_ca['country-code'],
erp5_ca_email = erp5_ca['email'],
erp5_ca_state = erp5_ca['state'],
erp5_ca_city = erp5_ca['city'],
erp5_ca_company = erp5_ca['company']
)
else:
master_dict.update(dict(
erp5_ca_country_code = 'XX',
erp5_ca_email = 'xx@example.com',
# XXX-BBB: State by mistake has been configured as string "('State',)"
# string, so keep this for backward compatibility of existing
# automatically setup CAs
erp5_ca_state = "('State',)",
erp5_ca_city = 'City',
erp5_ca_company = 'Company'
))
prepend = open(self.options['snippet-master']).read() % dict(
part_list=' \n'.join([' '+q for q in part_list]),
known_tid_storage_identifier_dict=known_tid_storage_identifier_dict,
haproxy_section="haproxy-%s" % backend_name,
zope_section=zope_id,
site_id=site_id,
**self.parameter_dict
**master_dict
)
output = prepend + output
with open(self.options['output'], 'w') as f:
......
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import random
from slapos.recipe.librecipe import GenericBaseRecipe
class Recipe(GenericBaseRecipe):
def __init__(self, buildout, name, options):
# First octet has to represent a locally administered address
octet_list = [254] + [random.randint(0x00, 0xff) for x in range(5)]
options['mac-address'] = ':'.join(['%02x' % x for x in octet_list])
def install(self):
return []
......@@ -52,7 +52,8 @@ class Recipe(GenericBaseRecipe):
kumo_manager_port=kumo_manager_port,
kumo_server_port=kumo_server_port,
kumo_server_listen_port=kumo_server_listen_port,
kumo_gateway_port=kumo_gateway_port
kumo_gateway_port=kumo_gateway_port,
shell_path=self.options['shell-path'],
)
path_list.append(self.createExecutable(self.options['gateway-wrapper'],
......
#!/bin/sh
#!%(shell_path)s
exec %(kumo_gateway_binary)s -F -E -m %(kumo_manager_ip)s:%(kumo_manager_port)s -t %(kumo_gateway_ip)s:%(kumo_gateway_port)s -o %(kumo_gateway_log)s
#!/bin/sh
#!%(shell_path)s
exec %(kumo_manager_binary)s -a -l %(kumo_manager_ip)s:%(kumo_manager_port)s -o %(kumo_manager_log)s
#!/bin/sh
#!%(shell_path)s
exec %(kumo_server_binary)s -l %(kumo_server_ip)s:%(kumo_server_port)s -L %(kumo_server_listen_port)s -m %(kumo_manager_ip)s:%(kumo_manager_port)s -s %(kumo_server_storage)s -o %(kumo_server_log)s
......@@ -46,6 +46,7 @@ class Recipe(GenericBaseRecipe):
memcached_binary=self.options['binary_path'],
memcached_ip=self.options['ip'],
memcached_port=self.options['port'],
shell_path=self.options['shell-path'],
)
executable_path = self.createExecutable(
......
#!/bin/sh
#!%(shell_path)s
exec %(memcached_binary)s -p %(memcached_port)s -U %(memcached_port)s -l %(memcached_ip)s
......@@ -67,6 +67,12 @@ class Recipe(GenericBaseRecipe):
mysql_script_list = []
# user defined functions
mysql_script_list.append(self.substituteTemplate(
self.getTemplateFilename('mysql-init-function.sql.in'),
{
}
))
# real database
mysql_script_list.append(self.substituteTemplate(
self.getTemplateFilename('initmysql.sql.in'),
......
......@@ -17,15 +17,15 @@ pid-file = %(pid_file)s
log-error = %(error_log)s
slow_query_log
slow_query_log_file = %(slow_query_log)s
long_query_time = 5
long_query_time = 1
max_allowed_packet = 128M
query_cache_size = 32M
plugin-load = ha_groonga.so;ha_sphinx.so
plugin-load = ha_mroonga.so;ha_sphinx.so;handlersocket.so
# By default only 100 connections are allowed, when using zeo
# we may have much more connections
# max_connections = 1000
max_connections = 1000
# The following are important to configure and depend a lot on to the size of
# your database and the available resources.
......
USE mysql;
DROP FUNCTION IF EXISTS last_insert_grn_id;
CREATE FUNCTION last_insert_grn_id RETURNS INTEGER SONAME 'ha_groonga.so';
CREATE FUNCTION last_insert_grn_id RETURNS INTEGER SONAME 'ha_mroonga.so';
DROP FUNCTION IF EXISTS sphinx_snippets;
CREATE FUNCTION sphinx_snippets RETURNS STRING SONAME 'sphinx.so';
##############################################################################
#
# Copyright (c) 2011 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe
import binascii
import os
import sys
class Recipe(GenericBaseRecipe):
"""
kvm instance configuration.
"""
def __init__(self, buildout, name, options):
options['key'] = binascii.hexlify(os.urandom(24))
return GenericBaseRecipe.__init__(self, buildout, name, options)
def install(self):
config = dict(
ip=self.options['ip'],
port=self.options['port'],
onetimeupload_path=self.options['onetimeupload-path'],
shell_path=self.options['shell-path'],
log_path=self.options['log-path'],
image=self.options['image-path'],
key=self.options['key'],
)
# Runners
runner_path = self.createExecutable(
self.options['path'],
self.substituteTemplate(self.getTemplateFilename('onetimeupload_run.in'),
config))
return [runner_path]
#!/bin/sh
#!%(shell_path)s
# BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically
exec %(onetimeupload_path)s -l %(log_path)s %(ip)s %(port)s %(image)s %(key)s
##############################################################################
#
# Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import os
import re
from slapos.recipe.librecipe import GenericSlapRecipe
class Recipe(GenericSlapRecipe):
"""
Instantiate varnish daemon
TODO:
- use varnish3.x and replace .vcl for it
"""
def _install(self):
ip = self.options['ip']
backend_url = self.parameter_dict['tidstorage-url']
backend_ip, backend_port = self._getBackendServer(backend_url)
varnishd_manager_port = int(self.options['manager-port'])
varnishd_server_port = int(self.options['server-port'])
path_list = []
config = dict(
varnishd_binary=self.options['varnishd-binary'],
varnish_ip=ip,
varnishlog_binary=self.options['varnishlog-binary'],
varnishd_manager_port=varnishd_manager_port,
varnishd_server_port=varnishd_server_port,
varnishd_pid_file=self.options['pid-file'],
varnish_instance_name=self.options['varnish-instance-name'],
varnish_data=self.options['varnish-data'],
shell_path=self.options['shell-path'],
vcl_file=self.options['vcl-file'],
backend_ip = backend_ip,
backend_port = backend_port,
backend_server = "[%s]" % backend_ip,
)
path_list.append(self.createExecutable(self.options['varnishd-wrapper'],
self.substituteTemplate(self.getTemplateFilename('varnishd.in'),
config)))
path_list.append(self.createExecutable(self.options['varnishlog-wrapper'],
self.substituteTemplate(self.getTemplateFilename('varnishlog.in'),
config)))
path_list.append(self.createFile(self.options['vcl-file'],
self.substituteTemplate(self.getTemplateFilename('default.vcl.in'),
config)))
return path_list
def _getBackendServer(self, url):
r = re.compile('\/\/\[(.*)\]:(\d*)')
result = r.search(url)
ip = result.groups()[0]
port = result.groups()[1]
return (ip, port)
#This is a basic VCL configuration file for varnish. See the vcl(7)
#man page for details on VCL syntax and semantics.
#
#Default backend definition. Set this to point to your content
#server.
#
backend default {
.host = "%(backend_ip)s";
.port = "%(backend_port)s";
.probe = {
.timeout = 30s;
.interval = 5s;
.window = 4;
.threshold = 3;
.request =
"OPTIONS /erp5/getId HTTP/1.1"
"Host: %(backend_server)s:%(backend_port)s"
"Accept-Encoding: identity"
"Connection: close"
"User-Agent: Varnish";
}
}
#
#Below is a commented-out copy of the default VCL logic. If you
#redefine any of these subroutines, the built-in logic will be
#appended to your code.
#
sub vcl_recv {
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "PURGE" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
pipe;
}
if (req.request != "GET" && req.request != "HEAD" && req.request != "PURGE") {
/* We only deal with GET and HEAD by default */
pass;
}
remove req.http.Cookie;
remove req.http.Set-Cookie;
if (req.http.Accept-Encoding) {
if (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elsif (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
# unkown algorithm
remove req.http.Accept-Encoding;
}
}
# Force deflate
remove req.http.Accept-Encoding;
# We do not care about Accept-Language, this is url controlled
remove req.http.Accept-Language;
#if (req.request == "PURGE") {
# if (!client.ip ~ purge) {
# error 405 "Not allowed.";
# }
# purge_url(req.url);
# error 200 "HASHPURGED";
# unset req.http.x;
#}
set req.grace = 30d;
lookup;
}
sub vcl_hash {
set req.hash += req.url;
hash;
}
sub vcl_hit {
#if (req.request == "PURGE" && client.ip ~ purge) {
# set obj.ttl = 0s;
# error 200 "Purged.";
#}
#if (client.ip ~ purge){
# # Force refresh from localhost
# set obj.ttl = 0s;
# return (restart);
#}
# According Vary Header do not return those headers
remove req.http.Accept-Language;
remove req.http.Accept-Encoding;
remove req.http.Cookie;
deliver;
}
sub vcl_miss {
fetch;
}
sub vcl_fetch {
/* Never send request to backend even if client ask refreshed content */
if (obj.cacheable) {
/* Setup grace period for 30days for all cacheable contents */
#set req.grace = 30d;
set obj.grace = 30d;
}
deliver;
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = obj.hits;
} else {
set resp.http.X-Cache = "MISS";
}
#if (obj.hash) {
# set resp.http.X-Hash = obj.hash;
#} else {
# set resp.http.X-Hash = "No hash";
#}
deliver;
}
#!%(shell_path)s
DAEMON_OPTS="-F \
-a %(varnish_ip)s:%(varnishd_server_port)s \
-T %(varnish_ip)s:%(varnishd_manager_port)s \
-n %(varnish_instance_name)s \
-f %(vcl_file)s \
-s file,%(varnish_data)s/varnish_storage.bin,1G"
PIDFILE=%(varnishd_pid_file)s
# exporting PATH here so that we will pass the PATH variable to the subprocess
export PATH
output=$(/bin/tempfile -s.varnish)
exec %(varnishd_binary)s -P ${PIDFILE} ${DAEMON_OPTS} > ${output} 2>&1
#!%(shell_path)s
DAEMON_OPTS="-a %(varnish_ip)s:%(varnishd_server_port)s \
-n %(varnish_instance_name)s"
exec %(varnishlog_binary)s ${DAEMON_OPTS} "$@"
#!%(shell_path)s
DAEMON_OPTS="-F \
-a %(varnish_ip)s:%(varnishd_server_port)s \
-T %(varnish_ip)s:%(varnishd_manager_port)s \
-n %(varnish_instance_name)s \
-f %(vcl_file)s \
-s file,%(varnish_data)s/varnish_storage.bin,1G"
PIDFILE=%(varnishd_pid_file)s
# exporting PATH here so that it will pass the PATH variable to the subprocess
export PATH
# If unset, or set to "0" or "no", exit
if [ -z "${VARNISHLOG_ENABLED}" ] || \
[ "${VARNISHLOG_ENABLED}" = "0" ] || \
[ "${VARNISHLOG_ENABLED}" = "no" ]; then
exit 0;
fi
output=$(/bin/tempfile -s.varnish)
exec %(varnishlog_binary)s ${DAEMON_OPTS} > ${output} 2>&1
......@@ -128,6 +128,13 @@ class Recipe(GenericBaseRecipe):
zope_conf_content = self.substituteTemplate(zope_wrapper_template_location,
zope_config)
if ('promise-path' in self.options) and ('site-id' in self.options):
zope_conf_content += self.substituteTemplate(self.getTemplateFilename(
'zope.conf.promise.in'), {
'site-id': self.options['site-id'],
'promise-path': self.options['promise-path'],
})
zope_conf_path = self.createFile(self.options['configuration-file'], zope_conf_content)
path_list.append(zope_conf_path)
# Create init script
......
......@@ -20,6 +20,11 @@ zserver-threads %(thread_amount)s
pid-filename %(pid-filename)s
lock-filename %(lock-filename)s
# Encoding
rest-input-encoding utf-8
rest-output-encoding utf-8
default-zpublisher-encoding utf-8
# Temporary storage database (for sessions)
<zodb_db temporary>
<temporarystorage>
......
# ERP5 promise
<product-config /%(site-id)s>
promise_path %(promise-path)s
</product-config>
......@@ -115,7 +115,7 @@ class Recipe(GenericBaseRecipe):
TMPDIR=self.options['tmp-path'],
HOME=self.options['tmp-path'],
PATH=self.options['bin-path'],
TIMEZONE=self.options['timezone'],
TZ=self.options['timezone'],
)
# longrequestlogger product which requires environment settings
......@@ -157,6 +157,18 @@ class Recipe(GenericBaseRecipe):
if self.isTrueValue(self.options['timeserver']):
zope_conf_content += self.substituteTemplate(self.getTemplateFilename(
'zope.conf.timeserver.in'), {})
if 'tidstorage-ip' in self.options:
zope_conf_content += self.substituteTemplate(self.getTemplateFilename(
'zope.conf.tidstorage.in'), {
'tidstorage-ip': self.options['tidstorage-ip'],
'tidstorage-port': self.options['tidstorage-port'],
})
if ('promise-path' in self.options) and ('site-id' in self.options):
zope_conf_content += self.substituteTemplate(self.getTemplateFilename(
'zope.conf.promise.in'), {
'site-id': self.options['site-id'],
'promise-path': self.options['promise-path'],
})
zope_conf_path = self.createFile(self.options['configuration-file'], zope_conf_content)
path_list.append(zope_conf_path)
......
......@@ -20,6 +20,11 @@ zserver-threads %(thread_amount)s
pid-filename %(pid-filename)s
lock-filename %(lock-filename)s
# Encoding
rest-input-encoding utf-8
rest-output-encoding utf-8
default-zpublisher-encoding utf-8
# Temporary storage database (for sessions)
<zodb_db temporary>
<temporarystorage>
......
# ERP5 promise
<product-config /%(site-id)s>
promise_path %(promise-path)s
</product-config>
# TIDStorage connection
<product-config TIDStorage>
backend-ip %(tidstorage-ip)s
backend-port %(tidstorage-port)s
</product-config>
......@@ -2,5 +2,5 @@
# ERP5 Timer Service
%%import timerserver
<timer-server>
interval 5
interval 1
</timer-server>
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
# Copyright (c) 2011 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
......@@ -24,333 +24,53 @@
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe
import binascii
import os
import sys
from slapos.recipe.librecipe import BaseSlapRecipe
import subprocess
import binascii
import random
import zc.buildout
import pkg_resources
import ConfigParser
import hashlib
class Recipe(BaseSlapRecipe):
# To avoid magic numbers
VNC_BASE_PORT = 5900
def _install(self):
"""
Set the connection dictionnary for the computer partition and create a list
of paths to the different wrappers
Parameters : none
Returns : List path_list
"""
self.path_list = []
self.requirements, self.ws = self.egg.working_set()
self.cron_d = self.installCrond()
self.ca_conf = self.installCertificateAuthority()
self.key_path, self.certificate_path = self.requestCertificate('noVNC')
# Install the socket_connection_attempt script
catcher = zc.buildout.easy_install.scripts(
[('check_port_listening', 'slapos.recipe.kvm.socket_connection_attempt',
'connection_attempt')],
self.ws,
sys.executable,
self.bin_directory,
)
# Save the check_port_listening script path
check_port_listening_script = catcher[0]
# Get the port_listening_promise template path, and save it
self.port_listening_promise_path = pkg_resources.resource_filename(
__name__, 'template/port_listening_promise.in')
self.port_listening_promise_conf = dict(
check_port_listening_script=check_port_listening_script,
)
kvm_conf = self.installKvm(vnc_ip = self.getLocalIPv4Address())
vnc_port = Recipe.VNC_BASE_PORT + kvm_conf['vnc_display']
noVNC_conf = self.installNoVnc(source_ip = self.getGlobalIPv6Address(),
source_port = 6080,
target_ip = kvm_conf['vnc_ip'],
target_port = vnc_port)
self.linkBinary()
self.computer_partition.setConnectionDict(dict(
url = "https://[%s]:%s/vnc_auto.html?host=[%s]&port=%s&encrypt=1" % (
noVNC_conf['source_ip'],
noVNC_conf['source_port'],
noVNC_conf['source_ip'],
noVNC_conf['source_port']),
password = kvm_conf['vnc_passwd']))
return self.path_list
def installKvm(self, vnc_ip):
"""
Create kvm configuration dictionnary and instanciate a wrapper for kvm and
kvm controller
Parameters : IP the vnc server is listening on
Returns : Dictionnary kvm_conf
"""
kvm_conf = dict(vnc_ip = vnc_ip)
connection_found = False
for tap_interface, dummy in self.parameter_dict['ip_list']:
# Get an ip associated to a tap interface
if tap_interface:
connection_found = True
if not connection_found:
raise NotImplementedError("Do not support ip without tap interface")
kvm_conf['tap_interface'] = tap_interface
# Disk path
kvm_conf['disk_path'] = os.path.join(self.data_root_directory,
'virtual.qcow2')
kvm_conf['socket_path'] = os.path.join(self.var_directory, 'qmp_socket')
# XXX Weak password
##XXX -Vivien: add an option to generate one password for all instances
# and/or to input it yourself
kvm_conf['vnc_passwd'] = binascii.hexlify(os.urandom(4))
#XXX pid_file path, database_path, path to python binary and xml path
kvm_conf['pid_file_path'] = os.path.join(self.run_directory, 'pid_file')
kvm_conf['database_path'] = os.path.join(self.data_root_directory,
'slapmonitor_database')
kvm_conf['python_path'] = sys.executable
kvm_conf['qemu_path'] = self.options['qemu_path']
#xml_path = os.path.join(self.var_directory, 'slapreport.xml' )
# Create disk if needed
if not os.path.exists(kvm_conf['disk_path']):
retcode = subprocess.call(["%s create -f qcow2 %s %iG" % (
self.options['qemu_img_path'], kvm_conf['disk_path'],
int(self.options['disk_size']))], shell=True)
if retcode != 0:
raise OSError, "Disk creation failed!"
# Options nbd_ip and nbd_port are provided by slapos master
kvm_conf['nbd_ip'] = self.parameter_dict['nbd_ip']
kvm_conf['nbd_port'] = self.parameter_dict['nbd_port']
# First octet has to represent a locally administered address
octet_list = [254] + [random.randint(0x00, 0xff) for x in range(5)]
kvm_conf['mac_address'] = ':'.join(['%02x' % x for x in octet_list])
kvm_conf['hostname'] = "slaposkvm"
kvm_conf['smp_count'] = self.options['smp_count']
kvm_conf['ram_size'] = self.options['ram_size']
kvm_conf['vnc_display'] = 1
# Instanciate KVM
kvm_template_location = pkg_resources.resource_filename(
__name__, os.path.join(
'template', 'kvm_run.in'))
kvm_runner_path = self.createRunningWrapper("kvm",
self.substituteTemplate(kvm_template_location,
kvm_conf))
self.path_list.append(kvm_runner_path)
# Instanciate KVM controller
kvm_controller_template_location = pkg_resources.resource_filename(
__name__, os.path.join(
'template',
'kvm_controller_run.in' ))
kvm_controller_runner_path = self.createRunningWrapper("kvm_controller",
self.substituteTemplate(kvm_controller_template_location,
kvm_conf))
self.path_list.append(kvm_controller_runner_path)
# Instanciate Slapmonitor
##slapmonitor_runner_path = self.instanciate_wrapper("slapmonitor",
# [database_path, pid_file_path, python_path])
# Instanciate Slapreport
##slapreport_runner_path = self.instanciate_wrapper("slapreport",
# [database_path, python_path])
# Add VNC promise
self.port_listening_promise_conf.update(
hostname=kvm_conf['vnc_ip'],
port=Recipe.VNC_BASE_PORT + kvm_conf['vnc_display'],
class Recipe(GenericBaseRecipe):
"""
kvm instance configuration.
"""
def __init__(self, buildout, name, options):
options['passwd'] = binascii.hexlify(os.urandom(4))
return GenericBaseRecipe.__init__(self, buildout, name, options)
def install(self):
config = dict(
tap_interface=self.options['tap'],
vnc_ip=self.options['vnc-ip'],
vnc_port=self.options['vnc-port'],
nbd_ip=self.options['nbd-ip'],
nbd_port=self.options['nbd-port'],
disk_path=self.options['disk-path'],
disk_size=self.options['disk-size'],
mac_address=self.options['mac-address'],
smp_count=self.options['smp-count'],
ram_size=self.options['ram-size'],
socket_path=self.options['socket-path'],
pid_file_path=self.options['pid-path'],
python_path=sys.executable,
shell_path=self.options['shell-path'],
qemu_path=self.options['qemu-path'],
qemu_img_path=self.options['qemu-img-path'],
# XXX Weak password
vnc_passwd=self.options['passwd']
)
self.createPromiseWrapper("vnc_promise",
self.substituteTemplate(self.port_listening_promise_path,
self.port_listening_promise_conf,
)
)
return kvm_conf
# Runners
runner_path = self.createExecutable(
self.options['runner-path'],
self.substituteTemplate(self.getTemplateFilename('kvm_run.in'),
config))
def installNoVnc(self, source_ip, source_port, target_ip, target_port):
"""
Create noVNC configuration dictionnary and instanciate Websockify proxy
controller_path = self.createExecutable(
self.options['controller-path'],
self.substituteTemplate(self.getTemplateFilename('kvm_controller_run.in'),
config))
Parameters : IP of the proxy, port on which is situated the proxy,
IP of the vnc server, port on which is situated the vnc server,
path to python binary
Returns : noVNC configuration dictionnary
"""
noVNC_conf = {}
noVNC_conf['source_ip'] = source_ip
noVNC_conf['source_port'] = source_port
execute_arguments = [[
self.options['websockify'].strip(),
'--web',
self.options['noVNC_location'],
'--key=%s' % (self.key_path),
'--cert=%s' % (self.certificate_path),
'--ssl-only',
'%s:%s' % (source_ip, source_port),
'%s:%s' % (target_ip, target_port)],
[self.certificate_path, self.key_path]]
self.path_list.extend(zc.buildout.easy_install.scripts([('websockify',
'slapos.recipe.librecipe.execute', 'execute_wait')], self.ws, sys.executable,
self.wrapper_directory, arguments=execute_arguments))
# Add noVNC promise
self.port_listening_promise_conf.update(hostname=noVNC_conf['source_ip'],
port=noVNC_conf['source_port'],
)
self.createPromiseWrapper("novnc_promise",
self.substituteTemplate(self.port_listening_promise_path,
self.port_listening_promise_conf,
)
)
return noVNC_conf
def linkBinary(self):
"""Links binaries to instance's bin directory for easier exposal"""
for linkline in self.options.get('link_binary_list', '').splitlines():
if not linkline:
continue
target = linkline.split()
if len(target) == 1:
target = target[0]
path, linkname = os.path.split(target)
else:
linkname = target[1]
target = target[0]
link = os.path.join(self.bin_directory, linkname)
if os.path.lexists(link):
if not os.path.islink(link):
raise zc.buildout.UserError(
'Target link already %r exists but it is not link' % link)
os.unlink(link)
os.symlink(target, link)
self.logger.debug('Created link %r -> %r' % (link, target))
self.path_list.append(link)
def installCertificateAuthority(self, ca_country_code='XX',
ca_email='xx@example.com', ca_state='State', ca_city='City',
ca_company='Company'):
backup_path = self.createBackupDirectory('ca')
self.ca_dir = os.path.join(self.data_root_directory, 'ca')
self._createDirectory(self.ca_dir)
self.ca_request_dir = os.path.join(self.ca_dir, 'requests')
self._createDirectory(self.ca_request_dir)
config = dict(ca_dir=self.ca_dir, request_dir=self.ca_request_dir)
self.ca_private = os.path.join(self.ca_dir, 'private')
self.ca_certs = os.path.join(self.ca_dir, 'certs')
self.ca_crl = os.path.join(self.ca_dir, 'crl')
self.ca_newcerts = os.path.join(self.ca_dir, 'newcerts')
self.ca_key_ext = '.key'
self.ca_crt_ext = '.crt'
for d in [self.ca_private, self.ca_crl, self.ca_newcerts, self.ca_certs]:
self._createDirectory(d)
for f in ['crlnumber', 'serial']:
if not os.path.exists(os.path.join(self.ca_dir, f)):
open(os.path.join(self.ca_dir, f), 'w').write('01')
if not os.path.exists(os.path.join(self.ca_dir, 'index.txt')):
open(os.path.join(self.ca_dir, 'index.txt'), 'w').write('')
openssl_configuration = os.path.join(self.ca_dir, 'openssl.cnf')
config.update(
working_directory=self.ca_dir,
country_code=ca_country_code,
state=ca_state,
city=ca_city,
company=ca_company,
email_address=ca_email,
)
self._writeFile(openssl_configuration, pkg_resources.resource_string(
__name__, 'template/openssl.cnf.ca.in') % config)
self.path_list.extend(zc.buildout.easy_install.scripts([
('certificate_authority',
__name__ + '.certificate_authority', 'runCertificateAuthority')],
self.ws, sys.executable, self.wrapper_directory, arguments=[dict(
openssl_configuration=openssl_configuration,
openssl_binary=self.options['openssl_binary'],
certificate=os.path.join(self.ca_dir, 'cacert.pem'),
key=os.path.join(self.ca_private, 'cakey.pem'),
crl=os.path.join(self.ca_crl),
request_dir=self.ca_request_dir
)]))
# configure backup
backup_cron = os.path.join(self.cron_d, 'ca_rdiff_backup')
open(backup_cron, 'w').write(
'''0 0 * * * %(rdiff_backup)s %(source)s %(destination)s'''%dict(
rdiff_backup=self.options['rdiff_backup_binary'],
source=self.ca_dir,
destination=backup_path))
self.path_list.append(backup_cron)
return dict(
ca_certificate=os.path.join(config['ca_dir'], 'cacert.pem'),
ca_crl=os.path.join(config['ca_dir'], 'crl'),
certificate_authority_path=config['ca_dir']
)
def requestCertificate(self, name):
hash = hashlib.sha512(name).hexdigest()
key = os.path.join(self.ca_private, hash + self.ca_key_ext)
certificate = os.path.join(self.ca_certs, hash + self.ca_crt_ext)
parser = ConfigParser.RawConfigParser()
parser.add_section('certificate')
parser.set('certificate', 'name', name)
parser.set('certificate', 'key_file', key)
parser.set('certificate', 'certificate_file', certificate)
parser.write(open(os.path.join(self.ca_request_dir, hash), 'w'))
return key, certificate
return [runner_path, controller_path]
def installCrond(self):
timestamps = self.createDataDirectory('cronstamps')
cron_output = os.path.join(self.log_directory, 'cron-output')
self._createDirectory(cron_output)
catcher = zc.buildout.easy_install.scripts([('catchcron',
__name__ + '.catdatefile', 'catdatefile')], self.ws, sys.executable,
self.bin_directory, arguments=[cron_output])[0]
self.path_list.append(catcher)
cron_d = os.path.join(self.etc_directory, 'cron.d')
crontabs = os.path.join(self.etc_directory, 'crontabs')
self._createDirectory(cron_d)
self._createDirectory(crontabs)
# Use execute from erp5.
wrapper = zc.buildout.easy_install.scripts([('crond',
'slapos.recipe.librecipe.execute', 'execute')], self.ws, sys.executable,
self.wrapper_directory, arguments=[
self.options['dcrond_binary'].strip(), '-s', cron_d, '-c', crontabs,
'-t', timestamps, '-f', '-l', '5', '-M', catcher]
)[0]
self.path_list.append(wrapper)
return cron_d
import os
import subprocess
import time
import ConfigParser
import uuid
def popenCommunicate(command_list, input=None):
subprocess_kw = dict(stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
if input is not None:
subprocess_kw.update(stdin=subprocess.PIPE)
popen = subprocess.Popen(command_list, **subprocess_kw)
result = popen.communicate(input)[0]
if popen.returncode is None:
popen.kill()
if popen.returncode != 0:
raise ValueError('Issue during calling %r, result was:\n%s' % (
command_list, result))
return result
class CertificateAuthority:
def __init__(self, key, certificate, openssl_binary,
openssl_configuration, request_dir):
self.key = key
self.certificate = certificate
self.openssl_binary = openssl_binary
self.openssl_configuration = openssl_configuration
self.request_dir = request_dir
def checkAuthority(self):
file_list = [ self.key, self.certificate ]
ca_ready = True
for f in file_list:
if not os.path.exists(f):
ca_ready = False
break
if ca_ready:
return
for f in file_list:
if os.path.exists(f):
os.unlink(f)
try:
# no CA, let us create new one
popenCommunicate([self.openssl_binary, 'req', '-nodes', '-config',
self.openssl_configuration, '-new', '-x509', '-extensions', 'v3_ca',
'-keyout', self.key, '-out', self.certificate, '-days', '10950'],
# Authority name will be random, so no instance has the same issuer
'Certificate Authority %s\n' % uuid.uuid1())
except:
try:
for f in file_list:
if os.path.exists(f):
os.unlink(f)
except:
# do not raise during cleanup
pass
raise
def _checkCertificate(self, common_name, key, certificate):
file_list = [key, certificate]
ready = True
for f in file_list:
if not os.path.exists(f):
ready = False
break
if ready:
return False
for f in file_list:
if os.path.exists(f):
os.unlink(f)
csr = certificate + '.csr'
try:
popenCommunicate([self.openssl_binary, 'req', '-config',
self.openssl_configuration, '-nodes', '-new', '-keyout',
key, '-out', csr, '-days', '3650'],
common_name + '\n')
try:
popenCommunicate([self.openssl_binary, 'ca', '-batch', '-config',
self.openssl_configuration, '-out', certificate,
'-infiles', csr])
finally:
if os.path.exists(csr):
os.unlink(csr)
except:
try:
for f in file_list:
if os.path.exists(f):
os.unlink(f)
except:
# do not raise during cleanup
pass
raise
else:
return True
def checkRequestDir(self):
for request_file in os.listdir(self.request_dir):
parser = ConfigParser.RawConfigParser()
parser.readfp(open(os.path.join(self.request_dir, request_file), 'r'))
if self._checkCertificate(parser.get('certificate', 'name'),
parser.get('certificate', 'key_file'), parser.get('certificate',
'certificate_file')):
print 'Created certificate %r' % parser.get('certificate', 'name')
def runCertificateAuthority(args):
ca_conf = args[0]
ca = CertificateAuthority(ca_conf['key'], ca_conf['certificate'],
ca_conf['openssl_binary'], ca_conf['openssl_configuration'],
ca_conf['request_dir'])
while True:
ca.checkAuthority()
ca.checkRequestDir()
time.sleep(60)
import socket
import sys
def connection_attempt():
try:
hostname, port = sys.argv[1:3]
except ValueError:
print >> sys.stderr, """Bad command line.
Usage: %s hostname|ip port""" % sys.argv[0]
sys.exit(1)
connection_okay = False
try:
s = socket.create_connection((hostname, port))
connection_okay = True
s.close()
except (socket.error, socket.timeout):
connection_okay = False
if not connection_okay:
print >> sys.stderr, "%(port)s on %(ip)s isn't listening" % {
'port': port, 'ip': hostname
}
sys.exit(127)
#!/bin/sh
#!%(python_path)s
# BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically
# TODO: -net nic,model=virtio, but OS installer has to provide the virtio_net
# module
exec %(qemu_path)s \
-net nic,macaddr=%(mac_address)s \
-net tap,ifname=%(tap_interface)s,script=no,downscript=no \
-smp %(smp_count)s \
-m %(ram_size)s \
-cdrom nbd:[%(nbd_ip)s]:%(nbd_port)s \
-drive file=%(disk_path)s,if=virtio,boot=on \
-vnc %(vnc_ip)s:1,ipv4,password \
-boot menu=on \
-qmp unix:%(socket_path)s,server \
-pidfile %(pid_file_path)s
# Echo client program
import os
import socket
import subprocess
def getSocketStatus(host, port):
s = None
for res in socket.getaddrinfo(host, port,
socket.AF_UNSPEC, socket.SOCK_STREAM):
af, socktype, proto, canonname, sa = res
try:
s = socket.socket(af, socktype, proto)
except socket.error, msg:
s = None
continue
try:
s.connect(sa)
except socket.error, msg:
s.close()
s = None
continue
break
return s
# create disk if doesn't exist
disk_path = '%(disk_path)s'
if not os.path.exists(disk_path):
subprocess.Popen(['%(qemu_img_path)s', 'create' ,'-f', 'qcow2',
'%(disk_path)s', '%(disk_size)sG'])
kvm_argument_list = ['kvm', '-net', 'nic,macaddr=%(mac_address)s',
'-net', 'tap,ifname=%(tap_interface)s,script=no,downscript=no',
'-smp', '%(smp_count)s',
'-m', '%(ram_size)s',
'-drive', 'file=%(disk_path)s,if=virtio,boot=on',
'-vnc', '%(vnc_ip)s:1,ipv4,password',
'-boot', 'menu=on',
'-qmp', 'unix:%(socket_path)s,server',
'-pidfile', '%(pid_file_path)s',
]
# Try to connect to NBD server
s = getSocketStatus('%(nbd_ip)s', %(nbd_port)s)
if s is None:
# NBD is not available : launch kvm without it
print 'Warning : Nbd is not available.'
os.execv('%(qemu_path)s', kvm_argument_list)
else:
# NBD is available
kvm_argument_list.extend(['-cdrom', 'nbd:[%(nbd_ip)s]:%(nbd_port)s'])
os.execv('%(qemu_path)s', kvm_argument_list)
#
# OpenSSL example configuration file.
# This is mostly being used for generation of certificate requests.
#
# This definition stops the following lines choking if HOME isn't
# defined.
HOME = .
RANDFILE = $ENV::HOME/.rnd
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
# To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use:
# extensions =
# (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.)
[ new_oids ]
# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
# Add a simple OID like this:
# testoid1=1.2.3.4
# Or use config file substitution like this:
# testoid2=${testoid1}.5.6
# Policies used by the TSA examples.
tsa_policy1 = 1.2.3.4.1
tsa_policy2 = 1.2.3.4.5.6
tsa_policy3 = 1.2.3.4.5.7
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = %(working_directory)s # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
# several ctificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
crlnumber = $dir/crlnumber # the current crl number
# must be commented out to leave a V1 CRL
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem # The private key
RANDFILE = $dir/private/.rand # private random number file
x509_extensions = usr_cert # The extentions to add to the cert
# Comment out the following two lines for the "traditional"
# (and highly broken) format.
name_opt = ca_default # Subject Name options
cert_opt = ca_default # Certificate field options
# Extension copying option: use with caution.
# copy_extensions = copy
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL.
# crlnumber must also be commented out to leave a V1 CRL.
# crl_extensions = crl_ext
default_days = 3650 # how long to certify for
default_crl_days = 30 # how long before next CRL
default_md = default # use public key default MD
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
####################################################################
[ req ]
default_bits = 2048
default_md = sha1
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
#attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
# Passwords for private keys if not present they will be prompted for
# input_password = secret
# output_password = secret
# This sets a mask for permitted string types. There are several options.
# default: PrintableString, T61String, BMPString.
# pkix : PrintableString, BMPString (PKIX recommendation before 2004)
# utf8only: only UTF8Strings (PKIX recommendation after 2004).
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
# MASK:XXXX a literal mask value.
# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
string_mask = utf8only
# req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_value = %(country_code)s
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_value = %(state)s
localityName = Locality Name (eg, city)
localityName_value = %(city)s
0.organizationName = Organization Name (eg, company)
0.organizationName_value = %(company)s
# we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = World Wide Web Pty Ltd
commonName = Common Name (eg, your name or your server\'s hostname)
commonName_max = 64
emailAddress = Email Address
emailAddress_value = %(email_address)s
emailAddress_max = 64
# SET-ex3 = SET extension number 3
#[ req_attributes ]
#challengePassword = A challenge password
#challengePassword_min = 4
#challengePassword_max = 20
#
#unstructuredName = An optional company name
[ usr_cert ]
# These extensions are added when 'ca' signs a request.
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
# nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
# nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox.
nsComment = "OpenSSL Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
# An alternative to produce certificates that aren't
# deprecated according to PKIX.
# subjectAltName=email:move
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
# This is required for TSA certificates.
# extendedKeyUsage = critical,timeStamping
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ca ]
# Extensions for a typical CA
# PKIX recommendation.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer
# This is what PKIX recommends but some broken software chokes on critical
# extensions.
#basicConstraints = critical,CA:true
# So we do this instead.
basicConstraints = CA:true
# Key usage: this is typical for a CA certificate. However since it will
# prevent it being used as an test self-signed certificate it is best
# left out by default.
# keyUsage = cRLSign, keyCertSign
# Some might want this also
# nsCertType = sslCA, emailCA
# Include email address in subject alt name: another PKIX recommendation
# subjectAltName=email:copy
# Copy issuer details
# issuerAltName=issuer:copy
# DER hex encoding of an extension: beware experts only!
# obj=DER:02:03
# Where 'obj' is a standard or added object
# You can even override a supported extension:
# basicConstraints= critical, DER:30:03:01:01:FF
[ crl_ext ]
# CRL extensions.
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always
[ proxy_cert_ext ]
# These extensions should be added when creating a proxy certificate
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
# nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
# nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox.
nsComment = "OpenSSL Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
# An alternative to produce certificates that aren't
# deprecated according to PKIX.
# subjectAltName=email:move
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
# This really needs to be in place for it to be a proxy certificate.
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
####################################################################
[ tsa ]
default_tsa = tsa_config1 # the default TSA section
[ tsa_config1 ]
# These are used by the TSA reply generation only.
dir = /etc/pki/tls # TSA root directory
serial = $dir/tsaserial # The current serial number (mandatory)
crypto_device = builtin # OpenSSL engine to use for signing
signer_cert = $dir/tsacert.pem # The TSA signing certificate
# (optional)
certs = $dir/cacert.pem # Certificate chain to include in reply
# (optional)
signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
default_policy = tsa_policy1 # Policy if request did not specify it
# (optional)
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
digests = md5, sha1 # Acceptable message digests (mandatory)
accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
clock_precision_digits = 0 # number of digits after dot. (optional)
ordering = yes # Is ordering defined for timestamps?
# (optional, default: no)
tsa_name = yes # Must the TSA name be included in the reply?
# (optional, default: no)
ess_cert_id_chain = no # Must the ESS cert id chain be included?
# (optional, default: no)
#!/usr/bin/env sh
"%(check_port_listening_script)s" "%(hostname)s" "%(port)s"
exit $?
#!/bin/sh
# BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically
exec %(python_path)s %(slapreport_path)s $1 %(database_path)s
##############################################################################
#
# Copyright (c) 2011 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe, GenericSlapRecipe
import json
import zc.buildout
class Recipe(GenericSlapRecipe):
"""
kvm frontend instance configuration.
"""
def _getRewriteRuleContent(self, slave_instance_list):
"""Generate rewrite rules list from slaves list"""
rewrite_rule_list = []
for slave_instance in slave_instance_list:
self.logger.info("Processing slave instance %s..." %
slave_instance['slave_reference'])
# Check for mandatory fields
if slave_instance.get('host', None) is None:
self.logger.warn('No "host" parameter is defined for %s slave'\
'instance. Ignoring it.' % slave_instance['slave_reference'])
continue
if slave_instance.get('port', None) is None:
self.logger.warn('No "host" parameter is defined for %s slave'\
'instance. Ignoring it.' % slave_instance['slave_reference'])
continue
current_slave_dict = dict()
# Get host, and if IPv6 address, remove "[" and "]"
current_slave_dict['host'] = slave_instance['host'].\
replace('[', '').replace(']', '')
current_slave_dict['port'] = slave_instance['port']
# Check if target is https or http
current_slave_dict['https'] = slave_instance.get('https', 'true')
if current_slave_dict['https'] in GenericBaseRecipe.FALSE_VALUES:
current_slave_dict['https'] = 'false'
# Set reference and resource url
# Reference is raw reference from SlapOS Master, resource is
# URL-compatible name
reference = slave_instance.get('slave_reference')
current_slave_dict['reference'] = reference
current_slave_dict['resource'] = reference.replace('-', '')
rewrite_rule_list.append(current_slave_dict)
return rewrite_rule_list
def _getProxyTableContent(self, rewrite_rule_list):
"""Generate proxy table file content from rewrite rules list"""
proxy_table = dict()
for rewrite_rule in rewrite_rule_list:
proxy_table[rewrite_rule['resource']] = {
'port': rewrite_rule['port'],
'host': rewrite_rule['host'],
'https': rewrite_rule['https'],
}
proxy_table_content = json.dumps(proxy_table)
return proxy_table_content
def _install(self):
# Check for mandatory field
if self.options.get('domain', None) is None:
raise zc.buildout.UserError('No domain name specified. Please define '
'the "domain" instance parameter.')
# Generate rewrite rules
rewrite_rule_list = self._getRewriteRuleContent(
json.loads(self.options['slave-instance-list']))
# Create Map
map_content = self._getProxyTableContent(rewrite_rule_list)
map_file = self.createFile(self.options['map-path'], map_content)
# Create configuration
conf = open(self.getTemplateFilename('kvm-proxy.js'), 'r')
conf_file = self.createFile(self.options['conf-path'], conf.read())
conf.close()
# Do we create http dummy server used to redirect to https?
if self.options['http-redirection'] in GenericBaseRecipe.TRUE_VALUES:
http_redirect_server = '1'
else:
http_redirect_server = ''
config = dict(
ip=self.options['ip'],
port=self.options['port'],
key=self.options['ssl-key-path'],
certificate=self.options['ssl-cert-path'],
name=self.options['domain'],
shell_path=self.options['shell-path'],
node_path=self.options['node-binary'],
node_env=self.options['node-env'],
conf_path=conf_file,
map_path=map_file,
plain_http=http_redirect_server,
)
runner_path = self.createExecutable(
self.options['wrapper-path'],
self.substituteTemplate(self.getTemplateFilename('nodejs_run.in'),
config))
# Send connection parameters of slave instances
site_url = "https://%s:%s/" % (self.options['domain'], self.options['port'])
for slave in rewrite_rule_list:
self.setConnectionDict(
dict(url="%s%s" % (site_url, slave['resource']),
domainname=self.options['domain'],
port=self.options['port'],
resource=slave['resource']),
slave['reference'])
return [map_file, conf_file, runner_path]
/*****************************************************************************
*
* Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
*
* WARNING: This program as such is intended to be used by professional
* programmers who take the whole responsibility of assessing all potential
* consequences resulting from its eventual inadequacies and bugs
* End users who are looking for a ready-to-use solution with commercial
* guarantees and support are strongly adviced to contract a Free Software
* Service Company
*
* This program is Free Software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 3
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*****************************************************************************/
/* Wrapper used to configure the httpproxy node package to proxy
http://myhost/myinstance
to real IP/URL of myinstance
*/
var fs = require('fs'),
util = require('util'),
colors = require('colors'),
http = require('http'),
httpProxy = require('http-proxy'),
proxyByUrl = require('proxy-by-url');
var listenInterface = process.argv[2],
port = process.argv[3],
sslKeyFile = process.argv[4],
sslCertFile = process.argv[5],
proxyTable = process.argv[6],
redirect = process.argv[7] || false,
isRawIPv6;
if (process.argv.length < 7) {
console.error("Too few arguments. Exiting.");
process.exit(1);
}
isRawIPv6 = function checkipv6(str) {
// Inspired by http://forums.intermapper.com/viewtopic.php?t=452
return (/^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$/.test(str));
}(listenInterface);
/**
* Dummy middleware that throws 404 not found. Does not contain websocket
* middleware.
*/
var middlewareNotFound = function(req, res, proxy) {
res.statusCode = 404;
res.setHeader('Content-Type', 'text/plain');
res.end('This URL is not known. Please check your URL or contact your ' +
'SlapOS administrator.');
};
/**
* Create server
*/
var proxyServer = httpProxy.createServer(
// We declare our proxyByUrl middleware
proxyByUrl(proxyTable),
// Then we add your dummy middleware, called when proxyByUrl doesn't find url.
middlewareNotFound,
// And we set HTTPS options for server. HTTP will be forbidden.
{
https: {
key: fs.readFileSync(
sslKeyFile,
'utf8'
),
cert: fs.readFileSync(
sslCertFile,
'utf8'
)
},
source: {
host: listenInterface,
port: port
}}
);
console.log('HTTPS server starting and trying to listen on ' +
listenInterface + ':' + port);
// Release the beast.
proxyServer.listen(port, listenInterface);
// Dummy HTTP server redirecting to HTTPS. Only has sense if we can use port 80
if (redirect === '1') {
console.log('HTTP redirect server starting and trying to listen on ' +
listenInterface + ':' + httpPort);
try {
var httpPort = 80;
http.createServer(function(req, res) {
var url;
if (isRawIPv6 === true) {
url = 'https://[' + listenInterface + ']';
} else {
url = 'https://' + listenInterface;
}
// If non standard port : need to specify it
if (port !== 443) {
url = url + ':' + port;
}
// Add last part of URL
url = url + req.url;
console.log(url);
// Anwser "permanently redirected"
res.statusCode = 301;
res.setHeader('Location', url);
res.end();
}).listen(httpPort, listenInterface);
} catch (error) {
console.log('Couldn\'t start plain HTTP redirection server : ' + error)
}
}
#!/bin/sh
#!%(shell_path)s
# BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically
exec %(python_path)s %(slapmonitor_path)s %(pid_file_path)s %(database_path)s
export NODE_PATH=%(node_env)s
exec %(node_path)s %(conf_path)s %(ip)s %(port)s %(key)s %(certificate)s %(map_path)s %(plain_http)s
......@@ -33,6 +33,8 @@ import sys
import zc.recipe.egg
import urlparse
# Warning : this recipe is deprecated and has been replaced by apachephp.
class BaseRecipe(BaseSlapRecipe):
def getTemplateFilename(self, template_name):
return pkg_resources.resource_filename(__name__,
......
......@@ -3,7 +3,6 @@
# Basic server configuration
PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
Listen %(ip)s:%(port)s
PHPINIDir %(php_ini_dir)s
ServerAdmin someone@email
......@@ -39,6 +38,9 @@ DocumentRoot %(document_root)s
DirectoryIndex index.html index.php
# List of modules
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so
......
......@@ -21,7 +21,7 @@ long_query_time = 5
max_allowed_packet = 128M
query_cache_size = 32M
plugin-load = ha_groonga.so;ha_sphinx.so
plugin-load = ha_mroonga.so;ha_sphinx.so
# The following are important to configure and depend a lot on to the size of
# your database and the available resources.
......
......@@ -38,6 +38,7 @@ import zc.buildout
class GenericBaseRecipe(object):
TRUE_VALUES = ['y', 'yes', '1', 'true']
FALSE_VALUES = ['n', 'no', '0', 'false']
def __init__(self, buildout, name, options):
"""Recipe initialisation"""
......
......@@ -31,23 +31,14 @@ from slapos.recipe.librecipe import GenericBaseRecipe
class Recipe(GenericBaseRecipe):
def install(self):
logrotate_backup = self.options['backup']
logrotate_d = self.options['logrotate-entries']
logrotate_conf_file = self.options['conf']
logrotate_conf = [
'daily',
'dateext',
'rotate 3650',
'compress',
'compresscmd %s' % self.options['gzip-binary'],
'compressoptions -9',
'uncompresscmd %s' % self.options['gunzip-binary'],
'notifempty',
'sharedscripts',
'create',
'include %s' % logrotate_d,
'olddir %s' % logrotate_backup,
]
logrotate_conf_file = self.createFile(logrotate_conf_file,
......@@ -69,7 +60,16 @@ class Part(GenericBaseRecipe):
logrotate_d = self.options['logrotate-entries']
conf = []
conf = [
'daily',
'dateext',
'rotate 3650',
'compress',
'notifempty',
'sharedscripts',
'create',
'olddir %s' % self.options['backup'],
]
if 'post' in self.options:
conf.append("postrotate\n%s\nendscript" % self.options['post'])
......
......@@ -33,21 +33,12 @@ class Recipe(GenericBaseRecipe):
def _options(self, options):
self.directory = options.copy()
del self.directory['recipe']
str_mode = '0700'
if 'mode' in self.directory:
str_mode = self.directory['mode']
del self.directory['mode']
self.mode = int(str_mode, 8)
self.mode = int(self.directory.pop('mode', '700'), 8)
def install(self):
for directory in sorted(self.directory.values()):
path = directory
for path in sorted(self.directory.values()):
if not os.path.exists(path):
os.makedirs(path, self.mode)
elif not os.path.isdir(path):
raise OSError("%s path exits, but it's not a directory.")
return []
......@@ -19,7 +19,7 @@ long_query_time = 5
max_allowed_packet = 128M
query_cache_size = 32M
plugin-load = ha_groonga.so;ha_sphinx.so
plugin-load = ha_mroonga.so;ha_sphinx.so
# The following are important to configure and depend a lot on to the size of
# your database and the available resources.
......
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
# Copyright (c) 2011 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
......@@ -24,59 +24,29 @@
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import os
from slapos.recipe.librecipe import GenericBaseRecipe
import binascii
from slapos.recipe.librecipe import BaseSlapRecipe
import pkg_resources
class Recipe(BaseSlapRecipe):
def _install(self):
# Image path
cdrom_iso = os.path.join(self.data_root_directory, 'cdrom.iso')
#Get the IP list
ip = self.getGlobalIPv6Address()
http_port = 9999
nbd_port = 1024
# Instanciate onetimeupload
onetimeupload_config = {}
onetimeupload_config.update(self.options)
onetimeupload_config['port'] = http_port
onetimeupload_config['ip'] = ip
onetimeupload_config['image'] = cdrom_iso
onetimeupload_config['key'] = binascii.hexlify(os.urandom(24))
onetimeupload_config['log_path'] = os.path.join(self.log_directory,
'onetimeupload.log')
wrapper_template_location = pkg_resources.resource_filename(
__name__, os.path.join(
'template', 'onetimeupload_run.in'))
onetimeupload_runner_path = self.createRunningWrapper("onetimeupload",
self.substituteTemplate(wrapper_template_location,
onetimeupload_config))
# Instanciate qemu
qemu_config = {}
qemu_config.update(self.options)
qemu_config['ip'] = ip
qemu_config['port'] = nbd_port
qemu_config['image'] = cdrom_iso
wrapper_template_location = pkg_resources.resource_filename(
__name__, os.path.join(
'template', 'nbdserver_run.in'))
nbdserver_runner_path = self.createRunningWrapper("nbdserver",
self.substituteTemplate(wrapper_template_location, qemu_config))
# Publish connection dict
self.computer_partition.setConnectionDict(dict(
upload_connection_string="https://[%s]:%s/" % (ip, http_port),
upload_key=onetimeupload_config['key'],
nbd_connection_string="nbd:[%s]:%s" % (ip, nbd_port),
))
return [onetimeupload_runner_path, nbdserver_runner_path]
import os
import sys
class Recipe(GenericBaseRecipe):
"""
nbd instance configuration.
"""
def install(self):
config = dict(
ip=self.options['ip'],
port=self.options['port'],
image_path=self.options['image-path'],
qemu_path=self.options['qemu-path'],
shell_path=self.options['shell-path'],
)
# Runners
runner_path = self.createExecutable(
self.options['path'],
self.substituteTemplate(self.getTemplateFilename('nbdserver_run.in'),
config))
return [runner_path]
#!/bin/sh
#!%(shell_path)s
# BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically
# 32767 is the maximum number of connections allowed by the nbd server
exec %(qemu_path)s -b %(ip)s %(image)s -r -t -p %(port)s -e 32767
exec %(qemu_path)s -b %(ip)s %(image_path)s -r -t -p %(port)s -e 32767
##############################################################################
#
# Copyright (c) 2011 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe
import binascii
import os
import sys
class Recipe(GenericBaseRecipe):
"""
novnc instance configuration.
"""
def install(self):
runner_path = self.createPythonScript(
self.options['path'],
'slapos.recipe.librecipe.execute.execute_wait',
[[
self.options['websockify-path'],
'--web',
self.options['novnc-location'],
'--key=%s' % self.options['ssl-key-path'],
'--cert=%s' % self.options['ssl-cert-path'],
'--ssl-only',
'%s:%s' % (self.options['ip'], self.options['port']),
'%s:%s' % (self.options['vnc-ip'], self.options['vnc-port']),
],
[self.options['ssl-key-path'], self.options['ssl-cert-path']]],
)
return [runner_path]
......@@ -3,7 +3,6 @@
# Basic server configuration
PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
Listen %(ip)s:%(port)s
PHPINIDir %(php_ini_dir)s
ServerAdmin someone@email
......@@ -42,6 +41,9 @@ DocumentRoot %(document_root)s
DirectoryIndex index.html index.php
# List of modules
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so
......
......@@ -54,7 +54,7 @@ class Recipe(object):
self.return_parameters = [str(parameter).strip()
for parameter in options['return'].split()]
else:
self.logger.warning("No parameter to return to main instance."
self.logger.debug("No parameter to return to main instance."
"Be careful about that...")
software_type = 'RootInstanceSoftware'
......@@ -72,14 +72,15 @@ class Recipe(object):
partition_parameter_kw[config_parameter] = \
options['config-%s' % config_parameter]
instance = self.request(options['software-url'], software_type,
self.instance = self.request(options['software-url'], software_type,
options.get('name', name), partition_parameter_kw=partition_parameter_kw,
filter_kw=filter_kw, shared=self.isSlave)
self.failed = None
for param in self.return_parameters:
try:
options['connection-%s' % param] = str(instance.getConnectionParameter(param))
options['connection-%s' % param] = str(
self.instance.getConnectionParameter(param))
except slapmodule.NotFoundError:
options['connection-%s' % param] = ''
if self.failed is None:
......@@ -87,7 +88,16 @@ class Recipe(object):
def install(self):
if self.failed is not None:
raise KeyError("Connection parameter %r not found." % self.failed)
# Check instance status to know if instance has been deployed
try:
status = self.instance.getState()
except slapmodule.NotFoundError:
status = "not ready yet, please try again"
# XXX-Cedric : currently raise an error. So swallow it...
except AttributeError:
status = "unknown"
raise KeyError("Connection parameter %s not found. "
"Status of requested instance is : %s." % (self.failed, status))
return []
update = install
......@@ -40,6 +40,7 @@ class Recipe(BaseSlapRecipe):
ipv6 = self.getGlobalIPv6Address()
proxy_port = '50000'
runner_port = '50000'
cloud9_port = '30000'
workdir = self.createDataDirectory('runner')
software_root = os.path.join(workdir, 'software')
instance_root = os.path.join(workdir, 'instance')
......@@ -48,7 +49,7 @@ class Recipe(BaseSlapRecipe):
instance_root=instance_root,
master_url='http://%s:%s/' % (ipv4, proxy_port),
computer_id='slaprunner',
partition_amount=2,
partition_amount=7,
slapgrid_sr=self.options['slapgrid_sr'],
slapgrid_cp=self.options['slapgrid_cp'],
slapproxy=self.options['slapproxy'],
......@@ -64,22 +65,33 @@ class Recipe(BaseSlapRecipe):
proxy_port=proxy_port,
proxy_database=os.path.join(workdir, 'proxy.db'),
git=self.options['git'],
cloud9_url='http://[%s]:%s' % (ipv6, cloud9_port),
ssh_client=self.options['ssh_client'],
public_key=self.options['public_key'],
private_key=self.options['private_key']
private_key=self.options['private_key'],
)
config_file = self.createConfigurationFile('slapos.cfg',
self.substituteTemplate(pkg_resources.resource_filename(__name__,
'template/slapos.cfg.in'), configuration))
self.path_list.append(config_file)
environment = dict(
PATH=os.path.dirname(self.options['git']) + ':' + os.environ['PATH'],
GIT_SSH=self.options['ssh_client']
)
workdir = os.path.join(workdir, 'project')
if not os.path.exists(workdir):
os.mkdir(workdir)
launch_args = [self.options['slaprunner'].strip(), config_file, '--debug']
cloud9_args = [self.options['node-bin'].strip(), self.options['cloud9'].strip(),
'-l', ipv6, '-p', cloud9_port, '-w', workdir]
self.path_list.extend(zc.buildout.easy_install.scripts([('slaprunner',
'slapos.recipe.librecipe.execute', 'executee')], self.ws, sys.executable,
self.wrapper_directory, arguments=[launch_args, environment]))
self.setConnectionDict(dict(url='http://[%s]:%s' % (ipv6, runner_port)))
self.path_list.extend(zc.buildout.easy_install.scripts([('cloud9IDE',
'slapos.recipe.librecipe.execute', 'executee')], self.ws, sys.executable,
self.wrapper_directory, arguments=[cloud9_args, environment]))
self.setConnectionDict(dict(slaprunner_url='http://[%s]:%s' % (ipv6, runner_port),
cloud9_url='http://[%s]:%s' % (ipv6, cloud9_port)))
return self.path_list
......@@ -31,3 +31,6 @@ private_key = %(private_key)s
[gitclient]
git = %(git)s
[cloud9_IDE]
cloud9 = %(cloud9_url)s
\ No newline at end of file
......@@ -64,6 +64,15 @@ class Recipe:
# XXX: Lack checking for globality of address
return self._getIpAddress(netaddr.valid_ipv6)
def getNetworkInterface(self):
"""Returns the network interface available on partition"""
if not 'ip_list' in self.parameter_dict:
raise AttributeError
for name, ip in self.parameter_dict['ip_list']:
if name:
return name
raise AttributeError, "Not network interface found"
def install(self):
slap = slapos.slap.slap()
slap_connection = self.buildout['slap_connection']
......@@ -111,6 +120,8 @@ class Recipe:
self.getLocalIPv4Address())
buildout.set('slap-network-information', 'global-ipv6',
self.getGlobalIPv6Address())
buildout.set('slap-network-information', 'network-interface',
self.getNetworkInterface())
# Copy/paste slap_connection
buildout.add_section('slap-connection')
......
......@@ -54,3 +54,5 @@ class Recipe:
path_list.append(link)
return path_list
update = install
##############################################################################
#
# Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import os
import re
from slapos.recipe.librecipe import GenericSlapRecipe
class Recipe(GenericSlapRecipe):
"""
Create web checker configuration.
"""
def _install(self):
path_list = []
web_checker_mail_address = self.parameter_dict['web-checker-mail-address']
web_checker_smtp_host = self.parameter_dict['web-checker-smtp-host']
web_checker_working_directory = \
self.options['web-checker-working-directory']
config = dict(
web_checker_mail_address = web_checker_mail_address,
web_checker_smtp_host = web_checker_smtp_host,
web_checker_working_directory = web_checker_working_directory,
frontend_url = self.options['frontend-url'],
wget_binary_path = self.options['wget-binary-path'],
varnishlog_binary_path = self.options['varnishlog-binary-path'],
web_checker_log = self.options['web-checker-log'],
)
path_list.append(self.createFile(self.options['web-checker-config'],
self.substituteTemplate(self.getTemplateFilename('web_checker.cfg.in'),
config)))
return path_list
[web_checker]
url = %(frontend_url)s
working_directory = %(web_checker_working_directory)s
varnishlog_binary_path = %(varnishlog_binary_path)s
wget_binary_path = %(wget_binary_path)s
email_address = %(web_checker_mail_address)s
smtp_host = %(web_checker_smtp_host)s
debug_level = debug
file_log_path = %(web_checker_log)s
[header_list]
Last-Modified = True
Expires = True
Vary = Accept-Language, Cookie, Accept-Encoding
Accept-Language, Cookie
Accept-Language,Cookie,Accept-Encoding
Accept-Language,Cookie
Accept-Encoding
Cache-Control = max-age=300
max-age=3600
[header url=(.*_form)]
Vary = Accept-Encoding
[header url=.*/favicon.ico]
Last-Modified = True
[no_header content-type=(image/.*|text/css|.*/javascript)]
Vary = None
[erp5_extension_list]
prohibited_folder_name_list = web_page_module
document_module
prohibited_file_name_list = WebSection_viewAsWeb
Base_viewHistory
list
......@@ -21,7 +21,7 @@ long_query_time = 5
max_allowed_packet = 128M
query_cache_size = 32M
plugin-load = ha_groonga.so;ha_sphinx.so
plugin-load = ha_mroonga.so;ha_sphinx.so
# The following are important to configure and depend a lot on to the size of
# your database and the available resources.
......
......@@ -23,4 +23,4 @@ link_binary_list =
${pdftk:location}/bin/pdftk
environment =
LD_LIBRARY_PATH = ${file:location}/lib:${fontconfig:location}/lib:${freetype:location}/lib:${libICE:location}/lib:${libSM:location}/lib:${libX11:location}/lib:${libXau:location}/lib:${libXdmcp:location}/lib:${libXext:location}/lib:${libXinerama:location}/lib:${libxcb:location}/lib:${zlib:location}/lib
LD_LIBRARY_PATH = ${file:location}/lib:${fontconfig:location}/lib:${freetype:location}/lib:${libICE:location}/lib:${libpng12:location}/lib:${libSM:location}/lib:${libX11:location}/lib:${libXau:location}/lib:${libXdmcp:location}/lib:${libXext:location}/lib:${libxcb:location}/lib:${libXrender:location}/lib:${zlib:location}/lib
......@@ -33,6 +33,6 @@ module = cloudooo
# Default template for erp5 instance.
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg
md5sum = 2a38a928deb5870e02a8271b34341f5b
md5sum = 49da453a38dc5462c170747a029037b7
output = ${buildout:directory}/template.cfg
mode = 0644
......@@ -27,7 +27,7 @@ wrapper = $${basedirectory:services}/cloudooo
data-directory = $${directory:cloudooo-data}
environment =
LD_LIBRARY_PATH = ${file:location}/lib:${fontconfig:location}/lib:${freetype:location}/lib:${libICE:location}/lib:${libSM:location}/lib:${libX11:location}/lib:${libXau:location}/lib:${libXdmcp:location}/lib:${libXext:location}/lib:${libXinerama:location}/lib:${libxcb:location}/lib:${zlib:location}/lib
LD_LIBRARY_PATH = ${file:location}/lib:${fontconfig:location}/lib:${freetype:location}/lib:${libICE:location}/lib:${libpng12:location}/lib:${libSM:location}/lib:${libX11:location}/lib:${libXau:location}/lib:${libXdmcp:location}/lib:${libXext:location}/lib:${libxcb:location}/lib:${libXrender:location}/lib:${zlib:location}/lib
FONTCONFIG_FILE = $${fontconfig-instance:conf-path}
# Binary information
......
......@@ -54,11 +54,11 @@ ca-crl = $${test-cadirectory:crl}
[test-cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:test-ca-dir}/requests/
private = $${directory:test-ca-dir}/private/
certs = $${directory:test-ca-dir}/certs/
newcerts = $${directory:test-ca-dir}/newcerts/
crl = $${directory:test-ca-dir}/crl/
requests = $${directory:test-ca-dir}/requests
private = $${directory:test-ca-dir}/private
certs = $${directory:test-ca-dir}/certs
newcerts = $${directory:test-ca-dir}/newcerts
crl = $${directory:test-ca-dir}/crl
[erp5-update]
recipe = slapos.cookbook:erp5.update
......@@ -117,13 +117,13 @@ software-type = kumofs
# rest of parts are candidates for some generic stuff
[basedirectory]
recipe = slapos.cookbook:mkdirectory
services = $${rootdirectory:etc}/run/
services = $${rootdirectory:etc}/run
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc/
etc = $${buildout:directory}/etc
[directory]
test-ca-dir = $${rootdirectory:srv}/test-ca/
test-instance-path = $${rootdirectory:srv}/test-instance/
unit-test-path = $${:test-instance-path}/unit_test/
test-ca-dir = $${rootdirectory:srv}/test-ca
test-instance-path = $${rootdirectory:srv}/test-instance
unit-test-path = $${:test-instance-path}/unit_test
......@@ -34,6 +34,7 @@ partition-id = $${slap-connection:partition-id}
name = Sphinx Search Engine
software-type = sphinx
sla-computer_guid = $${slap-parameter:sphinx-computer-guid}
return = url-sphinx url-sphinx-sql
[request-mariadb]
<=request-common
......@@ -65,15 +66,30 @@ sla-computer_guid = $${slap-parameter:kumofs-computer-guid}
<=request-common
name = TidStorage
return = url-login
config = json mysql-url memcached-url cloudooo-url kumofs-url
config = json mysql-url memcached-url cloudooo-url kumofs-url sphinx-url-sphinx sphinx-url-sphinx-sql smtp-url bt5 bt5-repository-url
config-json = $${slap-parameter:json}
config-mysql-url = $${request-mariadb:connection-url}
config-memcached-url = $${request-memcached:connection-url}
config-cloudooo-url = $${request-cloudooo:connection-url}
config-kumofs-url = $${request-kumofs:connection-url}
config-sphinx-url-sphinx = $${request-sphinx:connection-url-sphinx}
config-sphinx-url-sphinx-sql = $${request-sphinx:connection-url-sphinx-sql}
config-bt5 = $${slap-parameter:bt5}
config-bt5-repository-url = $${slap-parameter:bt5-repository-url}
config-smtp-url = $${slap-parameter:smtp-url}
software-type = tidstorage
sla-computer_guid = $${slap-parameter:tidstorage-computer-guid}
[request-varnish]
<=request-common
name = Varnish
config = tidstorage-url
config-tidstorage-url = $${request-tidstorage:connection-url-login}
config-web-checker-mail-address = $${slap-parameter:web-checker-mail-address}
config-web-checker-smtp-host = $${slap-parameter:web-checker-smtp-host}
software-type = varnish
sla-computer_guid = $${slap-parameter:varnish-computer-guid}
[slap-parameter]
# Default value if no computer_guid is specified for each type
sphinx-computer-guid = $${slap-connection:computer-id}
......@@ -82,6 +98,15 @@ cloudooo-computer-guid = $${slap-connection:computer-id}
memcached-computer-guid = $${slap-connection:computer-id}
kumofs-computer-guid = $${slap-connection:computer-id}
tidstorage-computer-guid = $${slap-connection:computer-id}
varnish-computer-guid = $${slap-connection:computer-id}
cloudooo-json =
bt5 = erp5_full_text_myisam_catalog
erp5_configurator_standard
erp5_configurator_maxma_demo
erp5_configurator_ung
erp5_configurator_run_my_doc
bt5-repository-url = ${local-bt5-repository:list}
smtp-url = smtp://localhost:25/
# rest of parts are candidates for some generic stuff
[basedirectory]
......
......@@ -42,6 +42,7 @@ kumo-server-log = $${basedirectory:log}/kumo-server.log
kumo-gateway-binary = ${kumo:location}/bin/kumo-gateway
kumo-manager-binary = ${kumo:location}/bin/kumo-manager
kumo-server-binary = ${kumo:location}/bin/kumo-server
shell-path = ${dash:location}/bin/dash
[logrotate-entry-kumofs]
<= logrotate
......@@ -77,7 +78,6 @@ recipe = slapos.cookbook:mkdirectory
cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps
cronoutput = $${basedirectory:log}/cron
logrotate-backup = $${basedirectory:backup}/logrotate
logrotate-entries = $${rootdirectory:etc}/logrotate.d
kumofs-data = $${rootdirectory:srv}/kumofs
......@@ -95,13 +95,13 @@ dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps}
catcher = $${cron-simplelogger:binary}
catcher = $${cron-simplelogger:wrapper}
binary = $${basedirectory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
binary = $${rootdirectory:bin}/cron_simplelogger
output = $${directory:cronoutput}
wrapper = $${rootdirectory:bin}/cron_simplelogger
log = $${basedirectory:log}/cron.log
[cron-entry-logrotate]
<= cron
......
......@@ -115,13 +115,13 @@ dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps}
catcher = $${cron-simplelogger:binary}
catcher = $${cron-simplelogger:wrapper}
binary = $${basedirectory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
binary = $${rootdirectory:bin}/cron_simplelogger
output = $${directory:cronoutput}
wrapper = $${rootdirectory:bin}/cron_simplelogger
log = $${basedirectory:log}/cron.log
[cron-entry-logrotate]
<= cron
......@@ -164,7 +164,6 @@ recipe = slapos.cookbook:mkdirectory
cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps
cronoutput = $${basedirectory:log}/cron
ca-dir = $${rootdirectory:srv}/ssl
mariadb-backup-full = $${basedirectory:backup}/mariadb-full
mariadb-backup-incremental = $${basedirectory:backup}/mariadb-incremental
......
......@@ -27,6 +27,7 @@ services = $${rootdirectory:etc}/run
recipe = slapos.cookbook:generic.memcached
wrapper_path = $${basedirectory:services}/memcached
binary_path = ${memcached:location}/bin/memcached
shell-path = ${dash:location}/bin/dash
ip = $${slap-network-information:local-ipv4}
port = 11000
......
[buildout]
parts =
publish-varnish-connection-information
varnish-instance
web-checker
cron
cron-entry-logrotate
cron-entry-web-checker
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[publish-varnish-connection-information]
recipe = slapos.cookbook:publishurl
url = http://$${varnish-instance:ip}:$${varnish-instance:server-port}/
[varnish-instance]
recipe = slapos.cookbook:generic.varnish
# Network options
ip = $${slap-network-information:local-ipv4}
server-port = 6001
manager-port = 6002
# Paths: Running wrappers
varnishd-wrapper = $${basedirectory:services}/varnishd
varnishlog-wrapper = $${rootdirectory:bin}/varnishlog
# Binary information
varnishd-binary = ${varnish:location}/sbin/varnishd
varnishlog-binary = ${varnish:location}/bin/varnishlog
shell-path = ${dash:location}/bin/dash
# Configuration by VCL
vcl-file = $${rootdirectory:etc}/default.vcl
pid-file = $${basedirectory:run}/varnishd.pid
varnish-data = $${directory:varnish-data}
# this will pass at -n option
varnish-instance-name = $${directory:varnish-instance}
web-checker = ${buildout:bin-directory}/web_checker_utility
[cron-entry-web-checker]
<= cron
recipe = slapos.cookbook:cron.d
name = web-checker
frequency = 0 0 * * *
command = $${varnish-instance:web-checker} $${web-checker:web-checker-config}
[web-checker]
recipe = slapos.cookbook:webchecker
web-checker-config = $${rootdirectory:etc}/web_checker.cfg
web-checker-working-directory = $${directory:web-checker}
# for now frontend-url is varnish, it will replace with the real front-end one.
frontend-url = $${varnish-instance:ip}:$${varnish-instance:server-port}
wget-binary-path = ${wget:location}/bin/wget
varnishlog-binary-path = $${varnish-instance:varnishlog-wrapper}
web-checker-log = $${basedirectory:log}/web-checker.log
[cron]
recipe = slapos.cookbook:cron
dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps}
binary = $${basedirectory:services}/crond
catcher = $${cron-simplelogger:wrapper}
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = $${rootdirectory:bin}/cron_simplelogger
log = $${basedirectory:log}/cron.log
[cron-entry-logrotate]
<= cron
recipe = slapos.cookbook:cron.d
name = logrotate
frequency = 0 0 * * *
command = $${logrotate:wrapper}
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
gzip-binary = ${gzip:location}/bin/gzip
gunzip-binary = ${gzip:location}/bin/gunzip
# Directories
wrapper = $${rootdirectory:bin}/logrotate
conf = $${rootdirectory:etc}/logrotate.conf
logrotate-entries = $${directory:logrotate-entries}
backup = $${directory:logrotate-backup}
state-file = $${rootdirectory:srv}/logrotate.status
[basedirectory]
recipe = slapos.cookbook:mkdirectory
services = $${rootdirectory:etc}/run
run = $${rootdirectory:var}/run
backup = $${rootdirectory:srv}/backup
log = $${rootdirectory:var}/log
backup = $${rootdirectory:srv}/backup
[directory]
recipe = slapos.cookbook:mkdirectory
varnish-data = $${rootdirectory:srv}/varnish
varnish-instance = $${directory:varnish-data}/instance
cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps
logrotate-backup = $${basedirectory:backup}/logrotate
logrotate-entries = $${rootdirectory:etc}/logrotate.d
web-checker = $${rootdirectory:srv}/web-checker
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
var = $${buildout:directory}/var
srv = $${buildout:directory}/srv
bin = $${buildout:directory}/bin
......@@ -18,8 +18,8 @@ develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[slap-parameter]
# By default backend disallows the access
access-control-string = none
# By default, if no white list is specified, backend allows access to everyone
access-control-string = all
[publish-apache-zope-backend-connection-string]
recipe = slapos.cookbook:publish
......@@ -38,9 +38,11 @@ configuration-file = $${directory:apache-conf}/apache.conf
access-control-string = $${slap-parameter:access-control-string}
pid-file = $${basedirectory:run}/apache.pid
lock-file = $${basedirectory:run}/apache.lock
ssl-session-cache = $${basedirectory:log}/apache-ssl-session-cache
error-log = $${basedirectory:log}/apache-error.log
access-log = $${basedirectory:log}/apache-access.log
apache-binary = ${apache:location}/bin/httpd
scheme = https
[ca-apache-zope-backend]
<= certificate-authority
......@@ -132,13 +134,13 @@ dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps}
catcher = $${cron-simplelogger:binary}
catcher = $${cron-simplelogger:wrapper}
binary = $${basedirectory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
binary = $${rootdirectory:bin}/cron_simplelogger
output = $${directory:cronoutput}
wrapper = $${rootdirectory:bin}/cron_simplelogger
log = $${basedirectory:log}/cron.log
[cron-entry-logrotate]
<= cron
......@@ -226,11 +228,11 @@ ca-crl = $${erp5-cadirectory:crl}
[erp5-cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:erp5-ca-dir}/requests/
private = $${directory:erp5-ca-dir}/private/
certs = $${directory:erp5-ca-dir}/certs/
newcerts = $${directory:erp5-ca-dir}/newcerts/
crl = $${directory:erp5-ca-dir}/crl/
requests = $${directory:erp5-ca-dir}/requests
private = $${directory:erp5-ca-dir}/private
certs = $${directory:erp5-ca-dir}/certs
newcerts = $${directory:erp5-ca-dir}/newcerts
crl = $${directory:erp5-ca-dir}/crl
[directory]
recipe = slapos.cookbook:mkdirectory
......@@ -248,11 +250,10 @@ instance-constraint = $${:instance}/Constraint
instance-import = $${:instance}/import
instance-lib = $${:instance}/lib
instance-tests = $${:instance}/tests
erp5-ca-dir = $${rootdirectory:srv}/erp5-ca/
erp5-ca-dir = $${rootdirectory:srv}/erp5-ca
ca-dir = $${rootdirectory:srv}/ssl
cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps
cronoutput = $${basedirectory:log}/cron
logrotate-backup = $${basedirectory:backup}/logrotate
logrotate-entries = $${rootdirectory:etc}/logrotate.d
......@@ -33,6 +33,7 @@ zope = ${template-zope:output}
mariadb = ${template-mariadb:output}
sphinx = ${template-sphinx:output}
tidstorage = $${dynamic-template-tidstorage:output}
varnish = ${template-varnish:output}
[slap-connection]
# part to migrate to new - separated words
......
[apache-%(backend_name)s]
[apache-public-%(backend_name)s]
recipe = slapos.cookbook:apache.zope.backend
backend = http://$${haproxy-%(backend_name)s:ip}:$${haproxy-%(backend_name)s:port}/
ip = $${slap-network-information:global-ipv6}
port = %(apache_public_port)s
scheme = http
wrapper = $${basedirectory:services}/apache-public-%(backend_name)s
configuration-file = $${directory:apache-conf}/apache-public-%(backend_name)s.conf
access-control-string = %(access_control_string)s
pid-file = $${basedirectory:run}/apache-public-%(backend_name)s.pid
lock-file = $${basedirectory:run}/apache-public-%(backend_name)s.lock
error-log = $${basedirectory:log}/apache-public-%(backend_name)s-error.log
access-log = $${basedirectory:log}/apache-public-%(backend_name)s-access.log
apache-binary = ${apache:location}/bin/httpd
[apache-%(backend_name)s]
recipe = slapos.cookbook:apache.zope.backend
backend = http://$${haproxy-%(backend_name)s:ip}:$${haproxy-%(backend_name)s:port}
ip = $${slap-network-information:global-ipv6}
port = %(apache_port)s
wrapper = $${rootdirectory:bin}/apache-%(backend_name)s
scheme = https
key-file = $${directory:apache-conf}/apache-%(backend_name)s.key
cert-file = $${directory:apache-conf}/apache-%(backend_name)s.crt
configuration-file = $${directory:apache-conf}/apache-%(backend_name)s.conf
access-control-string = %(access_control_string)s
pid-file = $${basedirectory:run}/apache-%(backend_name)s.pid
lock-file = $${basedirectory:run}/apache-%(backend_name)s.lock
ssl-session-cache = $${basedirectory:log}/apache-ssl-session-cache
error-log = $${basedirectory:log}/apache-%(backend_name)s-error.log
access-log = $${basedirectory:log}/apache-%(backend_name)s-access.log
apache-binary = ${apache:location}/bin/httpd
ssl-authentication = %(ssl_authentication)s
backend-path = %(backend_path)s
# Note: Without erp5-certificate-authority main certificate have to be hardcoded
ssl-authentication-certificate = $${erp5-certificate-authority:ca-dir}/cacert.pem
ssl-authentication-crl = $${erp5-certificate-authority:ca-crl}
[ca-apache-%(backend_name)s]
<= certificate-authority
......@@ -22,6 +44,13 @@ cert-file = $${apache-%(backend_name)s:cert-file}
executable = $${apache-%(backend_name)s:wrapper}
wrapper = $${basedirectory:services}/apache-%(backend_name)s
[logrotate-entry-apache-public-%(backend_name)s]
<= logrotate
recipe = slapos.cookbook:logrotate.d
name = apache-public-%(backend_name)s
log = $${apache-public-%(backend_name)s:error-log} $${apache-public-%(backend_name)s:access-log}
post = ${buildout:bin-directory}/killpidfromfile $${apache-public-%(backend_name)s:pid-file} SIGUSR1
[logrotate-entry-apache-%(backend_name)s]
<= logrotate
recipe = slapos.cookbook:logrotate.d
......
#############################
#
# Instanciate zeo
#
# zeo-id -- local id of the requested zeo (1,2,3,...)
#
# zeo-port -- ip port to use to run the process
#
# storage_list -- string with list of all resquested storage
# Example: event_module person_module
#
#############################
[buildout]
parts =
logrotate
......@@ -21,7 +9,8 @@ parts =
cron-entry-tidstorage-backup
logrotate-entry-tidstorage
binary-link
erp5-update
erp5-promise
erp5-bootstrap
%(part_list)s
eggs-directory = ${buildout:eggs-directory}
......@@ -59,28 +48,19 @@ name = tidstorage
log = $${tidstorage:logfile-name}
post = ${buildout:bin-directory}/killpidfromfile $${tidstorage:pidfile-name} SIGHUP
[directory]
recipe = slapos.cookbook:mkdirectory
cron-entries = $${rootdirectory:etc}/cron.d/
crontabs = $${rootdirectory:etc}/crontabs/
cronstamps = $${rootdirectory:etc}/cronstamps/
cronoutput = $${basedirectory:log}/cron/
logrotate-backup = $${basedirectory:backup}/logrotate/
logrotate-entries = $${rootdirectory:etc}/logrotate.d/
[cron]
recipe = slapos.cookbook:cron
dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps}
catcher = $${cron-simplelogger:binary}
catcher = $${cron-simplelogger:wrapper}
binary = $${basedirectory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
binary = $${rootdirectory:bin}/cron_simplelogger
output = $${directory:cronoutput}
wrapper = $${rootdirectory:bin}/cron_simplelogger
log = $${basedirectory:log}/cron.log
[cron-entry-logrotate]
<= cron
......@@ -89,8 +69,6 @@ name = logrotate
frequency = 0 0 * * *
command = $${logrotate:wrapper}
# rest of parts are candidates for some generic stuff
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
......@@ -119,14 +97,19 @@ ca-private = $${erp5-cadirectory:private}
ca-certs = $${erp5-cadirectory:certs}
ca-newcerts = $${erp5-cadirectory:newcerts}
ca-crl = $${erp5-cadirectory:crl}
country-code = %(erp5_ca_country_code)s
email = %(erp5_ca_email)s
state = %(erp5_ca_state)s
city = %(erp5_ca_city)s
company = %(erp5_ca_company)s
[erp5-cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:erp5-ca-dir}/requests/
private = $${directory:erp5-ca-dir}/private/
certs = $${directory:erp5-ca-dir}/certs/
newcerts = $${directory:erp5-ca-dir}/newcerts/
crl = $${directory:erp5-ca-dir}/crl/
requests = $${directory:erp5-ca-dir}/requests
private = $${directory:erp5-ca-dir}/private
certs = $${directory:erp5-ca-dir}/certs
newcerts = $${directory:erp5-ca-dir}/newcerts
crl = $${directory:erp5-ca-dir}/crl
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
......@@ -141,33 +124,33 @@ ca-crl = $${cadirectory:crl}
[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:ca-dir}/requests/
private = $${directory:ca-dir}/private/
certs = $${directory:ca-dir}/certs/
newcerts = $${directory:ca-dir}/newcerts/
crl = $${directory:ca-dir}/crl/
requests = $${directory:ca-dir}/requests
private = $${directory:ca-dir}/private
certs = $${directory:ca-dir}/certs
newcerts = $${directory:ca-dir}/newcerts
crl = $${directory:ca-dir}/crl
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc/
var = $${buildout:directory}/var/
srv = $${buildout:directory}/srv/
bin = $${buildout:directory}/bin/
tmp = $${buildout:directory}/tmp/
etc = $${buildout:directory}/etc
var = $${buildout:directory}/var
srv = $${buildout:directory}/srv
bin = $${buildout:directory}/bin
tmp = $${buildout:directory}/tmp
[basedirectory]
recipe = slapos.cookbook:mkdirectory
log = $${rootdirectory:var}/log/
services = $${rootdirectory:etc}/run/
run = $${rootdirectory:var}/run/
backup = $${rootdirectory:srv}/backup/
log = $${rootdirectory:var}/log
services = $${rootdirectory:etc}/run
run = $${rootdirectory:var}/run
backup = $${rootdirectory:srv}/backup
[directory]
recipe = slapos.cookbook:mkdirectory
tidstorage = $${rootdirectory:srv}/tidstorage/
zodb = $${rootdirectory:srv}/zodb/
tidstorage = $${rootdirectory:srv}/tidstorage
zodb = $${rootdirectory:srv}/zodb
zodb-backup = $${basedirectory:backup}/zodb
instance = $${rootdirectory:srv}/erp5shared/
instance = $${rootdirectory:srv}/erp5shared
instance-etc = $${:instance}/etc
apache-conf = $${rootdirectory:etc}/apache
instance-etc-package-include = $${:instance}/etc/package-include
......@@ -180,14 +163,13 @@ instance-constraint = $${:instance}/Constraint
instance-import = $${:instance}/import
instance-lib = $${:instance}/lib
instance-tests = $${:instance}/tests
erp5-ca-dir = $${rootdirectory:srv}/erp5-ssl/
ca-dir = $${rootdirectory:srv}/ssl/
cron-entries = $${rootdirectory:etc}/cron.d/
crontabs = $${rootdirectory:etc}/crontabs/
cronstamps = $${rootdirectory:etc}/cronstamps/
cronoutput = $${basedirectory:log}/cron/
logrotate-backup = $${basedirectory:backup}/logrotate/
logrotate-entries = $${rootdirectory:etc}/logrotate.d/
erp5-ca-dir = $${rootdirectory:srv}/erp5-ssl
ca-dir = $${rootdirectory:srv}/ssl
cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps
logrotate-backup = $${basedirectory:backup}/logrotate
logrotate-entries = $${rootdirectory:etc}/logrotate.d
[binary-link]
recipe = slapos.cookbook:symbolic.link
......@@ -214,22 +196,19 @@ link-binary =
${poppler:location}/bin/pdftotext
${poppler:location}/bin/pdftohtml
[erp5-update]
recipe = slapos.cookbook:erp5.update
# Configuration
url = http://$${%(zope_section)s:user}:$${%(zope_section)s:password}@$${%(zope_section)s:ip}:$${%(zope_section)s:port}/
[erp5-bootstrap]
recipe = slapos.cookbook:erp5.bootstrap
runner-path = $${basedirectory:services}/erp5-bootstrap
mysql-url = %(mysql-url)s
zope-url = http://$${%(zope_section)s:user}:$${%(zope_section)s:password}@$${%(zope_section)s:ip}:$${%(zope_section)s:port}/%(site_id)s
[erp5-promise]
recipe = slapos.cookbook:erp5.promise
promise-path = $${rootdirectory:etc}/erp5promise.cfg
kumofs-url = %(kumofs-url)s
memcached-url = %(memcached-url)s
cloudooo-url = %(cloudooo-url)s
site-id = %(site_id)s
openssl-binary = ${openssl:location}/bin/openssl
cadir-path = $${erp5-certificate-authority:ca-dir}
# Paths
update-wrapper = $${basedirectory:services}/erp5-update
smtp-url = $${slap-parameter:smtp-url}
bt5 = $${slap-parameter:bt5}
bt5-repository-url = $${slap-parameter:bt5-repository-url}
# Defaults
configurator-bt5-list = erp5_full_text_myisam_catalog erp5_configurator_standard erp5_configurator_maxma_demo erp5_configurator_ung erp5_configurator_ung erp5_configurator_run_my_doc
bt5-repository-list = $${%(zope_section)s:bt5-repository-list}
......@@ -17,6 +17,8 @@ zeo-connection-string =
%(zeo_connection_string)s
timeserver = %(zope_timeserver)s
tidstorage-ip = $${tidstorage:ip}
tidstorage-port = $${tidstorage:port}
# long request
longrequest-logger-file = %(longrequest_logger_file)s
......@@ -44,6 +46,9 @@ runzope-binary = ${buildout:bin-directory}/runzope
# BT5 Configuration
bt5-repository-list =
promise-path = $${erp5-promise:promise-path}
site-id = %(site_id)s
[logrotate-entry-%(zope_id)s]
<= logrotate
recipe = slapos.cookbook:logrotate.d
......
......@@ -28,7 +28,7 @@ recipe = plone.recipe.command
stop-on-error = true
location = ${buildout:parts-directory}/${:_buildout_section_name_}
command = ${git:location}/bin/git clone --branch erp5 --quiet http://git.erp5.org/repos/slapos.git ${:location}
update-command = cd ${:location} && ${git:location}/bin/git pull --quiet
update-command = cd ${:location} && GIT_COMMITTER_EMAIL=nobody@example.com GIT_AUTHOR_NAME=Nobody GIT_AUTHOR_EMAIL=nobody@example.com ${git:location}/bin/git pull --quiet
[check-recipe]
recipe = plone.recipe.command
......@@ -41,11 +41,12 @@ recipe = zc.recipe.egg
eggs = slapos.cookbook
scripts =
python = python2.6
ugly-depend-on = ${slapos.cookbook-repository:command} ${slapos.cookbook-repository:update-command}
[template-mariadb]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-mariadb.cfg
md5sum = 3225a2ba7337505bdeb95867f5028891
md5sum = 6580f1d431f65281c7aa1358a51cc292
output = ${buildout:directory}/template-mariadb.cfg
mode = 0644
......@@ -59,14 +60,14 @@ mode = 0644
[template-zope]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-zope.cfg
md5sum = 769a7ba8e8c5865637e374376be8cbcd
md5sum = d3d221255f93a9ced82dcca9ca57f84e
output = ${buildout:directory}/template-zope.cfg
mode = 0644
[template-cloudooo]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-cloudooo.cfg
md5sum = 8ea2839e951f26af2bc74b9a8c0fa5c2
md5sum = e7698a0537785339e249bdc57f369e93
output = ${buildout:directory}/template-cloudooo.cfg
mode = 0644
......@@ -80,35 +81,35 @@ mode = 0644
[template-kumofs]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-kumofs.cfg
md5sum = c12d8dc1925d16a75247971086734aa8
md5sum = 9746823ccbbedf42b3e759c3e7150252
output = ${buildout:directory}/template-kumofs.cfg
mode = 0644
[template]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg
md5sum = 961d404f5726fce7c4d8b34d7e120077
md5sum = f3443d071d8d7330b3453583e096fef0
output = ${buildout:directory}/template.cfg
mode = 0644
[template-memcached]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-memcached.cfg
md5sum = 9a1462f3e34b99f384ae47b48a3a733c
md5sum = 7ed1d93dafa76adc025acb2f0e08c05f
output = ${buildout:directory}/template-memcached.cfg
mode = 0644
[template-erp5-development]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-erp5-development.cfg
md5sum = 9af9db6f1220ffe42e030c81f9072669
md5sum = 4bc5a2ec8c04b206dab8b98258a69efd
output = ${buildout:directory}/template-erp5-development.cfg
mode = 0644
[template-erp5-production]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-erp5-production.cfg
md5sum = 32f6537110bbc29e7cc5613695863096
md5sum = 54ad3c5e92af02d0db98d1085adf986d
output = ${buildout:directory}/template-erp5-production.cfg
mode = 0644
......@@ -122,24 +123,31 @@ mode = 0644
[template-snippet-master]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/snippet-master.cfg
md5sum = c9bea484c2827954b9f9f728ce0342fb
md5sum = 14ffe48453a74190bdd289169220739f
output = ${buildout:directory}/template-snippet-master.cfg
mode = 0644
[template-snippet-zope]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/snippet-zope.cfg
md5sum = 99fcce6aa6120787870522898650800d
md5sum = bcc68c31a16b35bee7111f9c6e02b781
output = ${buildout:directory}/template-snippet-zope.cfg
mode = 0644
[template-snippet-backend]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/snippet-backend.cfg
md5sum = e2b26547ba1435ec1b8e8cd1de89e2c6
md5sum = 3a1b359b57bf21a226bb96c0c18f1924
output = ${buildout:directory}/template-snippet-backend.cfg
mode = 0644
[template-varnish]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-varnish.cfg
md5sum = 70fb0ccadf0d6723ddb0fe55a1549ca5
output = ${buildout:directory}/template-varnish.cfg
mode = 0644
[validator]
# Default json schema for instance parameters.
recipe = slapos.recipe.template
......@@ -153,6 +161,9 @@ mode = 0644
# Romain Courteaud
# Sebastien Robin
# Kazuhiko Shiozaki
# Cedric de Saint Martin
# Yingjie Xu
# Gabriel Monnerat
signature-certificate-list =
-----BEGIN CERTIFICATE-----
MIIB4DCCAUkCADANBgkqhkiG9w0BAQsFADA5MQswCQYDVQQGEwJGUjEZMBcGA1UE
......@@ -193,3 +204,42 @@ signature-certificate-list =
KrDm39slYD/1KoE5kB4l/p6KVOdeJ4I6xcgu9rnkqqHzDwI4v7e8/D3WZbpiFUsY
vaZhjNYKWQf79l6zXfOvphzJ
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAO4V/jiMoICoMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMjMyMCAXDTEyMDIxNjExMTAyM1oYDzIxMTIwMTIzMTExMDIzWjAT
MREwDwYDVQQDDAhDT01QLTIzMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
wi/3Z8W9pUiegUXIk/AiFDQ0UJ4JFAwjqr+HSRUirlUsHHT+8DzH/hfcTDX1I5BB
D1ADk+ydXjMm3OZrQcXjn29OUfM5C+g+oqeMnYQImN0DDQIOcUyr7AJc4xhvuXQ1
P2pJ5NOd3tbd0kexETa1LVhR6EgBC25LyRBRae76qosCAwEAAaNQME4wHQYDVR0O
BBYEFMDmW9aFy1sKTfCpcRkYnP6zUd1cMB8GA1UdIwQYMBaAFMDmW9aFy1sKTfCp
cRkYnP6zUd1cMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAskbFizHr
b6d3iIyN+wffxz/V9epbKIZVEGJd/6LrTdLiUfJPec7FaxVCWNyKBlCpINBM7cEV
Gn9t8mdVQflNqOlAMkOlUv1ZugCt9rXYQOV7rrEYJBWirn43BOMn9Flp2nibblby
If1a2ZoqHRxoNo2yTmm7TSYRORWVS+vvfjY=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAIlBksrZVkK8MA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMzU3MCAXDTEyMDEyNjEwNTUyOFoYDzIxMTIwMTAyMTA1NTI4WjAT
MREwDwYDVQQDDAhDT01QLTM1NzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
ts+iGUwi44vtIfwXR8DCnLtHV4ydl0YTK2joJflj0/Ws7mz5BYkxIU4fea/6+VF3
i11nwBgYgxQyjNztgc9u9O71k1W5tU95yO7U7bFdYd5uxYA9/22fjObaTQoC4Nc9
mTu6r/VHyJ1yRsunBZXvnk/XaKp7gGE9vNEyJvPn2bkCAwEAAaNQME4wHQYDVR0O
BBYEFKuGIYu8+6aEkTVg62BRYaD11PILMB8GA1UdIwQYMBaAFKuGIYu8+6aEkTVg
62BRYaD11PILMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAMoTRpBxK
YLEZJbofF7gSrRIcrlUJYXfTfw1QUBOKkGFFDsiJpEg4y5pUk1s5Jq9K3SDzNq/W
it1oYjOhuGg3al8OOeKFrU6nvNTF1BAvJCl0tr3POai5yXyN5jlK/zPfypmQYxE+
TaqQSGBJPVXYt6lrq/PRD9ciZgKLOwEqK8w=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAPHoWu90gbsgMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
BAMMCXZpZmlibm9kZTAeFw0xMjAzMTkyMzIwNTVaFw0xMzAzMTkyMzIwNTVaMBQx
EjAQBgNVBAMMCXZpZmlibm9kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
ozBijpO8PS5RTeKTzA90vi9ezvv4vVjNaguqT4UwP9+O1+i6yq1Y2W5zZxw/Klbn
oudyNzie3/wqs9VfPmcyU9ajFzBv/Tobm3obmOqBN0GSYs5fyGw+O9G3//6ZEhf0
NinwdKmrRX+d0P5bHewadZWIvlmOupcnVJmkks852BECAwEAAaNQME4wHQYDVR0O
BBYEFF9EtgfZZs8L2ZxBJxSiY6eTsTEwMB8GA1UdIwQYMBaAFF9EtgfZZs8L2ZxB
JxSiY6eTsTEwMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAc43YTfc6
baSemaMAc/jz8LNLhRE5dLfLOcRSoHda8y0lOrfe4lHT6yP5l8uyWAzLW+g6s3DA
Yme/bhX0g51BmI6gjKJo5DoPtiXk/Y9lxwD3p7PWi+RhN+AZQ5rpo8UfwnnN059n
yDuimQfvJjBFMVrdn9iP6SfMjxKaGk6gVmI=
-----END CERTIFICATE-----
......@@ -36,11 +36,6 @@ parts =
zip
git
# Separate from site eggs
allowed-eggs-from-site-packages =
include-site-packages = false
exec-sitecustomize = false
# Use only quite well working sites.
allow-hosts =
*.nexedi.org
......@@ -159,7 +154,7 @@ zc.buildout = 1.6.0-dev-SlapOS-003
Jinja2 = 2.6
Werkzeug = 0.8.2
erp5.util = 0.3
erp5.util = 0.4.1
hexagonit.recipe.cmmi = 1.5.0
lxml = 2.3.2
meld3 = 0.6.7
......
kvm
===
Introduction
------------
This software release is used to deploy KVM instances, NBD instances and
Frontend instances of KVM.
Examples
--------
The following examples listhow to request different possible instances of KVM
Software Release from slap console or command line.
KVM instance (1GB of RAM, 10GB of SSD, one core)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Note that the KVM instance will request a frontend slave instance in order
to be accessible from IPv4.
KVM instance needs a NBD to fetch disk image at first boot. Working NBD IP/port
has to be specified.
::
myawesomekvm = request(
software_release=kvm,
partition_reference="myawesomekvm",
partition_parameter_kw={
"ndb_ip":"2a01:e35:2e27:460:e2cb:4eff:fed9:48dc",
"ndb_port": 1024
}
)
KVM+ instance (2GB of RAM, 20GB of SSD, two cores)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
::
myevenmoreawesomekvm = request(
software_release=kvm,
partition_reference="myevenmoreawesomekvm",
partition_parameter_kw={
"ndb_ip":"2a01:e35:2e27:460:e2cb:4eff:fed9:48dc",
"ndb_port": 1024
},
software_type="kvm+",
)
NBD instance
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This type of instance will allow to host a disk image that will be used by
any KVM instance.
::
mynbd = request(
software_release=kvm,
partition_reference="mynbd",
software_type="nbd",
)
KVM Frontend Master Instance (will host all frontend Slave Instances)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This type of instance will allow to host any frontend slave instance requested
by KVM instances. Slave instances (and thus KVM instance) will be accessible
at : https://mydomain.com/instancereference .
::
mykvmfrontend = request(
software_release=kvm,
partition_reference="mykvmfrontend",
partition_parameter_kw={
"domain":"mydomain.com"
},
software_type="frontend",
)
#############################
#
# Instanciate kvm frontend
#
#############################
[buildout]
parts =
logrotate
# logrotate-entry-frontend
cron
cron-entry-logrotate
ca-frontend
certificate-authority
frontend-promise
publish-kvm-frontend-connection-information
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
bin = $${buildout:directory}/bin
srv = $${buildout:directory}/srv
var = $${buildout:directory}/var
[basedirectory]
recipe = slapos.cookbook:mkdirectory
services = $${rootdirectory:etc}/run
promises = $${rootdirectory:etc}/promise
nodejs-conf = $${rootdirectory:etc}/nodejs
run = $${rootdirectory:var}/run
log = $${rootdirectory:var}/log
ca-dir = $${rootdirectory:srv}/ssl
backup = $${rootdirectory:srv}/backup
[directory]
recipe = slapos.cookbook:mkdirectory
cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps
ca-dir = $${rootdirectory:srv}/ssl
logrotate-backup = $${basedirectory:backup}/logrotate
logrotate-entries = $${rootdirectory:etc}/logrotate.d
[frontend-instance]
recipe = slapos.cookbook:kvm.frontend
domain = $${ca-frontend:name}
# port = $${slap-parameter:port}
ip = $${slap-network-information:global-ipv6}
port = $${slap-parameter:port}
http-redirection = $${slap-parameter:http-redirection}
ssl-key-path = $${ca-frontend:key-file}
ssl-cert-path = $${ca-frontend:cert-file}
slave-instance-list = $${slap-parameter:slave_instance_list}
map-path = $${basedirectory:nodejs-conf}/proxy_table.json
conf-path = $${basedirectory:nodejs-conf}/kvm-proxy.js
wrapper-path = $${rootdirectory:bin}/kvm_frontend
node-binary = ${nodejs:location}/bin/node
node-env = ${buildout:parts-directory}:${npm-modules:location}/node_modules
shell-path = ${dash:location}/bin/dash
[frontend-promise]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/frontend_promise
hostname = $${frontend-instance:ip}
port = $${frontend-instance:port}
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${basedirectory:ca-dir}
requests-directory = $${cadirectory:requests}
wrapper = $${basedirectory:services}/certificate_authority
ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts}
ca-crl = $${cadirectory:crl}
[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${basedirectory:ca-dir}/requests/
private = $${basedirectory:ca-dir}/private/
certs = $${basedirectory:ca-dir}/certs/
newcerts = $${basedirectory:ca-dir}/newcerts/
crl = $${basedirectory:ca-dir}/crl/
[ca-frontend]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = $${basedirectory:nodejs-conf}/nodejs.key
cert-file = $${basedirectory:nodejs-conf}/nodejs.crt
executable = $${frontend-instance:wrapper-path}
wrapper = $${basedirectory:services}/nodejs
# Put domain name
name = $${slap-parameter:domain}
[cron]
recipe = slapos.cookbook:cron
dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps}
catcher = $${cron-simplelogger:wrapper}
binary = $${basedirectory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = $${rootdirectory:bin}/cron_simplelogger
log = $${basedirectory:log}/cron.log
[cron-entry-logrotate]
<= cron
recipe = slapos.cookbook:cron.d
name = logrotate
frequency = 0 0 * * *
command = $${logrotate:wrapper}
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
gzip-binary = ${gzip:location}/bin/gzip
gunzip-binary = ${gzip:location}/bin/gunzip
# Directories
wrapper = $${rootdirectory:bin}/logrotate
conf = $${rootdirectory:etc}/logrotate.conf
logrotate-entries = $${directory:logrotate-entries}
backup = $${directory:logrotate-backup}
state-file = $${rootdirectory:srv}/logrotate.status
[publish-kvm-frontend-connection-information]
recipe = slapos.cookbook:publish
ip = $${frontend-instance:ip}
port = $${frontend-instance:port}
[slap-parameter]
# Default value if no port is specified
port = 4443
http-redirection = 0
# [logrotate-entry-frontend]
# <= logrotate
# recipe = slapos.cookbook:logrotate.d
# name = frontend
# log = $${mariadb-instance:error-log} $${mariadb-instance:slow-query-log}
# post = $${mariadb-instance:mysql-binary} --no-defaults -B --socket=$${mariadb-instance:socket} -e "FLUSH LOGS"
#############################
#
# Instanciate kvm
#
#############################
[buildout]
parts =
request-slave-frontend
certificate-authority
kvm-promise
novnc-promise
publish-kvm-connection-information
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
bin = $${buildout:directory}/bin
srv = $${buildout:directory}/srv
var = $${buildout:directory}/var
[basedirectory]
recipe = slapos.cookbook:mkdirectory
services = $${rootdirectory:etc}/run
promises = $${rootdirectory:etc}/promise
novnc-conf = $${rootdirectory:etc}/novnc
run = $${rootdirectory:var}/run
ca-dir = $${rootdirectory:srv}/ssl
[create-mac]
recipe = slapos.cookbook:generate.mac
[kvm-instance]
recipe = slapos.cookbook:kvm
vnc-ip = $${slap-network-information:local-ipv4}
vnc-port = 5901
nbd-ip = $${slap-parameter:nbd_ip}
nbd-port = $${slap-parameter:nbd_port}
tap = $${slap-network-information:network-interface}
disk-path = $${rootdirectory:srv}/virtual.qcow2
disk-size = 10
socket-path = $${rootdirectory:var}/qmp_socket
pid-path = $${basedirectory:run}/pid_file
smp-count = 1
ram-size = 1024
mac-address = $${create-mac:mac-address}
runner-path = $${basedirectory:services}/kvm
controller-path = $${basedirectory:services}/kvm_controller
shell-path = ${dash:location}/bin/dash
qemu-path = ${kvm:location}/bin/qemu-system-x86_64
qemu-img-path = ${kvm:location}/bin/qemu-img
[kvm-promise]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/vnc_promise
hostname = $${kvm-instance:vnc-ip}
port = $${kvm-instance:vnc-port}
[novnc-instance]
recipe = slapos.cookbook:novnc
path = $${ca-novnc:executable}
ip = $${slap-network-information:global-ipv6}
port = 6080
vnc-ip = $${kvm-instance:vnc-ip}
vnc-port = $${kvm-instance:vnc-port}
novnc-location = ${noVNC:location}
websockify-path = ${buildout:directory}/bin/websockify
ssl-key-path = $${ca-novnc:key-file}
ssl-cert-path = $${ca-novnc:cert-file}
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${basedirectory:ca-dir}
requests-directory = $${cadirectory:requests}
wrapper = $${basedirectory:services}/certificate_authority
ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts}
ca-crl = $${cadirectory:crl}
[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${basedirectory:ca-dir}/requests/
private = $${basedirectory:ca-dir}/private/
certs = $${basedirectory:ca-dir}/certs/
newcerts = $${basedirectory:ca-dir}/newcerts/
crl = $${basedirectory:ca-dir}/crl/
[ca-novnc]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = $${basedirectory:novnc-conf}/novnc.key
cert-file = $${basedirectory:novnc-conf}/novnc.crt
executable = $${rootdirectory:bin}/novnc
wrapper = $${basedirectory:services}/websockify
[novnc-promise]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/novnc_promise
hostname = $${novnc-instance:ip}
port = $${novnc-instance:port}
[kvm-monitor]
recipe = slapos.cookbook:generic.slapmonitor
db-path = $${rootdirectory:srv}/slapmonitor_database
[request-common]
recipe = slapos.cookbook:request
software-url = $${slap-connection:software-release-url}
sla = computer_guid
sla-computer_guid = $${slap-connection:computer-id}
server-url = $${slap-connection:server-url}
key-file = $${slap-connection:key-file}
cert-file = $${slap-connection:cert-file}
computer-id = $${slap-connection:computer-id}
partition-id = $${slap-connection:partition-id}
[request-slave-frontend]
<=request-common
name = SlaveFrontend
software-type = frontend
slave = true
config = host port
config-host = $${novnc-instance:ip}
config-port = $${novnc-instance:port}
return = url resource port domainname
[publish-kvm-connection-information]
recipe = slapos.cookbook:publish
backend_url = https://[$${novnc-instance:ip}]:$${novnc-instance:port}/vnc_auto.html?host=[$${novnc-instance:ip}]&port=$${novnc-instance:port}&encrypt=1
url = $${request-slave-frontend:connection-url}/vnc_auto.html?host=$${request-slave-frontend:connection-domainname}&port=$${request-slave-frontend:connection-port}&encrypt=1&path=$${request-slave-frontend:connection-resource}
password = $${kvm-instance:passwd}
#############################
#
# Instanciate kvm+
#
#############################
[buildout]
extends = instance-kvm.cfg
[kvm-instance]
recipe = slapos.cookbook:kvm
vnc-ip = $${slap-network-information:local-ipv4}
vnc-port = 5901
nbd-ip = $${slap-parameter:nbd_ip}
nbd-port = $${slap-parameter:nbd_port}
tap = $${slap-network-information:network-interface}
disk-path = $${rootdirectory:srv}/virtual.qcow2
disk-size = 20
socket-path = $${rootdirectory:var}/qmp_socket
pid-path = $${basedirectory:run}/pid_file
smp-count = 2
ram-size = 2048
mac-address = $${create-mac:mac-address}
runner-path = $${basedirectory:services}/kvm
controller-path = $${basedirectory:services}/kvm_controller
shell-path = ${dash:location}/bin/dash
qemu-path = ${kvm:location}/bin/qemu-system-x86_64
qemu-img-path = ${kvm:location}/bin/qemu-img
#############################
#
# Instanciate nbdserver
#
#############################
[buildout]
parts =
nbd-promise
onetimeupload-promise
publish-connection-information
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
srv = $${buildout:directory}/srv
log = $${buildout:directory}/log
[basedirectory]
recipe = slapos.cookbook:mkdirectory
services = $${rootdirectory:etc}/run
promises = $${rootdirectory:etc}/promise
[nbd-instance]
recipe = slapos.cookbook:nbdserver
ip = $${slap-network-information:global-ipv6}
port = 1024
image-path = $${onetimeupload-instance:image-path}
qemu-path = ${kvm:location}/bin/qemu-nbd
shell-path = ${dash:location}/bin/dash
# XXX TODO: Wait for the iso to be uploaded (execute_wait)
path = $${basedirectory:services}/nbdserver
[nbd-promise]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/nbd_promise
hostname = $${nbd-instance:ip}
port = $${nbd-instance:port}
[onetimeupload-instance]
recipe = slapos.cookbook:generic.onetimeupload
ip = $${slap-network-information:global-ipv6}
port = 9999
image-path = $${rootdirectory:srv}/cdrom.iso
log-path = $${rootdirectory:log}/onetimeupload.log
shell-path = ${dash:location}/bin/dash
onetimeupload-path = ${buildout:bin-directory}/onetimeupload
path = $${basedirectory:services}/onetimeupload
[onetimeupload-promise]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/onetimeupload_promise
hostname = $${onetimeupload-instance:ip}
port = $${onetimeupload-instance:port}
[publish-connection-information]
recipe = slapos.cookbook:publish
nbd_url = nbd://[$${nbd-instance:ip}]:$${nbd-instance:port}
upload_url = http://[$${onetimeupload-instance:ip}]:$${onetimeupload-instance:port}/
upload_key = $${onetimeupload-instance:key}
[buildout]
parts =
kvminstance
switch-softwaretype
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[kvminstance]
recipe = slapos.cookbook:kvm
qemu_path = ${kvm:location}/bin/qemu-system-x86_64
qemu_img_path = ${kvm:location}/bin/qemu-img
#slapmonitor_path = ${buildout:bin-directory}/slapmonitor
#slapreport_path = ${buildout:bin-directory}/slapreport
websockify = ${buildout:directory}/bin/websockify
noVNC_location = ${noVNC:location}
openssl_binary = ${openssl:location}/bin/openssl
rdiff_backup_binary = ${buildout:bin-directory}/rdiff-backup
dcrond_binary = ${dcron:location}/sbin/crond
[switch-softwaretype]
recipe = slapos.cookbook:softwaretype
default = ${template-kvm:output}
kvm = ${template-kvm:output}
kvm+ = ${template-kvmplus:output}
nbd = ${template-nbd:output}
frontend = ${template-frontend:output}
smp_count = 1
ram_size = 1024
disk_size = 10
[slap-connection]
# part to migrate to new - separated words
computer-id = $${slap_connection:computer_id}
partition-id = $${slap_connection:partition_id}
server-url = $${slap_connection:server_url}
software-release-url = $${slap_connection:software_release_url}
key-file = $${slap_connection:key_file}
cert-file = $${slap_connection:cert_file}
......@@ -3,46 +3,37 @@ extensions =
buildout-versions
extends =
../../component/gzip/buildout.cfg
../../component/dcron/buildout.cfg
../../component/logrotate/buildout.cfg
../../component/git/buildout.cfg
../../component/gnutls/buildout.cfg
../../component/libpng/buildout.cfg
../../component/libuuid/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/noVNC/buildout.cfg
../../component/openssl/buildout.cfg
../../component/python-2.7/buildout.cfg
../../component/rdiff-backup/buildout.cfg
../../stack/shacache-client.cfg
../../component/dash/buildout.cfg
../../component/lxml-python/buildout.cfg
../../stack/nodejs.cfg
develop =
${:parts-directory}/websockify
parts =
template
dash
kvm
eggs
check-local-eggs
find-links +=
http://www.nexedi.org/static/packages/source/slapos.buildout/
nodejs
http-proxy
proxy-by-url
npm-modules
dcron
logrotate
versions = versions
# Use only quite well working sites.
allow-hosts =
*.nexedi.org
*.python.org
*.sourceforge.net
alastairs-place.net
dist.repoze.org
effbot.org
github.com
peak.telecommunity.com
psutil.googlecode.com
www.dabeaz.com
www.owlfish.com
#XXX-Cedric : Currently, one can only access to KVM using noVNC.
# Ideally one should be able to access KVM by using either NoVNC or VNC.
# Problem is : no native crypto support in web browsers. So we have to disable ssl
......@@ -54,15 +45,14 @@ allow-hosts =
# Websockify (socket <-> websocket proxy server) when it is ready.
# May solve previous XXX depending on the implementation.
#XXX-Cedric: Check status of
# https://www.tiolive.com/nexedi/bug_module/20110819-11F4F70 for
# Chrome >= 14 and Firefox >=7 can access to noVNC. (should be solved)
#XXX-Cedric : add list of keyboard layouts (azerty/us querty/...) parameter to qemu
[kvm]
recipe = hexagonit.recipe.cmmi
url = http://downloads.sourceforge.net/project/kvm/qemu-kvm/0.15.1/qemu-kvm-0.15.1.tar.gz
# XXX-Cedric : Upgrade to 1.0
# url = http://downloads.sourceforge.net/project/kvm/qemu-kvm/1.0/qemu-kvm-1.0.tar.gz
# md5sum = 00a825db46a70ba8ef9fc95da9cc7c1e
md5sum = 8800a7d6b3aa4a168ea7f78dc66c0320
configure-options =
--disable-sdl
......@@ -76,7 +66,7 @@ configure-options =
--enable-vnc-png
--disable-vnc-jpeg
--extra-cflags="-I${gnutls:location}/include -I${libuuid:location}/include -I${zlib:location}/include -I${libpng:location}/include"
--extra-ldflags="-Wl,-rpath -Wl,${glib:location}/lib -L${glib:location}/lib -Wl,-rpath -Wl,${gnutls:location}/lib -L${gnutls:location}/lib -L${gettext:location}/lib -Wl,-rpath -Wl,${gettext:location}/lib -Wl,-rpath -Wl,${libpng:location}/lib -L${libpng:location}/lib -L${libuuid:location}/lib -Wl,-rpath -Wl,${libuuid:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -lpng -lz -lgnutls"
--extra-ldflags="-Wl,-rpath -Wl,${glib:location}/lib -L${glib:location}/lib -Wl,-rpath -Wl,${gnutls:location}/lib -L${gnutls:location}/lib -Wl,-rpath -Wl,${gpg-error:location}/lib -L${gpg-error:location}/lib -L${gettext:location}/lib -Wl,-rpath -Wl,${gettext:location}/lib -Wl,-rpath -Wl,${libpng:location}/lib -L${libpng:location}/lib -L${libuuid:location}/lib -Wl,-rpath -Wl,${libuuid:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -lpng -lz -lgnutls"
--disable-werror
environment =
PATH=${pkgconfig:location}/bin:%(PATH)s
......@@ -86,8 +76,8 @@ environment =
# XXX-Cedric : use official egg from pypi when it is released
recipe = plone.recipe.command
stop-on-error = true
commit = e7363f43443deb9982bdb5c3db50eec475584b06
repository = https://github.com/desaintmartin/websockify.git
commit = 301f3ae580557da47fa5ea2050aa671ce9c5a1a0
repository = https://github.com/SlapOS/websockify.git
location = ${buildout:parts-directory}/${:_buildout_section_name_}
git-binary = ${git:location}/bin/git
command = export GIT_SSL_NO_VERIFY=true; (${:git-binary} clone --quiet ${:repository} ${:location} && cd ${:location} && ${:git-binary} reset --hard ${:commit}) || (rm -fr ${:location}; exit 1)
......@@ -101,83 +91,199 @@ command = grep parts ${buildout:develop-eggs-directory}/websockify.egg-link
depends = ${eggs:dummy}
[eggs]
python = python2.7
recipe = z3c.recipe.scripts
dummy =
${websockify:location}
eggs =
${lxml-python:egg}
slapos.cookbook
websockify
slapos.cookbook
slapos.toolbox
[http-proxy]
# https://github.com/nodejitsu/node-http-proxy
recipe = slapos.recipe.build:download-unpacked
#XXX-Cedric : use upstream when merged
url = https://nodeload.github.com/desaintmartin/node-http-proxy/zipball/master
md5sum = 20204d0b29c2cef26e1c91e99eedca6b
[proxy-by-url]
# https://github.com/dominictarr/proxy-by-url
recipe = slapos.recipe.build:download-unpacked
#XXX-Cedric : use upstream when merged
url = https://nodeload.github.com/desaintmartin/proxy-by-url/zipball/master
md5sum = c2609948aa708581f93b981b23880314
[npm-modules]
recipe = plone.recipe.command
destination = ${buildout:parts-directory}/${:_buildout_section_name_}
location = ${buildout:parts-directory}/${:_buildout_section_name_}
command =
rm -fr ${:destination} &&
mkdir -p ${:destination} &&
cd ${:destination} &&
${nodejs:location}/bin/node ${nodejs:location}/bin/npm install colors@0.6.0-1 &&
${nodejs:location}/bin/node ${nodejs:location}/bin/npm install socket.io@0.8.7 &&
${nodejs:location}/bin/node ${nodejs:location}/bin/npm install socket.io-client@0.8.7 &&
${nodejs:location}/bin/node ${nodejs:location}/bin/npm install optimist@0.3.1 &&
${nodejs:location}/bin/node ${nodejs:location}/bin/npm install pkginfo@0.2.3
[template-kvm]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-kvm.cfg
md5sum = b6572c018e44d4676e76805116bcade0
output = ${buildout:directory}/template-kvm.cfg
mode = 0644
[template-kvmplus]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-kvmplus.cfg
md5sum = 2e35c5b2ac9ee51d8f98fb1199f011c4
output = ${buildout:directory}/template-kvmplus.cfg
mode = 0644
[template-nbd]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-nbd.cfg
md5sum = 7691fadfc8d4392c58ac1bf0ebd5aaf2
output = ${buildout:directory}/template-nbd.cfg
mode = 0644
[template-frontend]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-frontend.cfg
md5sum = 123bf4e5bea9e86c03b62e9afb8ca04b
output = ${buildout:directory}/template-frontend.cfg
mode = 0644
[template]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg
md5sum = 298b146e4efce41bfd58b3f85d064ff1
md5sum = 68788763d23f70f24b9e575871c903a8
output = ${buildout:directory}/template.cfg
mode = 0644
[versions]
zc.buildout = 1.5.3-dev-SlapOS-010
[networkcache]
# signature certificates of the following uploaders.
# Romain Courteaud
# Cedric de Saint Martin
signature-certificate-list =
-----BEGIN CERTIFICATE-----
MIIB4DCCAUkCADANBgkqhkiG9w0BAQsFADA5MQswCQYDVQQGEwJGUjEZMBcGA1UE
CBMQRGVmYXVsdCBQcm92aW5jZTEPMA0GA1UEChMGTmV4ZWRpMB4XDTExMDkxNTA5
MDAwMloXDTEyMDkxNTA5MDAwMlowOTELMAkGA1UEBhMCRlIxGTAXBgNVBAgTEERl
ZmF1bHQgUHJvdmluY2UxDzANBgNVBAoTBk5leGVkaTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEApYZv6OstoqNzxG1KI6iE5U4Ts2Xx9lgLeUGAMyfJLyMmRLhw
boKOyJ9Xke4dncoBAyNPokUR6iWOcnPHtMvNOsBFZ2f7VA28em3+E1JRYdeNUEtX
Z0s3HjcouaNAnPfjFTXHYj4um1wOw2cURSPuU5dpzKBbV+/QCb5DLheynisCAwEA
ATANBgkqhkiG9w0BAQsFAAOBgQBCZLbTVdrw3RZlVVMFezSHrhBYKAukTwZrNmJX
mHqi2tN8tNo6FX+wmxUUAf3e8R2Ymbdbn2bfbPpcKQ2fG7PuKGvhwMG3BlF9paEC
q7jdfWO18Zp/BG7tagz0jmmC4y/8akzHsVlruo2+2du2freE8dK746uoMlXlP93g
QUUGLQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAO4V/jiMoICoMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMjMyMCAXDTEyMDIxNjExMTAyM1oYDzIxMTIwMTIzMTExMDIzWjAT
MREwDwYDVQQDDAhDT01QLTIzMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
wi/3Z8W9pUiegUXIk/AiFDQ0UJ4JFAwjqr+HSRUirlUsHHT+8DzH/hfcTDX1I5BB
D1ADk+ydXjMm3OZrQcXjn29OUfM5C+g+oqeMnYQImN0DDQIOcUyr7AJc4xhvuXQ1
P2pJ5NOd3tbd0kexETa1LVhR6EgBC25LyRBRae76qosCAwEAAaNQME4wHQYDVR0O
BBYEFMDmW9aFy1sKTfCpcRkYnP6zUd1cMB8GA1UdIwQYMBaAFMDmW9aFy1sKTfCp
cRkYnP6zUd1cMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAskbFizHr
b6d3iIyN+wffxz/V9epbKIZVEGJd/6LrTdLiUfJPec7FaxVCWNyKBlCpINBM7cEV
Gn9t8mdVQflNqOlAMkOlUv1ZugCt9rXYQOV7rrEYJBWirn43BOMn9Flp2nibblby
If1a2ZoqHRxoNo2yTmm7TSYRORWVS+vvfjY=
-----END CERTIFICATE-----
slapos.cookbook = 0.37
[versions]
Jinja2 = 2.6
Werkzeug = 0.8.1
Werkzeug = 0.8.3
apache-libcloud = 0.8.0
async = 0.6.1
buildout-versions = 1.7
gitdb = 0.5.4
hexagonit.recipe.cmmi = 1.5.0
lxml = 2.3.2
meld3 = 0.6.7
lxml = 2.3.3
meld3 = 0.6.8
plone.recipe.command = 1.1
pycrypto = 2.5
slapos.cookbook = 0.41
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2
slapos.toolbox = 0.18
smmap = 0.8.2
z3c.recipe.scripts = 1.0.1
# Required by:
# slapos.core==0.20
# slapos.core==0.23
# slapos.toolbox==0.18
Flask = 0.8
# Required by:
# slapos.cookbook==0.37
# slapos.toolbox==0.18
GitPython = 0.3.2.RC1
# Required by:
# slapos.cookbook==0.41
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.5.0
# slapos.toolbox==0.18
atomize = 0.1.1
# Required by:
# slapos.toolbox==0.18
feedparser = 5.1.1
# Required by:
# slapos.cookbook==0.41
inotifyx = 0.2.0
# Required by:
# slapos.cookbook==0.37
# slapos.cookbook==0.41
netaddr = 0.7.6
# Required by:
# slapos.core==0.20
netifaces = 0.6
# slapos.core==0.23
netifaces = 0.8
# Required by:
# websockify==0.1-dev
numpy = 1.6.1
# Required by:
# slapos.cookbook==0.37
# slapos.core==0.20
# zc.buildout==1.5.3-dev-SlapOS-010
# zc.recipe.egg==1.3.2
# slapos.toolbox==0.18
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.18
psutil = 0.4.1
# Required by:
# slapos.cookbook==0.41
# slapos.core==0.23
# slapos.toolbox==0.18
setuptools = 0.6c12dev-r88846
# Required by:
# slapos.cookbook==0.37
slapos.core = 0.20
# slapos.cookbook==0.41
# slapos.toolbox==0.18
slapos.core = 0.23
# Required by:
# slapos.core==0.20
supervisor = 3.0a10
# slapos.core==0.23
supervisor = 3.0a12
# Required by:
# slapos.cookbook==0.37
# slapos.cookbook==0.41
# slapos.toolbox==0.18
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.37
# slapos.cookbook==0.41
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.20
# slapos.core==0.23
zope.interface = 3.8.0
\ No newline at end of file
......@@ -7,7 +7,6 @@ parts =
mariadb
eggs
instance-recipe-egg
downloadcache-workaround
extends =
../../stack/lamp.cfg
......@@ -18,7 +17,6 @@ url = Student shall put here url of zipped or tarballed web page or application
md5sum = Student may put here md5sum of this file, this is good idea
#If provided tarball does not contain top directory, option shall be changed to false
strip-top-level-dir = true
#extract-directory =
[application-template]
recipe = slapos.recipe.download
......@@ -43,91 +41,7 @@ url = ${:_profile_base_location_}/instance.cfg
output = ${buildout:directory}/template.cfg
mode = 0644
[mariadb]
keep-compile-dir = false
[instance-recipe-egg]
recipe = zc.recipe.egg
eggs =
${instance-recipe:egg}
[versions]
# Use SlapOS patched zc.buildout
zc.buildout = 1.6.0-dev-SlapOS-003
# Generated by buildout-versions
Jinja2 = 2.6
Werkzeug = 0.8.2
buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.8
plone.recipe.command = 1.1
slapos.cookbook = 0.20
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
# Required by:
# slapos.core==0.21
Flask = 0.8
# Required by:
# slapos.cookbook==0.38
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.5.0
# Required by:
# slapos.cookbook==0.38
# slapos.core==0.21
# xml-marshaller==0.9.7
lxml = 2.3.3
# Required by:
# slapos.cookbook==0.38
netaddr = 0.7.6
# Required by:
# slapos.core==0.21
netifaces = 0.6
# Required by:
# slapos.cookbook==0.38
# slapos.core==0.21
# zc.buildout==1.6.0-dev-SlapOS-003
# zc.recipe.egg==1.3.2
setuptools = 0.6c12dev-r88846
# Required by:
# slapos.cookbook==0.38
slapos.core = 0.21
# Required by:
# slapos.core==0.21
supervisor = 3.0a12
# Required by:
# slapos.cookbook==0.38
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.38
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.21
zope.interface = 3.8.0
[downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically
# creates download cache, which in turn switches builout to "semi-offline" mode
recipe = plone.recipe.command
# in hexagonit.recipe.cmmi if there is no ${buildout:download-cache} set it resolves
# to ${buildout:directory}/downloads but this variable is available late, that's
# why it is hardcoded only for required case
download-cache = ${buildout:directory}/downloads
command = [ -d ${:download-cache} ] && rm -fr ${:download-cache}/* || exit 0
update-command = ${:command}
stop-on-error = True
[buildout]
parts =
nbdserverinstance
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
[nbdserverinstance]
recipe = ${instance-recipe:egg}:${instance-recipe:module}
qemu_path = ${nbdserver:location}/bin/qemu-nbd
onetimeupload_path = ${buildout:bin-directory}/onetimeupload
[buildout]
extends =
../../stack/nbd.cfg
../../stack/shacache-client.cfg
parts +=
template
[template]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg
md5sum = 82e948e1c0cb0d5540ef185edeef3ec3
output = ${buildout:directory}/template.cfg
mode = 0644
[versions]
# XXX-CEDRIC Quick and dirty workaround to avoid m2crypto problems.
# should not be used elsewhere unless for urgent cases.
slapos.libnetworkcache = 0.2
......@@ -16,6 +16,8 @@ slapgrid_cp = ${buildout:directory}/bin/slapgrid-cp
slapproxy = ${buildout:directory}/bin/slapproxy
supervisor = ${buildout:directory}/bin/slapgrid-supervisorctl
git = ${git:location}/bin/git
node-bin = ${nodejs-0.4:location}/bin/node
cloud9 = ${cloud9:location}/bin/cloud9.js
ssh_client = $${sshkeys-dropbear:wrapper}
public_key = $${sshkeys-dropbear:public-key}
private_key = $${sshkeys-dropbear:private-key}
......@@ -62,4 +64,4 @@ bin = $${buildout:directory}/bin/
recipe = slapos.cookbook:mkdirectory
sshkeys = $${rootdirectory:srv}/sshkeys
services = $${rootdirectory:etc}/run/
ssh = $${rootdirectory:etc}/ssh/
ssh = $${rootdirectory:etc}/ssh/
\ No newline at end of file
[buildout]
extensions =
buildout-versions
......@@ -8,6 +9,7 @@ extends =
../../stack/shacache-client.cfg
../../component/dropbear/buildout.cfg
../../component/git/buildout.cfg
../../component/cloud9/buildout.cfg
parts =
template
......@@ -31,7 +33,7 @@ recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg
output = ${buildout:directory}/template.cfg
mode = 0644
md5sum = cd69efd5c3a7e9adca7387b9a401590a
md5sum = 7cfd248cdc6fa6cbb4957d25a0aed884
[eggs]
eggs +=
......@@ -60,6 +62,7 @@ signature-certificate-list =
[versions]
# Use SlapOS patched zc.buildout
zc.buildout = 1.6.0-dev-SlapOS-003
Jinja2 = 2.6
Werkzeug = 0.8.3
apache-libcloud = 0.8.0
......@@ -68,68 +71,65 @@ buildout-versions = 1.7
gitdb = 0.5.4
hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.8
plone.recipe.command = 1.1
pycrypto = 2.5
slapos.cookbook = 0.39
slapos.cookbook = 0.45
slapos.libnetworkcache = 0.12
slapos.recipe.template = 2.2
slapos.toolbox = 0.18
slapos.recipe.template = 2.3
slapos.toolbox = 0.20
smmap = 0.8.2
# Required by:
# slapos.core==0.22
# slapos.core==0.24
Flask = 0.8
# Required by:
# slapos.toolbox==0.18
# slapos.toolbox==0.20
GitPython = 0.3.2.RC1
# Required by:
# slapos.cookbook==0.39
# slapos.cookbook==0.45
PyXML = 0.8.4
# Required by:
# slapos.toolbox==0.18
# slapos.toolbox==0.20
atomize = 0.1.1
# Required by:
# slapos.toolbox==0.18
feedparser = 5.1
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.5.0
# slapos.toolbox==0.20
feedparser = 5.1.1
# Required by:
# slapos.cookbook==0.39
# slapos.cookbook==0.45
inotifyx = 0.2.0
# Required by:
# slapos.cookbook==0.39
# slapos.core==0.22
# slapos.cookbook==0.45
# slapos.core==0.24
# xml-marshaller==0.9.7
lxml = 2.3.3
lxml = 2.3.4
# Required by:
# slapos.cookbook==0.39
# slapos.cookbook==0.45
netaddr = 0.7.6
# Required by:
# slapos.core==0.22
# slapos.core==0.24
netifaces = 0.8
# Required by:
# slapos.toolbox==0.18
# slapos.toolbox==0.20
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.18
# slapos.toolbox==0.20
psutil = 0.4.1
# Required by:
# slapos.cookbook==0.39
# slapos.core==0.22
# slapos.cookbook==0.45
# slapos.core==0.24
# slapos.libnetworkcache==0.12
# slapos.toolbox==0.18
# slapos.toolbox==0.20
# supervisor==3.0a12
# zc.buildout==1.6.0-dev-SlapOS-003
# zc.recipe.egg==1.3.2
......@@ -137,21 +137,21 @@ psutil = 0.4.1
setuptools = 0.6c12dev-r88846
# Required by:
# slapos.cookbook==0.39
slapos.core = 0.22
# slapos.cookbook==0.45
slapos.core = 0.24
# Required by:
# slapos.core==0.22
# slapos.core==0.24
supervisor = 3.0a12
# Required by:
# slapos.cookbook==0.39
# slapos.cookbook==0.45
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.39
# slapos.cookbook==0.45
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.22
zope.interface = 3.8.0
# slapos.core==0.24
zope.interface = 3.8.0
\ No newline at end of file
......@@ -31,8 +31,12 @@ configurator_bt5_list = erp5_core_proxy_field_legacy erp5_full_text_myisam_catal
[erp5_repository_list]
repository_id_list += vifib/master
[erp5]
branch = interaction-drop
[vifib]
<= erp5
branch = master
repository = http://git.erp5.org/repos/slapos.core.git
revision =
......
......@@ -9,7 +9,8 @@ find-links = http://www.nexedi.org/static/packages/source/slapos.buildout/
http://www.nexedi.org/static/packages/source/
extends =
../component/openoffice-bin/buildout.cfg
../component/libreoffice-bin/buildout.cfg
../component/libpng/buildout.cfg
../component/lxml-python/buildout.cfg
../component/python-2.6/buildout.cfg
../component/python-2.7/buildout.cfg
......@@ -25,20 +26,21 @@ extends =
versions = versions
parts =
openoffice-bin
libreoffice-bin
# basic Xorg
libXdmcp
libXext
libXau
libXinerama
libSM
libXrender
# fonts
liberation-fonts
ipaex-fonts
# Dependencies
libpng12
imagemagick
file
xpdf
......
......@@ -28,10 +28,11 @@ allow-hosts =
psutil.googlecode.com
www.dabeaz.com
www.owlfish.com
launchpad.net
extends =
# Exact version of Zope
http://svn.zope.org/repos/main/Zope/tags/2.12.21/versions.cfg
http://svn.zope.org/repos/main/Zope/tags/2.12.22/versions.cfg
../component/logrotate/buildout.cfg
../component/dcron/buildout.cfg
../component/file/buildout.cfg
......@@ -45,6 +46,7 @@ extends =
../component/hookbox/buildout.cfg
../component/imagemagick/buildout.cfg
../component/kumo/buildout.cfg
../component/libpng/buildout.cfg
../component/libreoffice-bin/buildout.cfg
../component/lxml-python/buildout.cfg
../component/percona-toolkit/buildout.cfg
......@@ -72,12 +74,16 @@ extends =
../component/sed/buildout.cfg
../component/coreutils/buildout.cfg
../component/grep/buildout.cfg
../component/dash/buildout.cfg
../component/wget/buildout.cfg
../component/aspell/buildout.cfg
versions = versions
parts =
itools-build
rdiff-backup
aspell
apache
apache-antiloris
file
......@@ -88,6 +94,7 @@ parts =
stunnel
w3m
poppler
libpng12
libpng
ghostscript
mariadb
......@@ -107,6 +114,8 @@ parts =
zabbix-agent
pdftk
dcron
dash
wget
# Buildoutish
eggs
......@@ -117,8 +126,8 @@ parts =
libXdmcp
libXext
libXau
libXinerama
libSM
libXrender
# fonts
liberation-fonts
......@@ -226,8 +235,8 @@ stop-on-error = true
repository = http://git.erp5.org/repos/erp5.git
branch = master
revision =
command = ${git:location}/bin/git clone --quiet -b ${:branch} ${:repository} ${:location} && if [ -n "${:revision}" ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi
update-command = cd ${:location} && ${git:location}/bin/git pull --quiet && if [ -n "${:revision}" ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi
command = ${git:location}/bin/git clone --quiet --branch ${:branch} ${:repository} ${:location} && if [ -n "${:revision}" ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi
update-command = cd ${:location} && GIT_COMMITTER_EMAIL=nobody@example.com GIT_AUTHOR_NAME=Nobody GIT_AUTHOR_EMAIL=nobody@example.com ${git:location}/bin/git pull && if [ -n "${:revision}" ]; then echo "Resetting." ; cd ${:location} && ${git:location}/bin/git reset --hard ${:revision} ; fi
[products]
# XXX: ERP5 related products are not defined as python distributions, so it is
......@@ -268,11 +277,15 @@ initialization =
[bt5_path, os.path.join(bt5_path, '*')]
for bt5_path in (os.path.join(parts_directory, x, 'bt5')
for x in repository_id_list)), []))
sys.path[:0] = [os.path.join(parts_directory, x, 'tests')
for x in repository_id_list]
sys.path[:0] = sum((
glob.glob(os.path.join(parts_directory, x, 'tests'))
for x in repository_id_list), [])
sys.path[:0] = sum((
glob.glob(os.path.join(parts_directory, x, 'product', '*', 'tests'))
for x in repository_id_list), [])
sys.path[:0] = sum((
glob.glob(os.path.join(x, '*', 'tests'))
for x in reversed('''${products:list}'''.split())), [])
[test_suite_runner]
# XXX: Workaround for fact ERP5Type is not an distribution and does not
......@@ -312,6 +325,7 @@ eggs =
coverage
elementtree
erp5diff
inotifyx
ipdb
mechanize
numpy
......@@ -330,6 +344,7 @@ eggs =
feedparser
argparse
validictory
erp5.util
# Zope 2.12 with patched acquisition
ZODB3
......@@ -356,7 +371,6 @@ eggs =
Products.MimetypesRegistry
Products.ExternalEditor
Products.TIDStorage
Products.Zelenium
# Currently forked in our repository
# Products.PortalTransforms
......@@ -373,6 +387,7 @@ scripts =
runzeo
tidstoraged
tidstorage_repozo
web_checker_utility = erp5.util.webchecker:web_checker_utility
extra-paths =
${itools:location}/lib
......@@ -418,7 +433,7 @@ scripts =
[versions]
# Use SlapOS patched zc.buildout
zc.buildout = 1.6.0-dev-SlapOS-003
zc.buildout = 1.6.0-dev-SlapOS-004
# pin Acquisition and Products.DCWorkflow to Nexedi flavour of eggs
Acquisition = 2.13.7nxd001
......@@ -442,3 +457,10 @@ setuptools =
# official pysvn egg does not supports --include-dirs and
# --library-dirs, so we use our modified version
pysvn = 1.7.4nxd006
# CMF 2.3 requries Zope 2.13.
Products.CMFCalendar = 2.2.2
Products.CMFCore = 2.2.5
Products.CMFDefault = 2.2.2
Products.CMFTopic = 2.2.1
Products.CMFUid = 2.2.1
[buildout]
extensions = buildout-versions
find-links +=
http://www.nexedi.org/static/packages/source/slapos.buildout/
# Use only quite well working sites.
allow-hosts =
*.nexedi.org
*.python.org
*.sourceforge.net
alastairs-place.net
dist.repoze.org
effbot.org
github.com
launchpad.net
peak.telecommunity.com
psutil.googlecode.com
www.dabeaz.com
parts =
template
apache-php
......@@ -38,7 +19,7 @@ extends =
../component/stunnel/buildout.cfg
../component/pycrypto-python/buildout.cfg
../component/mysql-python/buildout.cfg
shacache-client.cfg
../stack/slapos.cfg
../component/python-2.7/buildout.cfg
# python-2.7 component is here only for compatibility with old software.cfg.
# It is not needed and should not be used in LAMP-based software.cfg
......@@ -52,14 +33,6 @@ eggs =
[mariadb]
keep-compile-dir = false
[application]
#XXX-Cedric : ugly hack to work around h.r.cmmi unrespectful behavior, so that
# a cmmi Executes before application but after template downloading.
# Useful when [application] uses slapos.recipe.build or
# slapos.recipe.download rather than h.r.download.
depends = ${apache-php:location}
[networkcache]
# Romain Courteaud + Sebastien Robin + Alain Takoudjou signature certificate
signature-certificate-list =
......@@ -102,3 +75,98 @@ signature-certificate-list =
dOSJ86sf/PQHW3/1fhTTE+Vck1MiiAq0aIx6WnKnz4+ZcQctB7b0DCsTcQnmbpi2
n9MuhWaT21VOYhIGzJFPw5XW47/RrwhR
-----END CERTIFICATE-----
[versions]
# Generated automatically by buildout-versions
Jinja2 = 2.6
MySQL-python = 1.2.3
Werkzeug = 0.8.3
apache-libcloud = 0.9.1
async = 0.6.1
buildout-versions = 1.7
gitdb = 0.5.4
hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.8
plone.recipe.command = 1.1
slapos.cookbook = 0.45
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.3
slapos.toolbox = 0.23
smmap = 0.8.2
# Required by:
# slapos.core==0.24
# slapos.toolbox==0.23
Flask = 0.8
# Required by:
# slapos.toolbox==0.23
GitPython = 0.3.2.RC1
# Required by:
# slapos.cookbook==0.45
PyXML = 0.8.4
# Required by:
# slapos.toolbox==0.23
atomize = 0.1.1
# Required by:
# slapos.toolbox==0.23
feedparser = 5.1.1
# Required by:
# slapos.cookbook==0.45
inotifyx = 0.2.0
# Required by:
# slapos.cookbook==0.45
# slapos.core==0.24
# slapos.toolbox==0.23
# xml-marshaller==0.9.7
lxml = 2.3.4
# Required by:
# slapos.cookbook==0.45
netaddr = 0.7.6
# Required by:
# slapos.core==0.24
netifaces = 0.8
# Required by:
# slapos.toolbox==0.23
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.23
psutil = 0.4.1
# Required by:
# slapos.cookbook==0.45
# slapos.core==0.24
# slapos.toolbox==0.23
setuptools = 0.6c12dev-r88846
# Required by:
# slapos.cookbook==0.45
# slapos.toolbox==0.23
slapos.core = 0.24
# Required by:
# slapos.core==0.24
supervisor = 3.0a12
# Required by:
# slapos.cookbook==0.45
# slapos.toolbox==0.23
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.45
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.24
zope.interface = 3.8.0
\ No newline at end of file
[buildout]
find-links +=
http://www.nexedi.org/static/packages/source/slapos.buildout/
parts =
apache-php
mariadb
......@@ -18,21 +15,7 @@ parts =
template-mariadb-pbsready-import
template-mariadb-pbsready-export
allow-hosts =
*.nexedi.org
*.python.org
*.sourceforge.net
alastairs-place.net
dist.repoze.org
effbot.org
github.com
peak.telecommunity.com
psutil.googlecode.com
www.dabeaz.com
launchpad.net
extends =
../shacache-client.cfg
../../component/mariadb/buildout.cfg
../../component/apache/buildout.cfg
../../component/apache-php/buildout.cfg
......@@ -40,7 +23,6 @@ extends =
../../component/git/buildout.cfg
../../component/glib/buildout.cfg
../../component/logrotate/buildout.cfg
../../component/python-2.7/buildout.cfg
../../component/perl/buildout.cfg
../../component/sqlite3/buildout.cfg
../../component/lxml-python/buildout.cfg
......@@ -51,6 +33,10 @@ extends =
../../component/mydumper/buildout.cfg
../../component/mysql-python/buildout.cfg
../../component/dropbear/buildout.cfg
../slapos.cfg
../../component/python-2.7/buildout.cfg
# python-2.7 component is here only for compatibility with old software.cfg.
# It is not needed and should not be used in LAMP-based software.cfg
versions = versions
......@@ -64,7 +50,6 @@ module = lamp.request
[instance-recipe-egg]
recipe = zc.recipe.egg
#python = python2.7
eggs = ${instance-recipe:egg}
[application]
......@@ -83,7 +68,7 @@ mode = 0644
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-apache-php.cfg
output = ${buildout:directory}/template-apache-php.cfg
md5sum = 45bc82dc468e7f418d95c846d1a33d74
md5sum = 8ebed1e26127c066e5b69372e69e6c38
mode = 0644
[template-apache-backup]
......
......@@ -12,6 +12,7 @@ parts =
logrotate-entry-stunnel
cron
cron-entry-logrotate
promise
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
......@@ -21,6 +22,12 @@ offline = true
recipe = slapos.cookbook:publishurl
url = http://[$${apache-php:ip}]:$${apache-php:port}/
[promise]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/apache
hostname = $${apache-php:ip}
port = $${apache-php:port}
[mariadb-urlparse]
recipe = slapos.cookbook:urlparse
url = $${request-mariadb:connection-url}
......@@ -43,8 +50,6 @@ tmp-dir = $${directory:tmp-php}
httpd-conf = $${rootdirectory:etc}/apache.conf
wrapper = $${basedirectory:services}/apache
promise = $${basedirectory:promises}/apache
httpd-binary = ${apache:location}/bin/httpd
mysql-username = $${mariadb-urlparse:username}
......
[buildout]
extends =
../component/nodejs/buildout.cfg
../component/lxml-python/buildout.cfg
../stack/slapos.cfg
versions = versions
parts =
eggs
nodejs
npm
[eggs]
recipe = zc.recipe.egg
eggs =
slapos.cookbook
${lxml-python:egg}
......@@ -18,6 +18,7 @@ exec-sitecustomize = false
# Add location for modified non-official slapos.buildout
find-links +=
http://www.nexedi.org/static/packages/source/slapos.buildout/
http://www.nexedi.org/static/packages/source/hexagonit.recipe.download/
# Use only quite well working sites.
allow-hosts +=
......@@ -38,3 +39,12 @@ allow-hosts +=
# Unzippig of eggs is required, as SlapOS do not yet provide nicely working
# development / fast switching environment for whole software
unzip = true
versions = versions
[versions]
# Use patched hexagonit.recipe.download from
# https://github.com/SlapOS/hexagonit.recipe.download
hexagonit.recipe.download = 1.5.1-dev-slapos-001
# Use SlapOS patched zc.buildout
zc.buildout = 1.6.0-dev-SlapOS-004
......@@ -4,6 +4,7 @@ extends =
../component/java/buildout.cfg
../component/mysql-5.1/buildout.cfg
../component/python-2.7/buildout.cfg
../component/tomcat/buildout.cfg
../stack/shacache-client.cfg
find-links +=
......@@ -42,12 +43,6 @@ recipe = hexagonit.recipe.download
url = http://download.softagency.net/mysql/Downloads/Connector-J/mysql-connector-java-5.1.17.zip
md5sum = 22e1aff6104bb9006f8744a02bf73124
[tomcat]
recipe = hexagonit.recipe.download
strip-top-level-dir = true
url = http://apache.multidist.com/tomcat/tomcat-6/v6.0.32/bin/apache-tomcat-6.0.32.zip
md5sum = 082a0707985b6c029920d4d6d5ec11cd
[eggs]
recipe = zc.recipe.egg
python = python2.7
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment