# vim: set ft=cfg: {% import 'parts' as parts %} {% import 'replicated' as replicated with context %} {% set backup_amount = slapparameter_dict.pop('resilient-clone-number', "1")|int + 1 -%} {% set monitor_dict = {} -%} {% set monitor_return = [] -%} {% if slapparameter_dict.get('enable-monitor', True) == True -%} {% set monitor_return = ['monitor-base-url'] -%} {% set monitor_parameter = {'monitor-cors-domains': slapparameter_dict.pop('monitor-cors-domains', "monitor.app.officejs.com")} -%} {% set monitor_dict = {'parameter': monitor_parameter, 'return': monitor_return} -%} {% endif -%} {% set monitor_interface_url = slapparameter_dict.pop('monitor-interface-url', 'https://monitor.app.officejs.com') -%} [buildout] eggs-directory = {{ eggs_directory }} develop-eggs-directory = {{ develop_eggs_directory }} offline = true # += because we need to take up parts (like instance-custom, slapmonitor etc) from the profile we extended parts += publish-early {{ parts.replicate("kvm", backup_amount) }} publish-connection-information kvm-frontend-url-promise kvm-backend-url-promise {% if monitor_dict -%} extends = {{ template_monitor }} [monitor-htpasswd] recipe = slapos.cookbook:generate.password storage-path = ${directory:etc}/.monitor_user bytes = 8 username = admin [publish-early] recipe = slapos.cookbook:publish-early -init = monitor-password monitor-htpasswd:passwd # XXX Monitoring Main Instane [monitor-instance-parameter] monitor-httpd-port = 8160 password = ${publish-early:monitor-password} cors-domains = {{ monitor_parameter.get('monitor-cors-domains', '') }} {% do monitor_parameter.__setitem__('monitor-username', slapparameter_dict.get('monitor-username', 'admin'))%} {% do monitor_parameter.__setitem__('monitor-password', slapparameter_dict.get('monitor-password', '${publish-early:monitor-password}'))%} {% endif -%} {{ replicated.replicate("kvm", backup_amount, "kvm-export", "kvm-import", slapparameter_dict=slapparameter_dict, monitor_parameter_dict=monitor_dict) }} [directory] recipe = slapos.cookbook:mkdirectory etc = ${buildout:directory}/etc # Bubble down the parameters of the requested instance to the user [request-kvm] # Note: += doesn't work. return = # Resilient related parameters url ssh-public-key resilient-ssh-url notification-id ip {{ monitor_return | join(' ') }} # KVM related parameters # XXX: return ALL parameters (like nat rules), through jinja backend-url url ip {{ ' ' }}ipv6-network-info [publish-connection-information] recipe = slapos.cookbook:publish backend-url = ${request-kvm:connection-backend-url} url = ${request-kvm:connection-url} ipv6 = ${request-kvm:connection-ip} ipv6-network-info = ${request-kvm:connection-ipv6-network-info} monitor-password = ${publish-early:monitor-password} monitor-user = ${monitor-publish-parameters:monitor-user} {% if monitor_dict -%} monitor-base-url = ${monitor-publish-parameters:monitor-base-url} monitor-setup-url = {{ monitor_interface_url }}/#page=settings_configurator&url=${monitor-publish-parameters:monitor-url}&username=${monitor-publish-parameters:monitor-user}&password=${publish-early:monitor-password} {% endif -%} [kvm-frontend-url-bin] recipe = collective.recipe.template input = inline:#!/bin/sh URL="${request-kvm:connection-url}" if [[ ! "$URL" == https://* ]]; then exit 1 fi output = ${directory:bin}/kvm-frontend-url mode = 700 [kvm-frontend-url-promise] # Check that url parameter is complete <= monitor-promise-base module = check_command_execute name = kvm-frontend-url.py config-command = ${kvm-frontend-url-bin:output} [kvm-backend-url-promise] # Check that backend url is reachable <= monitor-promise-base module = check_url_available name = frontend_promise.py config-url = ${publish-connection-information:url}