Commit e1a4051a authored by Antoine Catton's avatar Antoine Catton

Working webdav storage

parent 20769516
......@@ -40,6 +40,7 @@ setup(name=name,
entry_points={
'zc.buildout': [
'download = slapos.recipe.download:Recipe',
'davstorage = slapos.recipe.davstorage:Recipe',
'erp5 = slapos.recipe.erp5:Recipe',
'erp5testnode = slapos.recipe.erp5testnode:Recipe',
'helloworld = slapos.recipe.helloworld:Recipe',
......
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import BaseSlapRecipe
import os
import subprocess
import pkg_resources
import zc.buildout
import zc.recipe.egg
import sys
class Recipe(BaseSlapRecipe):
def getTemplateFilename(self, template_name):
return pkg_resources.resource_filename(__name__,
'template/%s' % template_name)
def _install(self):
self.path_list = []
self.requirements, self.ws = self.egg.working_set()
document_root = self.createDataDirectory('www')
self.apache_config = self.installApache(document_root)
self.setConnectionDict(
dict(url='https://[%s]:%s/' % (self.apache_config['ip'],
self.apache_config['port']),
user=self.apache_config['user'],
password=self.apache_config['password']),
)
return self.path_list
def installApache(self, document_root, ip=None, port=None):
if ip is None:
ip=self.getGlobalIPv6Address()
if port is None:
port = '9080'
htpasswd_config = self.createHtpasswd()
ssl_config = self.createCertificate(size=2048)
apache_config = dict(
pid_file=os.path.join(self.run_directory, 'httpd.pid'),
lock_file=os.path.join(self.run_directory, 'httpd.lock'),
davlock_db=os.path.join(self.run_directory, 'davdb.lock'),
ip=ip,
port=port,
error_log=os.path.join(self.log_directory, 'httpd-error.log'),
access_log=os.path.join(self.log_directory, 'httpd-access.log'),
document_root=document_root,
modules_dir=self.options['apache_modules_dir'],
mime_types=self.options['apache_mime_file'],
server_root=self.work_directory,
email_address='admin@vifib.net',
htpasswd_file=htpasswd_config['htpasswd_file'],
ssl_certificate=ssl_config['certificate'],
ssl_key=ssl_config['key'],
)
httpd_config_file = self.createConfigurationFile('httpd.conf',
self.substituteTemplate(self.getTemplateFilename('httpd.conf.in'),
apache_config))
self.path_list.append(httpd_config_file)
apache_runner = zc.buildout.easy_install.scripts(
[('httpd', 'slapos.recipe.librecipe.execute', 'execute')],
self.ws, sys.executable, self.wrapper_directory,
arguments=[self.options['apache_binary'],
'-f', httpd_config_file,
'-DFOREGROUND',
]
)[0]
self.path_list.append(apache_runner)
return dict(ip=apache_config['ip'],
port=apache_config['port'],
user=htpasswd_config['user'],
password=htpasswd_config['password']
)
def createHtpasswd(self):
htpasswd = self.createConfigurationFile('htpasswd', '')
self.path_list.append(htpasswd)
password = self.generatePassword()
user = 'user'
returncode = subprocess.call([self.options['apache_htpasswd'],
'-bc', htpasswd,
user, password
])
if returncode != 0:
raise OSError('htpasswd command failed.')
return dict(htpasswd_file=htpasswd,
user=user,
password=password)
def createCertificate(self, size=1024, subject='/C=FR/L=Marcq-en-Baroeul/O=Nexedi'):
key_file = os.path.join(self.etc_directory, 'httpd.key')
self.path_list.append(key_file)
certificate_file = os.path.join(self.etc_directory, 'httpd.crt')
self.path_list.append(certificate_file)
returncode = subprocess.call([self.options['openssl_binary'],
'req', '-x509', '-nodes',
'-newkey', 'rsa:%s' % size,
'-subj', str(subject),
'-out', certificate_file,
'-keyout', key_file
])
if returncode != 0:
raise OSError('Error during the certificate and key generation.')
return dict(key=key_file,
certificate=certificate_file)
ServerRoot "%(server_root)s"
Listen [%(ip)s]:%(port)s
# Needed modules
LoadModule authn_file_module "%(modules_dir)s/mod_authn_file.so"
LoadModule authz_host_module "%(modules_dir)s/mod_authz_host.so"
LoadModule authz_user_module "%(modules_dir)s/mod_authz_user.so"
LoadModule auth_basic_module "%(modules_dir)s/mod_auth_basic.so"
LoadModule auth_digest_module "%(modules_dir)s/mod_auth_digest.so"
LoadModule log_config_module "%(modules_dir)s/mod_log_config.so"
LoadModule headers_module "%(modules_dir)s/mod_headers.so"
LoadModule setenvif_module "%(modules_dir)s/mod_setenvif.so"
LoadModule ssl_module "%(modules_dir)s/mod_ssl.so"
LoadModule mime_module "%(modules_dir)s/mod_mime.so"
LoadModule dav_module "%(modules_dir)s/mod_dav.so"
LoadModule dav_fs_module "%(modules_dir)s/mod_dav_fs.so"
LoadModule dir_module "%(modules_dir)s/mod_dir.so"
ServerAdmin %(email_address)s
# Quiet Server header (if not, Apache give its life history)
# It's safer
ServerTokens ProductOnly
DocumentRoot "%(document_root)s"
PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
DavLockDB "%(davlock_db)s"
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory %(document_root)s>
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
Dav On
# Security Rules to avoid DDoS Attacks
DavDepthInfinity Off
LimitXMLRequestBody 0
# Cross-Origin Resources Sharing
Header always set Access-Control-Max-Age "0"
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "OPTIONS, GET, HEAD, POST, PUT, DELETE, PROPFIND"
Header always set Access-Control-Allow-Headers "Content-Type, X-Requested-With, X-HTTP-Method-Override, Accept, Authorization, Depth"
SetEnvIf Origin "(.+)" ORIGIN=$1
Header always set Access-Control-Allow-Origin %%{ORIGIN}e
AuthType Basic
AuthName "WebDAV Storage"
AuthUserFile "%(htpasswd_file)s"
<LimitExcept OPTIONS>
Require valid-user
</LimitExcept>
</Directory>
ErrorLog "%(error_log)s"
LogLevel warn
LogFormat "%%h %%l %%u %%t \"%%r\" %%>s %%b \"%%{Referer}i\" \"%%{User-Agent}i\"" combined
LogFormat "%%h %%l %%u %%t \"%%r\" %%>s %%b" common
CustomLog "%(access_log)s" common
DefaultType text/plain
TypesConfig "%(mime_types)s"
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLEngine on
SSLCertificateFile "%(ssl_certificate)s"
SSLCertificateKeyFile "%(ssl_key)s"
[buildout]
parts =
instance
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
[instance]
recipe = ${instance-recipe:egg}:${instance-recipe:module}
dcrond_binary = ${dcron:location}/sbin/crond
logrotate_binary = ${logrotate:location}/usr/sbin/logrotate
apache_binary = ${apache:location}/bin/httpd
apache_modules_dir = ${apache:location}/modules/
apache_mime_file = ${apache:location}/conf/mime.types
apache_htpasswd = ${apache:location}/bin/htpasswd
openssl_binary = ${openssl:location}/bin/openssl
[buildout]
# extensions =
# slapos.zcbworkarounds
find-links +=
http://www.nexedi.org/static/packages/source/slapos.buildout/
extends =
../../component/apache/buildout.cfg
../../component/dcron/buildout.cfg
../../component/logrotate/buildout.cfg
../../stack/shacache-client.cfg
../../component/python-2.7/buildout.cfg
# Use only quite well working sites.
allow-hosts =
*.nexedi.org
*.python.org
*.sourceforge.net
dist.repoze.org
effbot.org
github.com
peak.telecommunity.com
psutil.googlecode.com
www.dabeaz.com
parts +=
template
apache
eggs
instance-recipe-egg
unzip= true
[eggs]
recipe = zc.recipe.egg
eggs =
[instance-recipe]
egg = slapos.cookbook
module = davstorage
[instance-recipe-egg]
recipe = zc.recipe.egg
python = python2.7
eggs = ${instance-recipe:egg}
[template]
# Default template for the instance.
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg
md5sum = 51b6213889573ae7b1dec0bd65384432
output = ${buildout:directory}/template.cfg
mode = 0644
[versions]
slapos.libnetworkcache = 0.3
zc.buildout = 1.5.3-dev-SlapOS-005
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment