Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
slapos
Commits
d21df0ee
Commit
d21df0ee
authored
Sep 21, 2018
by
Jérome Perrin
Browse files
Options
Browse Files
Download
Plain Diff
Update Shellinabox in testnode
/reviewed-on
nexedi/slapos!408
parents
71d01aa6
5d4852c3
Changes
9
Hide whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
86 additions
and
404 deletions
+86
-404
component/shellinabox/0001-Switch-to-IPv6.patch
component/shellinabox/0001-Switch-to-IPv6.patch
+0
-213
component/shellinabox/0002-Allow-to-run-entire-command-path.patch
...t/shellinabox/0002-Allow-to-run-entire-command-path.patch
+0
-26
component/shellinabox/buildout.cfg
component/shellinabox/buildout.cfg
+1
-19
setup.py
setup.py
+0
-1
slapos/recipe/shellinabox.py
slapos/recipe/shellinabox.py
+0
-109
software/erp5testnode/buildout.hash.cfg
software/erp5testnode/buildout.hash.cfg
+1
-1
software/erp5testnode/instance-default.cfg
software/erp5testnode/instance-default.cfg
+80
-30
software/erp5testnode/software.cfg
software/erp5testnode/software.cfg
+4
-1
software/slaprunner/software.cfg
software/slaprunner/software.cfg
+0
-4
No files found.
component/shellinabox/0001-Switch-to-IPv6.patch
deleted
100644 → 0
View file @
71d01aa6
From 50ec7439e80bd6a77346dc6482895e481d8cd43a Mon Sep 17 00:00:00 2001
From: Antoine Catton <acatton@tiolive.com>
Date: Tue, 10 Jan 2012 18:30:20 +0100
Subject: [PATCH] Switch to IPv6
---
libhttp/http.h | 4 ++--
libhttp/httpconnection.c | 11 ++++++++++-
libhttp/server.c | 33 +++++++++++++++++++--------------
libhttp/server.h | 6 +++---
shellinabox/shellinaboxd.c | 14 +++++++-------
5 files changed, 41 insertions(+), 27 deletions(-)
diff --git a/libhttp/http.h b/libhttp/http.h
index e7840fa..5cd61e3 100644
--- a/libhttp/http.h
+++ b/libhttp/http.h
@@ -66,8 +66,8 @@
typedef struct ServerConnection ServerConnection;
typedef struct Server Server;
typedef struct URL URL;
-Server *newCGIServer(int localhostOnly, int portMin, int portMax, int timeout);
-Server *newServer(int localhostOnly, int port);
+Server *newCGIServer(char *ipv6, int portMin, int portMax, int timeout);
+Server *newServer(char *ipv6, int port);
void deleteServer(Server *server);
int serverGetListeningPort(Server *server);
int serverGetFd(Server *server);
diff --git a/libhttp/httpconnection.c b/libhttp/httpconnection.c
index c8e69f6..cae467f 100644
--- a/libhttp/httpconnection.c
+++ b/libhttp/httpconnection.c
@@ -823,8 +823,17 @@
static int httpHandleCommand(struct HttpConnection *http,
const char *host = getFromHashMap(&http->header,
"host");
if (host) {
+ int brackets = 0; // For IPv6 hosts
for (char ch; (ch = *host) != '\000'; host++) {
- if (ch == ':') {
+ if (ch == '[') {
+ brackets = 1;
+ break;
+ }
+ if (ch == ']') {
+ brackets = 0;
+ break;
+ }
+ if (!brackets && ch == ':') {
*(char *)host = '\000';
break;
}
diff --git a/libhttp/server.c b/libhttp/server.c
index f52a269..2c30bd8 100644
--- a/libhttp/server.c
+++ b/libhttp/server.c
@@ -170,19 +170,19 @@
static int serverQuitHandler(struct HttpConnection *http, void *arg) {
return HTTP_DONE;
}
-struct Server *newCGIServer(int localhostOnly, int portMin, int portMax,
+struct Server *newCGIServer(char *ipv6, int portMin, int portMax,
int timeout) {
struct Server *server;
check(server = malloc(sizeof(struct Server)));
- initServer(server, localhostOnly, portMin, portMax, timeout);
+ initServer(server, ipv6, portMin, portMax, timeout);
return server;
}
-struct Server *newServer(int localhostOnly, int port) {
- return newCGIServer(localhostOnly, port, port, -1);
+struct Server *newServer(char *ipv6, int port) {
+ return newCGIServer(ipv6, port, port, -1);
}
-void initServer(struct Server *server, int localhostOnly, int portMin,
+void initServer(struct Server *server, char *ipv6, int portMin,
int portMax, int timeout) {
server->looping = 0;
server->exitAll = 0;
@@ -192,14 +192,19 @@
void initServer(struct Server *server, int localhostOnly, int portMin,
server->numConnections = 0;
int true = 1;
- server->serverFd = socket(PF_INET, SOCK_STREAM, 0);
+ server->serverFd = socket(PF_INET6, SOCK_STREAM, 0);
check(server->serverFd >= 0);
check(!setsockopt(server->serverFd, SOL_SOCKET, SO_REUSEADDR,
&true, sizeof(true)));
- struct sockaddr_in serverAddr = { 0 };
- serverAddr.sin_family = AF_INET;
- serverAddr.sin_addr.s_addr = htonl(localhostOnly
- ? INADDR_LOOPBACK : INADDR_ANY);
+ struct sockaddr_in6 serverAddr = { 0 };
+ serverAddr.sin6_family = AF_INET6;
+ if (ipv6 != NULL) {
+ if (!inet_pton(AF_INET6, ipv6, serverAddr.sin6_addr.s6_addr)) {
+ fatal("Bad ipv6 address");
+ }
+ } else {
+ serverAddr.sin6_addr = in6addr_any;
+ }
// Linux unlike BSD does not have support for picking a local port range.
// So, we have to randomly pick a port from our allowed port range, and then
@@ -214,14 +219,14 @@
void initServer(struct Server *server, int localhostOnly, int portMin,
int portStart = rand() % (portMax - portMin + 1) + portMin;
for (int p = 0; p <= portMax-portMin; p++) {
int port = (p+portStart)%(portMax-portMin+1)+ portMin;
- serverAddr.sin_port = htons(port);
+ serverAddr.sin6_port = htons(port);
if (!bind(server->serverFd, (struct sockaddr *)&serverAddr,
sizeof(serverAddr))) {
break;
}
- serverAddr.sin_port = 0;
+ serverAddr.sin6_port = 0;
}
- if (!serverAddr.sin_port) {
+ if (!serverAddr.sin6_port) {
fatal("Failed to find any available port");
}
}
@@ -231,7 +236,7 @@
void initServer(struct Server *server, int localhostOnly, int portMin,
check(!getsockname(server->serverFd, (struct sockaddr *)&serverAddr,
&socklen));
check(socklen == sizeof(serverAddr));
- server->port = ntohs(serverAddr.sin_port);
+ server->port = ntohs(serverAddr.sin6_port);
info("Listening on port %d", server->port);
check(server->pollFds = malloc(sizeof(struct pollfd)));
diff --git a/libhttp/server.h b/libhttp/server.h
index bb879fb..5ffb698 100644
--- a/libhttp/server.h
+++ b/libhttp/server.h
@@ -78,10 +78,10 @@
struct Server {
struct SSLSupport ssl;
};
-struct Server *newCGIServer(int localhostOnly, int portMin, int portMax,
+struct Server *newCGIServer(char *ipv6, int portMin, int portMax,
int timeout);
-struct Server *newServer(int localhostOnly, int port);
-void initServer(struct Server *server, int localhostOnly, int portMin,
+struct Server *newServer(char *ipv6, int port);
+void initServer(struct Server *server, char *ipv6, int portMin,
int portMax, int timeout);
void destroyServer(struct Server *server);
void deleteServer(struct Server *server);
diff --git a/shellinabox/shellinaboxd.c b/shellinabox/shellinaboxd.c
index dcf05ff..2d1d758 100644
--- a/shellinabox/shellinaboxd.c
+++ b/shellinabox/shellinaboxd.c
@@ -80,7 +80,7 @@
static int port;
static int portMin;
static int portMax;
-static int localhostOnly = 0;
+static char *ipv6 = NULL;
static int noBeep = 0;
static int numericHosts = 0;
static int enableSSL = 1;
@@ -747,7 +747,7 @@
static void usage(void) {
" -g, --group=GID switch to this group (default: %s)\n"
" -h, --help print this message\n"
" --linkify=[none|normal|agressive] default is \"normal\"\n"
- " --localhost-only only listen on 127.0.0.1\n"
+ " --ipv6 listen on a specific ipv6\n"
" --no-beep suppress all audio output\n"
" -n, --numeric do not resolve hostnames\n"
" -p, --port=PORT select a port (default: %d)\n"
@@ -839,7 +839,7 @@
static void parseArgs(int argc, char * const argv[]) {
{ "static-file", 1, 0, 'f' },
{ "group", 1, 0, 'g' },
{ "linkify", 1, 0, 0 },
- { "localhost-only", 0, 0, 0 },
+ { "ipv6", 1, 0, 0 },
{ "no-beep", 0, 0, 0 },
{ "numeric", 0, 0, 'n' },
{ "port", 1, 0, 'p' },
@@ -1001,8 +1001,8 @@
static void parseArgs(int argc, char * const argv[]) {
"\"none\", \"normal\", or \"aggressive\".");
}
} else if (!idx--) {
- // Localhost Only
- localhostOnly = 1;
+ // IPv6
+ ipv6 = optarg;
} else if (!idx--) {
// No Beep
noBeep = 1;
@@ -1197,7 +1197,7 @@
int main(int argc, char * const argv[]) {
// Create a new web server
Server *server;
if (port) {
- check(server = newServer(localhostOnly, port));
+ check(server = newServer(ipv6, port));
dropPrivileges();
setUpSSL(server);
} else {
@@ -1217,7 +1217,7 @@
int main(int argc, char * const argv[]) {
_exit(0);
}
check(!NOINTR(close(fds[0])));
- check(server = newCGIServer(localhostOnly, portMin, portMax,
+ check(server = newCGIServer(ipv6, portMin, portMax,
AJAX_TIMEOUT));
cgiServer = server;
setUpSSL(server);
--
1.7.6.5
component/shellinabox/0002-Allow-to-run-entire-command-path.patch
deleted
100644 → 0
View file @
71d01aa6
From eee6f7180dc5dd4523264e7ce0721945ab2b78a1 Mon Sep 17 00:00:00 2001
From: Antoine Catton <acatton@tiolive.com>
Date: Wed, 11 Jan 2012 17:32:15 +0100
Subject: [PATCH 2/2] Allow to run entire command path.
---
shellinabox/launcher.c | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/shellinabox/launcher.c b/shellinabox/launcher.c
index fb8a133..e116a75 100644
--- a/shellinabox/launcher.c
+++ b/shellinabox/launcher.c
@@ -1226,8 +1226,7 @@
static void execService(int width, int height, struct Service *service,
extern char **environ;
environ = environment;
- char *cmd = strrchr(argv[0], '/');
- execvp(cmd ? cmd + 1: argv[0], argv);
+ execvp(argv[0], argv);
}
void setWindowSize(int pty, int width, int height) {
--
1.7.6.5
component/shellinabox/buildout.cfg
View file @
d21df0ee
...
@@ -11,24 +11,6 @@ extends =
...
@@ -11,24 +11,6 @@ extends =
parts = shellinabox
parts = shellinabox
[shellinabox]
<= shellinabox-2.10
[shellinabox-2.10]
; This version is old, but we patch it for IPv6 support
recipe = slapos.recipe.cmmi
url = http://shellinabox.googlecode.com/files/shellinabox-2.10.tar.gz
md5sum = 0e144910d85d92edc54702ab9c46f032
patch-binary = ${patch:location}/bin/patch
patch-options = -p1
patches =
${:_profile_base_location_}/0001-Switch-to-IPv6.patch#b61cb099c00e15a5fcaf6c98134fff45
${:_profile_base_location_}/0002-Allow-to-run-entire-command-path.patch#a506b4d83021e24c830f767501c1d3fc
environment =
CFLAGS = -I${zlib:location}/include -I${openssl:location}/include
LDFLAGS = -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib
PKG_CONFIG_PATH = ${openssl:location}/lib/pkgconfig/
[shellinabox-git-repository]
[shellinabox-git-repository]
; This version has much more features, but does not support IPv6 (support unix domain though)
; This version has much more features, but does not support IPv6 (support unix domain though)
recipe = slapos.recipe.build:gitclone
recipe = slapos.recipe.build:gitclone
...
@@ -36,7 +18,7 @@ repository = https://github.com/shellinabox/shellinabox
...
@@ -36,7 +18,7 @@ repository = https://github.com/shellinabox/shellinabox
revision = b8285748993c4c99e80793775f3d2a0a4e962d5a
revision = b8285748993c4c99e80793775f3d2a0a4e962d5a
git-executable = ${git:location}/bin/git
git-executable = ${git:location}/bin/git
[shellinabox
-github
]
[shellinabox]
recipe = slapos.recipe.cmmi
recipe = slapos.recipe.cmmi
path = ${shellinabox-git-repository:location}
path = ${shellinabox-git-repository:location}
configure-command =
configure-command =
...
...
setup.py
View file @
d21df0ee
...
@@ -168,7 +168,6 @@ setup(name=name,
...
@@ -168,7 +168,6 @@ setup(name=name,
'reverseproxy.nginx = slapos.recipe.reverse_proxy_nginx:Recipe'
,
'reverseproxy.nginx = slapos.recipe.reverse_proxy_nginx:Recipe'
,
'sheepdogtestbed = slapos.recipe.sheepdogtestbed:SheepDogTestBed'
,
'sheepdogtestbed = slapos.recipe.sheepdogtestbed:SheepDogTestBed'
,
'shell = slapos.recipe.shell:Recipe'
,
'shell = slapos.recipe.shell:Recipe'
,
'shellinabox = slapos.recipe.shellinabox:Recipe'
,
'signalwrapper= slapos.recipe.signal_wrapper:Recipe'
,
'signalwrapper= slapos.recipe.signal_wrapper:Recipe'
,
'simplelogger = slapos.recipe.simplelogger:Recipe'
,
'simplelogger = slapos.recipe.simplelogger:Recipe'
,
'simplehttpserver = slapos.recipe.simplehttpserver:Recipe'
,
'simplehttpserver = slapos.recipe.simplehttpserver:Recipe'
,
...
...
slapos/recipe/shellinabox.py
deleted
100644 → 0
View file @
71d01aa6
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from
getpass
import
getpass
import
hmac
import
pwd
import
grp
import
os
import
shlex
from
slapos.recipe.librecipe
import
GenericBaseRecipe
def
login_shell
(
password_file
,
shell
):
if
password_file
:
with
open
(
password_file
,
'r'
)
as
password_file
:
password
=
password_file
.
read
()
if
not
password
or
hmac
.
compare_digest
(
getpass
(),
password
):
commandline
=
shlex
.
split
(
shell
)
os
.
execv
(
commandline
[
0
],
commandline
)
return
1
def
shellinabox
(
args
):
certificate_dir
=
args
[
'certificate_dir'
]
certificate_path
=
os
.
path
.
join
(
certificate_dir
,
'certificate.pem'
)
with
open
(
certificate_path
,
'w'
)
as
certificate_file
:
with
open
(
args
[
'ssl_key'
],
'r'
)
as
key_file
:
# XXX: Dirty hack in order to make shellinabox work
print
>>
certificate_file
,
key_file
.
read
().
replace
(
' PRIVATE '
,
' RSA PRIVATE '
)
with
open
(
args
[
'ssl_certificate'
])
as
public_key_file
:
print
>>
certificate_file
,
public_key_file
.
read
()
user
=
pwd
.
getpwuid
(
os
.
getuid
()).
pw_uid
group
=
grp
.
getgrgid
(
os
.
getgid
()).
gr_gid
service
=
'/:%(user)s:%(group)s:%(directory)s:%(command)s'
%
{
'user'
:
user
,
'group'
:
group
,
'directory'
:
args
[
'directory'
],
'command'
:
args
[
'login_shell'
],
}
command_line
=
[
args
[
'shellinabox'
],
'-c'
,
certificate_dir
,
'-s'
,
service
,
'--ipv6'
,
args
[
'ipv6'
],
'-p'
,
args
[
'port'
],
]
# XXX: By default shellinbox drop privileges
# switching to nobody:nogroup user.
# This force root.
if
group
==
'root'
:
command_line
.
extend
([
'-g'
,
group
])
if
user
==
'root'
:
command_line
.
extend
([
'-u'
,
group
])
os
.
execv
(
command_line
[
0
],
command_line
)
class
Recipe
(
GenericBaseRecipe
):
def
install
(
self
):
login_shell_wrapper
=
self
.
createPythonScript
(
self
.
options
[
'login-shell'
],
__name__
+
'.login_shell'
,
(
self
.
options
[
'password-file'
],
self
.
options
[
'shell'
])
)
shellinabox_wrapper
=
self
.
createPythonScript
(
self
.
options
[
'wrapper'
],
__name__
+
'.shellinabox'
,
(
dict
(
certificate_dir
=
self
.
options
[
'certificate-directory'
],
ssl_key
=
self
.
options
[
'key-file'
],
ssl_certificate
=
self
.
options
[
'cert-file'
],
shellinabox
=
self
.
options
[
'shellinabox-binary'
],
directory
=
self
.
options
[
'directory'
],
ipv6
=
self
.
options
[
'ipv6'
],
port
=
self
.
options
[
'port'
],
login_shell
=
login_shell_wrapper
,
),)
)
return
login_shell_wrapper
,
shellinabox_wrapper
software/erp5testnode/buildout.hash.cfg
View file @
d21df0ee
...
@@ -18,4 +18,4 @@ md5sum = 307663d73ef3ef94b02567ecd322252e
...
@@ -18,4 +18,4 @@ md5sum = 307663d73ef3ef94b02567ecd322252e
[template-default]
[template-default]
filename = instance-default.cfg
filename = instance-default.cfg
md5sum =
555700e5d216ff32a981f4066791bda
b
md5sum =
d5a4270e5e7827db2e6a19d2eedb570
b
software/erp5testnode/instance-default.cfg
View file @
d21df0ee
...
@@ -9,8 +9,6 @@ extends = ${monitor2-template:rendered}
...
@@ -9,8 +9,6 @@ extends = ${monitor2-template:rendered}
parts =
parts =
testnode
testnode
shell
shellinabox
certificate-authority
certificate-authority
ca-shellinabox
ca-shellinabox
ca-httpd-testnode
ca-httpd-testnode
...
@@ -18,11 +16,12 @@ parts =
...
@@ -18,11 +16,12 @@ parts =
monitor-publish
monitor-publish
testnode-frontend
testnode-frontend
resiliency-exclude-file
resiliency-exclude-file
shellinabox-frontend-reload
promises
[monitor-publish]
[monitor-publish]
recipe = slapos.cookbook:publish
recipe = slapos.cookbook:publish
url = https://[$${shellinabox:ipv6}]:$${shellinabox:port}/
url = $${shellinabox-frontend:url}
password = $${pwgen:passwd}
frontend-url = $${testnode-frontend:connection-secure_access}
frontend-url = $${testnode-frontend:connection-secure_access}
[pwgen]
[pwgen]
...
@@ -73,34 +72,70 @@ apache-modules-dir = ${apache:location}/modules
...
@@ -73,34 +72,70 @@ apache-modules-dir = ${apache:location}/modules
apache-mime-file = ${apache:location}/conf/mime.types
apache-mime-file = ${apache:location}/conf/mime.types
apache-htpasswd = ${apache:location}/bin/htpasswd
apache-htpasswd = ${apache:location}/bin/htpasswd
[shell]
recipe = slapos.cookbook:shell
[shell-environment]
wrapper = $${rootdirectory:bin}/sh
shell = ${bash:location}/bin/bash
shell = ${busybox:location}/bin/sh
home = $${buildout:directory}
ps1 = "\\w> "
path =
${busybox:location}/bin/
${busybox:location}/usr/bin/
${git:location}/bin/
${python2.7:location}/bin/
${buildout:bin-directory}/
${busybox:location}/sbin/
${busybox:location}/usr/sbin/
[shellinabox]
[shellinabox]
recipe = slapos.cookbook:shellinabox
recipe = slapos.recipe.template:jinja2
# We cannot use slapos.cookbook:wrapper here because this recipe escapes too much
socket = $${directory:run}/siab.sock
mode = 0700
rendered = $${basedirectory:services}/shellinaboxd
template = inline:
#!/bin/sh
exec ${shellinabox:location}/bin/shellinaboxd \
--disable-ssl \
--disable-ssl-menu \
--unixdomain-only=$${:socket}:$(id -u):$(id -g):0600 \
--service "/:$(id -u):$(id -g):HOME:$${shell-environment:shell} -l"
[shellinabox-frontend-config]
recipe = slapos.recipe.template:jinja2
rendered = $${directory:etc}/$${:_buildout_section_name_}
template = inline:
https://$${:hostname}:$${:port} {
bind $${:ipv6}
tls $${:cert-file} $${:key-file}
gzip
log stdout
errors stderr
proxy / unix:$${shellinabox:socket}
basicauth $${:username} $${:passwd} {
realm "Test Node $${testnode:test-node-title}"
/
}
}
ipv6 = $${slap-network-information:global-ipv6}
ipv6 = $${slap-network-information:global-ipv6}
hostname = [$${:ipv6}]
port = 8080
port = 8080
shell = $${shell:wrapper}
username = testnode
wrapper = $${rootdirectory:bin}/shellinaboxd
passwd = $${pwgen:passwd}
shellinabox-binary = ${shellinabox:location}/bin/shellinaboxd
password-file = $${pwgen:storage-path}
directory = $${buildout:directory}/
login-shell = $${rootdirectory:bin}/login
certificate-directory = $${directory:shellinabox}
cert-file = $${directory:shellinabox}/public.crt
cert-file = $${directory:shellinabox}/public.crt
key-file = $${directory:shellinabox}/private.key
key-file = $${directory:shellinabox}/private.key
url = https://$${:username}:$${:passwd}@$${:hostname}:$${:port}
[shellinabox-frontend]
recipe = slapos.cookbook:wrapper
wrapper-path = $${rootdirectory:bin}/$${:_buildout_section_name_}
command-line =
${caddy:output} -conf $${shellinabox-frontend-config:rendered} -pidfile $${:pidfile}
url = $${shellinabox-frontend-config:url}
hostname = $${shellinabox-frontend-config:ipv6}
port = $${shellinabox-frontend-config:port}
pidfile = $${basedirectory:run}/$${:_buildout_section_name_}.pid
[shellinabox-frontend-reload]
recipe = slapos.cookbook:wrapper
wrapper-path = $${basedirectory:services}/$${:_buildout_section_name_}
command-line =
${bash:location}/bin/bash -c
"kill -s USR1 $$(${coreutils:location}/bin/cat $${shellinabox-frontend:pidfile}) \
&& ${coreutils:location}/bin/sleep infinity"
hash-files =
$${shellinabox-frontend-config:rendered}
$${shellinabox-frontend:wrapper-path}
[certificate-authority]
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
recipe = slapos.cookbook:certificate_authority
...
@@ -124,10 +159,10 @@ crl = $${directory:ca-dir}/crl/
...
@@ -124,10 +159,10 @@ crl = $${directory:ca-dir}/crl/
[ca-shellinabox]
[ca-shellinabox]
<= certificate-authority
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
recipe = slapos.cookbook:certificate_authority.request
executable = $${shellinabox
:wrapper
}
executable = $${shellinabox
-frontend:wrapper-path
}
wrapper = $${basedirectory:services}/shellinaboxd
wrapper = $${basedirectory:services}/shellinabox
-fronten
d
key-file = $${shellinabox:key-file}
key-file = $${shellinabox
-frontend-config
:key-file}
cert-file = $${shellinabox:cert-file}
cert-file = $${shellinabox
-frontend-config
:cert-file}
[ca-httpd-testnode]
[ca-httpd-testnode]
<= certificate-authority
<= certificate-authority
...
@@ -181,6 +216,21 @@ config-https-only = true
...
@@ -181,6 +216,21 @@ config-https-only = true
#software-type = custom-personal
#software-type = custom-personal
return = domain secure_access
return = domain secure_access
[promises]
recipe =
instance-promises =
$${shellinabox-frontend-listen-promise:path}
[check-port-listening-promise]
recipe = slapos.cookbook:check_port_listening
path = $${directory:promises}/$${:_buildout_section_name_}
[shellinabox-frontend-listen-promise]
<= check-port-listening-promise
hostname= $${shellinabox-frontend:hostname}
port = $${shellinabox-frontend:port}
[slap-parameter]
[slap-parameter]
node-quantity = 1
node-quantity = 1
test-suite-master-url =
test-suite-master-url =
...
...
software/erp5testnode/software.cfg
View file @
d21df0ee
...
@@ -5,7 +5,9 @@ extends =
...
@@ -5,7 +5,9 @@ extends =
../../component/git/buildout.cfg
../../component/git/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/zip/buildout.cfg
../../component/zip/buildout.cfg
../../component/busybox/buildout.cfg
../../component/bash/buildout.cfg
../../component/caddy/buildout.cfg
../../component/coreutils/buildout.cfg
../../component/shellinabox/buildout.cfg
../../component/shellinabox/buildout.cfg
../../component/pwgen/buildout.cfg
../../component/pwgen/buildout.cfg
../../component/apache/buildout.cfg
../../component/apache/buildout.cfg
...
@@ -27,6 +29,7 @@ eggs =
...
@@ -27,6 +29,7 @@ eggs =
zc.buildout
zc.buildout
slapos.libnetworkcache
slapos.libnetworkcache
slapos.core
slapos.core
slapos.recipe.template
supervisor
supervisor
jsonschema
jsonschema
hexagonit.recipe.download
hexagonit.recipe.download
...
...
software/slaprunner/software.cfg
View file @
d21df0ee
...
@@ -43,10 +43,6 @@ common-parts =
...
@@ -43,10 +43,6 @@ common-parts =
parts =
parts =
${:common-parts}
${:common-parts}
# Use shellinabox from github with AF_UNIX support
[shellinabox]
<= shellinabox-github
[template-base]
[template-base]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/${:filename}
url = ${:_profile_base_location_}/${:filename}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment