[buildout] parts = httpd-launcher httpd-graceful httpd-dav-htaccess httpd-make-dummy-index-html promise-httpd-ipv6 publish-connection-information ## Monitoring part monitor-base extends = ${monitor-template:output} eggs-directory = ${buildout:eggs-directory} develop-eggs-directory = ${buildout:develop-eggs-directory} offline = true # Create all needed directories [directory] recipe = slapos.cookbook:mkdirectory etc = $${buildout:directory}/etc/ var = $${buildout:directory}/var/ srv = $${buildout:directory}/srv bin = $${buildout:directory}/bin/ tmp = $${buildout:directory}/tmp/ service = $${:etc}/service/ etc-run = $${:etc}/run/ log = $${:var}/log/ run = $${:var}/run/ backup = $${:srv}/backup/ promise = $${:etc}/promise/ # Jinja Common [jinja2-template-base] recipe = slapos.recipe.template:jinja2 rendered = $${buildout:directory}/$${:filename} extra-context = context = import json_module json key eggs_directory buildout:eggs-directory key develop_eggs_directory buildout:develop-eggs-directory key slap_software_type instance-parameter:slap-software-type key slapparameter_dict instance-parameter:configuration section directory directory $${:extra-context} ########################### # Apache configuration # [apache-directory] recipe = slapos.cookbook:mkdirectory www = $${directory:srv}/www dav = $${directory:srv}/dav slave-configuration = $${directory:etc}/apache-slave-conf.d/ ssl = $${directory:etc}/ssl [apache-configuration] httpd-launcher = $${directory:service}/httpd httpd-graceful = $${directory:etc-run}/httpd-graceful frontend-configuration = $${directory:etc}/httpd.conf access-log = $${directory:log}/httpd-access.log error-log = $${directory:log}/httpd-error.log pid-file = $${directory:run}/httpd.pid httpd-graceful-command = kill -USR1 $(cat $${:pid-file}) # Configuration [httpd-parameter] path_pid = $${directory:run}/httpd.pid global_ip = $${slap-network-information:global-ipv6} global_port = 6666 path_error_log = $${apache-configuration:error-log} path_access_log = $${apache-configuration:access-log} key_file = $${ca-httpd:key-file} cert_file = $${ca-httpd:cert-file} document_root = $${apache-directory:www} dav_lock = $${directory:var}/DavLock dav_home = $${apache-directory:dav} htpassword_path = $${directory:etc}/.htpasswd etc_dir = $${directory:etc} var_dir = $${directory:var} [httpd-conf] recipe = slapos.recipe.template:jinja2 template = ${template_httpd_conf:location}/${template_httpd_conf:filename} rendered = $${apache-configuration:frontend-configuration} context = section parameter httpd-parameter # Htaccess for dav storage [httpd-dav-htaccess] recipe = plone.recipe.command stop-on-error = true htaccess-path = $${httpd-parameter:htpassword_path} command = ${apache:location}/bin/htpasswd -cb $${:htaccess-path} $${:user} $${:password} user = admin password = admin # Launcher and Graceful [httpd-launcher] recipe = slapos.cookbook:wrapper apache-executable = ${apache:location}/bin/httpd wrapper-path = $${apache-configuration:httpd-launcher} command-line = $${:apache-executable} -f $${httpd-conf:rendered} -DFOREGROUND [httpd-graceful] recipe = slapos.recipe.template:jinja2 template = ${template-wrapper:output} rendered = $${apache-configuration:httpd-graceful} mode = 0700 context = key content apache-configuration:httpd-graceful-command # Create Dummu index.html [httpd-make-dummy-index-html] recipe = plone.recipe.command command = if [ ! -f $${httpd-parameter:document_root}/index.html ]; then echo "Hello World!!!" > $${httpd-parameter:document_root}/index.html ; fi # Promise [promise-httpd-ipv6] recipe = slapos.cookbook:check_port_listening path = $${directory:promise}/httpd_ipv6 hostname = $${httpd-parameter:global_ip} port = $${httpd-parameter:global_port} ########################### # Certificate Authority # [cadirectory] recipe = slapos.cookbook:mkdirectory ca-dir = $${directory:srv}/ssl requests = $${:ca-dir}/requests/ private = $${:ca-dir}/private/ certs = $${:ca-dir}/certs/ newcerts = $${:ca-dir}/newcerts/ crl = $${:ca-dir}/crl/ [certificate-authority] recipe = slapos.cookbook:certificate_authority openssl-binary = ${openssl:location}/bin/openssl ca-dir = $${cadirectory:ca-dir} requests-directory = $${cadirectory:requests} wrapper = $${directory:service}/certificate_authority ca-private = $${cadirectory:private} ca-certs = $${cadirectory:certs} ca-newcerts = $${cadirectory:newcerts} ca-crl = $${cadirectory:crl} [ca-httpd] <= certificate-authority recipe = slapos.cookbook:certificate_authority.request key-file = $${cadirectory:certs}/httpd.key cert-file = $${cadirectory:certs}/httpd.crt executable = $${directory:service}/ca-certificate wrapper = $${directory:service}/ca-certificate # Put domain name name = example.com ########################### # Monitor Part # [publish-connection-information] recipe = slapos.cookbook:publish server_url = https://[$${httpd-parameter:global_ip}]:$${httpd-parameter:global_port}