[buildout] parts = publish-connection-information pbs logrotate cron cron-entry-logrotate sshkeys-authority sshkeys-dropbear ## Monitor for pbs monitor-check-resilient-feed-file extends = ${monitor2-template:rendered} eggs-directory = ${buildout:eggs-directory} develop-eggs-directory = ${buildout:develop-eggs-directory} offline = true #---------------- #-- #-- Creation of all needed directories. [rootdirectory] recipe = slapos.cookbook:mkdirectory etc = $${buildout:directory}/etc home = $${buildout:directory}/home srv = $${buildout:directory}/srv bin = $${buildout:directory}/bin tmp = $${buildout:directory}/tmp var = $${buildout:directory}/var [basedirectory] recipe = slapos.cookbook:mkdirectory log = $${rootdirectory:var}/log services = $${rootdirectory:etc}/service run = $${rootdirectory:var}/run backup = $${rootdirectory:srv}/backup promises = $${rootdirectory:etc}/promise ssh-home = $${rootdirectory:home}/ssh notifier = $${rootdirectory:etc}/notifier [directory] recipe = slapos.cookbook:mkdirectory logrotate-entries = $${rootdirectory:etc}/logrotate.d logrotate-backup = $${basedirectory:backup}/logrotate cronstamps = $${rootdirectory:etc}/cronstamps cron-entries = $${rootdirectory:etc}/cron.d crontabs = $${rootdirectory:etc}/crontabs cronoutput = $${basedirectory:log}/cron-ouput pbs-backup = $${basedirectory:backup}/pbs sshkeys = $${rootdirectory:srv}/sshkeys pbs-wrappers = $${rootdirectory:bin}/pbs dot-ssh = $${basedirectory:ssh-home}/.ssh notifier-feeds = $${basedirectory:notifier}/feeds notifier-callbacks = $${basedirectory:notifier}/callbacks #---------------- #-- #-- Set up the equeue and notifier. [equeue] recipe = slapos.cookbook:equeue socket = $${basedirectory:run}/equeue.sock lockfile = $${basedirectory:run}/equeue.lock log = $${basedirectory:log}/equeue.log database = $${rootdirectory:srv}/equeue.db wrapper = $${basedirectory:services}/equeue equeue-binary = ${buildout:bin-directory}/equeue # notifier.notify adds the [exporter, notifier] to the execution queue # notifier.notify.callback sets up a callback [notifier] recipe = slapos.recipe.template:jinja2 template = ${template-wrapper:output} rendered = $${:wrapper} wrapper = $${basedirectory:services}/notifier mode = 0700 command = ${buildout:bin-directory}/pubsubserver --callbacks $${directory:notifier-callbacks} --feeds $${directory:notifier-feeds} --equeue-socket $${equeue:socket} --logfile $${basedirectory:log}/notifier.log $${:host} $${:port} host = $${slap-network-information:global-ipv6} port = 8088 context = key content notifier:command [logrotate-entry-equeue] <= logrotate recipe = slapos.cookbook:logrotate.d name = equeue log = $${equeue:log} frequency = daily rotate-num = 30 #---------------- #-- #-- The pull-backup-server contains every backup (incremental) #-- to prevent a corrupt dump from destroying everything. [pbs] <= notifier recipe = slapos.cookbook:pbs client = true feeds = $${directory:notifier-feeds} callbacks = $${directory:notifier-callbacks} equeue-socket = $${equeue:socket} notifier-binary = ${buildout:bin-directory}/pubsubnotifier rdiffbackup-binary = ${buildout:bin-directory}/rdiff-backup sshclient-binary = $${dropbear-client:wrapper} known-hosts = $${directory:dot-ssh}/known_hosts promises-directory = $${basedirectory:promises} directory = $${directory:pbs-backup} cron-entries = $${cron:cron-entries} wrappers-directory = $${directory:pbs-wrappers} run-directory = $${basedirectory:run} # XXX: this should be named "notifier-host" notifier-url = http://[$${notifier:host}]:$${notifier:port} slave-instance-list = $${slap-parameter:slave_instance_list} ignore-known-hosts-file = $${slap-parameter:ignore-known-hosts-file} #---------------- #-- #-- Deploy cron. [cron] recipe = slapos.cookbook:cron dcrond-binary = ${dcron:location}/sbin/crond cron-entries = $${directory:cron-entries} crontabs = $${directory:crontabs} cronstamps = $${directory:cronstamps} catcher = $${cron-simplelogger:wrapper} binary = $${basedirectory:services}/crond [cron-simplelogger] recipe = slapos.cookbook:simplelogger wrapper = $${rootdirectory:bin}/cron_simplelogger log = $${basedirectory:log}/crond.log #---------------- #-- #-- Deploy logrotate. [cron-entry-logrotate] <= cron recipe = slapos.cookbook:cron.d name = logrotate frequency = 0 0 * * * command = $${logrotate:wrapper} [logrotate] recipe = slapos.cookbook:logrotate # Binaries logrotate-binary = ${logrotate:location}/usr/sbin/logrotate gzip-binary = ${gzip:location}/bin/gzip gunzip-binary = ${gzip:location}/bin/gunzip # Directories wrapper = $${rootdirectory:bin}/logrotate conf = $${rootdirectory:etc}/logrotate.conf logrotate-entries = $${directory:logrotate-entries} backup = $${directory:logrotate-backup} state-file = $${rootdirectory:srv}/logrotate.status [logrotate-entry-cron] <= logrotate recipe = slapos.cookbook:logrotate.d name = cron log = $${cron-simplelogger:log} frequency = daily rotate-num = 30 #---------------- #-- #-- sshkeys [sshkeys-directory] recipe = slapos.cookbook:mkdirectory requests = $${directory:sshkeys}/requests keys = $${directory:sshkeys}/keys [sshkeys-authority] recipe = slapos.cookbook:sshkeys_authority request-directory = $${sshkeys-directory:requests} keys-directory = $${sshkeys-directory:keys} wrapper = $${basedirectory:services}/sshkeys_authority keygen-binary = ${dropbear:location}/bin/dropbearkey [sshkeys-dropbear] <= sshkeys-authority recipe = slapos.cookbook:sshkeys_authority.request name = pbs type = rsa executable = $${dropbear-client:wrapper} public-key = $${dropbear-client:identity-file}.pub private-key = $${dropbear-client:identity-file} wrapper = $${rootdirectory:bin}/do_backup #---------------- #-- #-- Dropbear. [dropbear-client] recipe = slapos.cookbook:dropbear.client dbclient-binary = ${dropbear:location}/bin/dbclient wrapper = $${rootdirectory:bin}/ssh home = $${basedirectory:ssh-home} identity-file = $${basedirectory:ssh-home}/id_rsa #---------------- #-- #-- Slave instance list (empty default). [htpasswd] recipe = slapos.cookbook:generate.password storage-path = $${directory:etc}/.monitor_user bytes = 8 username = admin [slap-parameter] slave_instance_list = [] ignore-known-hosts-file = false monitor-cors-domains = monitor-httpd-port = 8070 monitor-title = PBS Instance monitor-password = $${htpasswd:passwd} monitor-username = $${htpasswd:username} #---------------- #-- #-- Publish instance parameters. [publish-connection-information] recipe = slapos.cookbook:publish ssh-key = $${sshkeys-dropbear:public-key-value} notification-url = http://[$${notifier:host}]:$${notifier:port}/notify feeds-url = http://[$${notifier:host}]:$${notifier:port}/get/ monitor-base-url = $${publish:monitor-base-url} monitor-url = $${publish:monitor-url} monitor-user = $${publish:monitor-user} monitor-password = $${publish:monitor-password} #---------------- #-- #-- Monitor [monitor-instance-parameter] monitor-httpd-port = $${slap-parameter:monitor-httpd-port} monitor-title = $${slap-parameter:monitor-title} cors-domains = $${slap-parameter:monitor-cors-domains} username = $${slap-parameter:monitor-username} password = $${slap-parameter:monitor-password} [monitor-conf-parameters] private-path-list += $${directory:logrotate-backup} $${basedirectory:log} [monitor-check-resilient-feed-file] recipe = slapos.recipe.template:jinja2 template = ${template-monitor-check-resilient-feed:location}/${template-monitor-check-resilient-feed:filename} rendered = $${monitor-directory:promises}/check-create-resilient-feed-files mode = 700 context = key input_feed_directory directory:notifier-feeds key monitor_feed_directory monitor-directory:public key base_url publish-connection-information:feeds-url raw python_executable ${buildout:executable}