Merge branch 'master' into slapos

CHANGES.txt

-0.12 (unreleased)
-=================
+Changes
+=======
+
+0.17 (unreleased)
+-----------------
 
  * No changes yet.
 
+0.16 (2011-07-15)
+-----------------
+
+ * Improve Vifib and pure ERP5 instantiation [Rafael Monnerat]
+ * Use configurator for Vifib [Rafael Monnerat]
+
+0.15 (2011-07-13)
+-----------------
+
+ * Encrypt connection by default. [Vivien Alger]
+
+0.14 (2011-07-13)
+-----------------
+
+ * Provide new way to instantiate kvm. [Cedric de Saint Martin, Vivien Alger]
+
+0.13 (2011-07-13)
+-----------------
+
+ * Implement generic execute_wait wrapper, which allows to wait for some files
+   to appear before starting service depending on it. [Łukasz Nowak]
+
+0.12 (2011-07-11)
+-----------------
+
+ * Fix slaprunner, phpmyadmin software releases, added
+   wordpress software release. [Cedric de Saint Martin]
+
 0.11 (2011-07-07)
-=================
+-----------------
 
  * Enable test suite runner for vifib.
 
 0.10 (2011-07-01)
-=================
+-----------------
 
  * Add PHPMyAdmin software release used in SlapOS tutorials
- [Cedric de Saint Martin]
+   [Cedric de Saint Martin]
  * Add slaprunner software release [Cedric de Saint Martin]
 
 0.9 (2011-06-24)
-================
+----------------
 
  * mysql recipe : Changing slapos.recipe.erp5.execute to
    slapos.recipe.librecipe.execute [Cedric de Saint Martin]
 
 0.8 (2011-06-15)
-================
+----------------
 
  * Add MySQL and MariaDB standalone software release and recipe
    [Cedric de Saint Martin]
  * Fixed slapos.recipe.erp5testnode instantiation [Sebastien Robin]
 
 0.7 (2011-06-14)
-================
+----------------
 
  * Fix slapos.recipe.erp5 package by providing site.zcml in it. [Łukasz Nowak]
  * Improve slapos.recipe.erp5testnode partition instantiation error reporting
    [Sebastien Robin]
 
 0.6 (2011-06-13)
-================
+----------------
 
  * Fixed slapos.recipe.erp5 instantiation. [Łukasz Nowak]
 
 0.5 (2011-06-13)
-================
+----------------
 
  * Implement zabbix agent instantiation. [Łukasz Nowak]
  * Drop dependency on Zope2. [Łukasz Nowak]
  * Share more in slapos.recipe.librecipe module. [Łukasz Nowak]
 
 0.4 (2011-06-09)
-================
+----------------
 
  * Remove reference to slapos.tool.networkcache as it was removed from pypi. [Łukasz Nowak]
  * Add Kumofs standalone software release and recipe [Cedric de Saint Martin]
  * Add Memcached standalone software release and recipe [Cedric de Saint Martin]
 
 0.3 (2011-06-09)
-================
+----------------
 
  * Moved out template and build to separate distributions [Łukasz Nowak]
  * Depend on slapos.core instead of depracated slapos.slap [Romain Courteaud]
@@ -63,11 +94,11 @@
  * Allow to control full environment in erp5 module [Łukasz Nowak]
 
 0.2 (2011-05-30)
-================
+----------------
 
   * Allow to pass zope_environment in erp5 entry point [Łukasz Nowak]
 
 0.1 (2011-05-27)
-================
+----------------
 
   * All slapos.recipe.* became slapos.cookbook:* [Łukasz Nowak]

README.txt

 slapos.cookbook
 ===============
+
+Cookbook of SlapOS recipes.

component/curl/buildout.cfg

@@ -11,14 +11,13 @@ parts =
 
 [curl]
 recipe = hexagonit.recipe.cmmi
-url = http://curl.haxx.se/download/curl-7.21.3.tar.bz2
-md5sum = 5b57fee22090b5c43a6886fdd35af2ce
+url = http://curl.haxx.se/download/curl-7.21.7.tar.bz2
+md5sum = 5f6d50c4d4ee38c57fe37e3cff75adbd
 configure-options =
   --disable-static
   --disable-ldap
   --disable-ldaps
   --disable-rtsp
-  --disable-proxy
   --disable-dict
   --disable-telnet
   --disable-tftp

component/glib/buildout.cfg

@@ -5,8 +5,8 @@ extends =
 
 [glib]
 recipe = hexagonit.recipe.cmmi
-url = http://ftp.gnome.org/pub/gnome/sources/glib/2.28/glib-2.28.7.tar.bz2
-md5sum = feda1650c8646ad39c7b01d95b03766b
+url = http://ftp.gnome.org/pub/gnome/sources/glib/2.28/glib-2.28.8.tar.bz2
+md5sum = 789e7520f71c6a4bf08bc683ec764d24
 configure-options =
   --disable-static
   --disable-selinux

component/gzip/buildout.cfg

+[buildout]
+parts =
+  gzip
+
+[gzip]
+recipe = hexagonit.recipe.cmmi
+url = ftp://ftp.gnu.org/pub/gnu/gzip/gzip-1.4.tar.gz
+md5sum = e381b8506210c794278f5527cba0e765

component/libpng/buildout.cfg

@@ -3,7 +3,6 @@ extends =
   ../zlib/buildout.cfg
 
 parts =
-  libpng12
   libpng
 
 [libpng-common]
@@ -14,12 +13,7 @@ environment =
   CPPFLAGS =-I${zlib:location}/include
   LDFLAGS =-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
 
-[libpng12]
-<= libpng-common
-url = http://download.sourceforge.net/libpng/libpng-1.2.44.tar.bz2
-md5sum = e3ac7879d62ad166a6f0c7441390d12b
-
 [libpng]
 <= libpng-common
-url = http://download.sourceforge.net/libpng/libpng-1.5.2.tar.bz2
-md5sum = a003b37ed9afb0d9164eb7228421057c
+url = http://download.sourceforge.net/libpng/libpng-1.5.4.tar.bz2
+md5sum = b43afe39237b69859522455b215f9e85

component/libxslt/buildout.cfg

@@ -16,6 +16,8 @@ configure-options =
   --with-libxml-prefix=${libxml2:location}
   --without-crypto
   --without-python
+  --without-debug
+  --without-debugger
 environment =
   PATH=${pkgconfig:location}/bin:%(PATH)s
   CPPFLAGS=-I${zlib:location}/include

component/logrotate/buildout.cfg

@@ -3,10 +3,20 @@ extends =
   ../popt/buildout.cfg
 parts = logrotate
 
+[logrotate-3.7.9-O_CLOEXEC.optional.patch]
+recipe = hexagonit.recipe.download
+url = ${:_profile_base_location_}/${:filename}
+download-only = true
+md5sum = 6beac248c978b767d4bccc1b7eebe6bd
+filename = ${:_buildout_section_name_}
+
 [logrotate]
 recipe = hexagonit.recipe.cmmi
 url = https://fedorahosted.org/releases/l/o/logrotate/logrotate-3.7.9.tar.gz
 md5sum = eeba9dbca62a9210236f4b83195e4ea5
+patch-options = -p1
+patches =
+  ${logrotate-3.7.9-O_CLOEXEC.optional.patch:location}/${logrotate-3.7.9-O_CLOEXEC.optional.patch:filename}
 configure-command = true
 make-options = PREFIX=${buildout:parts-directory}/${:_buildout_section_name_} 
 environment =

component/logrotate/logrotate-3.7.9-O_CLOEXEC.optional.patch

+diff --git a/config.c b/config.c
+index e6d5d1d..dd004a9 100644
+--- a/config.c
++++ b/config.c
+@@ -519,7 +519,11 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig)
+        length arrays -- of course, if we aren't run setuid it doesn't
+        matter much */
+ 
++#ifdef O_CLOEXEC
+     fd = open(configFile, O_RDONLY | O_CLOEXEC);
++#else
++    fd = open(configFile, O_RDONLY);
++#endif
+     if (fd < 0) {
+ 	message(MESS_ERROR, "failed to open config file %s: %s\n",
+ 		configFile, strerror(errno));

component/maatkit/buildout.cfg

+[buildout]
+extends =
+  ../perl/buildout.cfg
+  ../perl-DBI/buildout.cfg
+  ../perl-DBD-MySQL/buildout.cfg
+parts =
+  maatkit
+
+[maatkit]
+recipe = hexagonit.recipe.cmmi
+depends =
+  ${perl:version}
+  ${perl-DBI:version}
+  ${perl-DBD-MySQL:version}
+url = http://maatkit.googlecode.com/files/maatkit-7540.tar.gz
+md5sum = 55457f98500b096a6bf549356d3445fe
+configure-command =
+  ${perl:location}/bin/perl Makefile.PL

component/mariadb/buildout.cfg

@@ -12,9 +12,9 @@ parts =
 
 [mariadb]
 recipe = hexagonit.recipe.cmmi
-version = 5.2.6
+version = 5.2.7
 url = http://www.percona.com/downloads/MariaDB/mariadb-${:version}/kvm-tarbake-jaunty-x86/mariadb-${:version}.tar.gz
-md5sum = e562aca71ae16b490196f99aa7e64b55
+md5sum = 06b9b102946a3606b38348c0ebf18367
 # compile directory is required to build mysql plugins.
 keep-compile-dir = true
 # configure: how to avoid searching for my.cnf?

component/noVNC/buildout.cfg

+[buildout]
+parts =
+  noVNC
+
+[noVNC]
+recipe = hexagonit.recipe.download
+url = https://github.com/kanaka/noVNC/tarball/master
+strip-top-level-dir = true

component/perl-DBD-MySQL/DBD-mysql-4.019.rpathsupport.patch

+--- DBD-mysql-4.019.back/Makefile.PL    2011-05-09 03:12:07.000000000 +0200
++++ DBD-mysql-4.019/Makefile.PL 2011-06-22 11:44:06.478371893 +0200
+@@ -358,7 +358,14 @@  
+                      'Data::Dumper' => 0 };
+ }
+
+-ExtUtils::MakeMaker::WriteMakefile(%o);
++
++my %config;
++if (defined($ENV{'OTHERLDFLAGS'})) {
++    $config{dynamic_lib} = { OTHERLDFLAGS => " $ENV{'OTHERLDFLAGS'} " };
++}
++
++
++ExtUtils::MakeMaker::WriteMakefile(%o, %config);
+ exit 0;
+
+
+

component/perl-DBD-MySQL/buildout.cfg

+[buildout]
+extends =
+  ../perl/buildout.cfg
+  ../perl-DBI/buildout.cfg
+  ../mysql-tritonn-5.0/buildout.cfg
+  ../zlib/buildout.cfg
+  ../openssl/buildout.cfg
+parts =
+  perl-DBD-MySQL
+
+[perl-DBD-MySQL-patch]
+recipe = hexagonit.recipe.download
+md5sum = e12e9233f20b0370cfcf5228ea767fbc
+url = ${:_profile_base_location_}/${:filename}
+filename = DBD-mysql-4.019.rpathsupport.patch
+download-only = true
+
+[perl-DBD-MySQL]
+recipe = hexagonit.recipe.cmmi
+version = 4.019
+depends =
+  ${perl:version}
+  ${perl-DBI:version}
+url = http://search.cpan.org/CPAN/authors/id/C/CA/CAPTTOFU/DBD-mysql-4.019.tar.gz
+md5sum = 566d98ab8ffac9626a31f6f6d455558e
+patches =
+  ${perl-DBD-MySQL-patch:location}/${perl-DBD-MySQL-patch:filename}
+patch-options = -p1
+configure-command =
+  ${perl:location}/bin/perl Makefile.PL --mysql_config=${mysql-tritonn-5.0:location}/bin/mysql_config
+environment =
+  OTHERLDFLAGS=-Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${mysql-tritonn-5.0:location}/lib/mysql -Wl,-rpath=${openssl:location}/lib

component/perl-DBI/buildout.cfg

+[buildout]
+extends =
+  ../perl/buildout.cfg
+parts =
+  perl-DBI
+
+[perl-DBI]
+recipe = hexagonit.recipe.cmmi
+version = 1.616
+depends =
+  ${perl:version}
+url = http://search.cpan.org/CPAN/authors/id/T/TI/TIMB/DBI-1.616.tar.gz
+md5sum = 799313e54a693beb635b47918458f7c4
+configure-command =
+  ${perl:location}/bin/perl Makefile.PL

component/perl-XML-SAX/buildout.cfg

@@ -12,7 +12,8 @@ depends =
   ${perl-XML-NamespaceSupport:location}
 url = http://search.cpan.org/CPAN/authors/id/G/GR/GRANTM/XML-SAX-0.96.tar.gz
 md5sum = bdcd4119a62505184e211e9dfaef0ab1
+# say 'y' for 'Do you want XML::SAX to alter ParserDetails.ini? [Y]' question.
 configure-command =
-  ${perl:location}/bin/perl Makefile.PL
+  echo y | ${perl:location}/bin/perl Makefile.PL
 environment =
   PERLLIB=blib/lib

component/perl/buildout.cfg

@@ -14,16 +14,17 @@ filename = ${:_buildout_section_name_}
 
 [perl]
 recipe = hexagonit.recipe.cmmi
-version = 5.14.0
+version = 5.14.1
 url = http://www.cpan.org/src/5.0/perl-${:version}.tar.bz2
-md5sum = e7457deea78330c5f8eebb2fd2a45479
+md5sum = 97cd306a2c22929cc141a09568f43bb0
+siteprefix = ${buildout:parts-directory}/site_${:_buildout_section_name_}
 patch-options = -p1
 patches =
   ${perl-keep-linker-flags-in-ldflags.patch:location}/${perl-keep-linker-flags-in-ldflags.patch:filename}
 configure-command =
   sh Configure -des \
     -Dprefix=${buildout:parts-directory}/${:_buildout_section_name_} \
-    -Dsiteprefix=${buildout:parts-directory}/site_${:_buildout_section_name_} \
+    -Dsiteprefix=${:siteprefix} \
     -Dcflags=-I${gdbm:location}/include \
     -Dldflags="-L${gdbm:location}/lib -Wl,-rpath=${gdbm:location}/lib" \
     -Ui_db \

component/readline/buildout.cfg

@@ -6,8 +6,8 @@ extends =
 
 [readline]
 recipe = hexagonit.recipe.cmmi
-url = http://ftp.gnu.org/gnu/readline/readline-6.1.tar.gz
-md5sum = fc2f7e714fe792db1ce6ddc4c9fb4ef3
+url = http://ftp.gnu.org/gnu/readline/readline-6.2.tar.gz
+md5sum = 67948acb2ca081f23359d0256e9a271c
 configure-options =
   --disable-static
   --with-ncurses=${ncurses:location}

component/sqlite3/buildout.cfg

@@ -5,8 +5,8 @@ parts =
 
 [sqlite3]
 recipe = hexagonit.recipe.cmmi
-url = http://www.sqlite.org/sqlite-autoconf-3070603.tar.gz
-md5sum = 7eb41eea5ffa5cbe359a48629084c425
+url = http://www.sqlite.org/sqlite-autoconf-3070701.tar.gz
+md5sum = 554026fe7fac47b1cf61c18d5fe43419
 configure-options =
   --disable-static
   --enable-readline

component/w3m/buildout.cfg

@@ -53,4 +53,4 @@ environment =
 
 [versions]
 # Use SlapOS patched zc.buildout
-zc.buildout = 1.5.3-dev-SlapOS-004
+zc.buildout = 1.5.3-dev-SlapOS-005

setup.py

@@ -2,7 +2,7 @@ from setuptools import setup, find_packages
 import glob
 import os
 
-version = '0.12dev'
+version = '0.17-dev'
 name = 'slapos.cookbook'
 long_description = open("README.txt").read() + "\n" + \
     open("CHANGES.txt").read() + "\n"

slapos/recipe/erp5/__init__.py

@@ -81,8 +81,25 @@ class Recipe(BaseSlapRecipe):
 
     key, certificate = self.requestCertificate('Login Based Access')
     apache_conf = dict(
-        apache_login=self.installBackendApache(ip=self.getGlobalIPv6Address(),
-          port=13000, backend=site_access, key=key, certificate=certificate))
+         apache_login=self.installBackendApache(ip=self.getGlobalIPv6Address(),
+         port=13000, backend=site_access, key=key, certificate=certificate))
+
+    connection_dict = dict(site_url=apache_conf['apache_login'])
+
+    if self.parameter_dict.get("domain_name") is not None:
+      connection_dict["backend_url"] = apache_conf['apache_login']
+      connection_dict["domain_ip"] = self.getGlobalIPv6Address()
+
+      # XXX Define a fake domain_name for now.
+      frontend_name = self.parameter_dict.get("domain_name")
+      frontend_key, frontend_certificate = \
+             self.requestCertificate(frontend_name)
+
+      connection_dict["site_url"] = self.installFrontendZopeApache(
+        ip=self.getGlobalIPv6Address(), port=13001, name=frontend_name,
+        frontend_path='/%s' % self.site_id, backend_path='/%s' % self.site_id,
+        backend_url="http://%s" % site_access, key=frontend_key,
+        certificate=frontend_certificate)
 
     default_bt5_list = []
     if self.parameter_dict.get("flavour", "default") == 'configurator':
@@ -97,13 +114,13 @@ class Recipe(BaseSlapRecipe):
     self.installTestSuiteRunner(ca_conf, mysql_conf, conversion_server_conf,
                            memcached_conf, kumo_conf)
     self.linkBinary()
-    self.setConnectionDict(dict(
-      site_url=apache_conf['apache_login'],
+    connection_dict.update(**dict(
       site_user=user,
       site_password=password,
       memcached_url=memcached_conf['memcached_url'],
       kumo_url=kumo_conf['kumo_address']
     ))
+    self.setConnectionDict(connection_dict)
     return self.path_list
 
   def installZopeStandalone(self):
@@ -130,14 +147,19 @@ class Recipe(BaseSlapRecipe):
     thread_amount_per_zope = int(self.options.get(
                                 'cluster_zope_thread_amount', 1))
 
-    activity_node_amount = 2
-    user_node_amount = 2
+    activity_node_amount = int(self.options.get(
+                   "cluster_activity_node_amount", 2))
+
+    user_node_amount = int(self.options.get(
+                   "cluster_user_node_amount", 2))
+
     ip = self.getLocalIPv4Address()
     storage_dict = self._requestZeoFileStorage('Zeo Server 1', 'main')
 
     zeo_conf = self.installZeo(ip)
     tidstorage_config = dict(host=ip, port='6001')
 
+    # XXX How to define good values for this?
     mount_point = '/'
     check_path = '/erp5/account_module'
 
@@ -328,6 +350,12 @@ class Recipe(BaseSlapRecipe):
     # workaround wrong assumptions of ERP5Type.tests.runUnitTest about
     # directory existence
     unit_test = os.path.join(testinstance, 'unit_test')
+    connection_string_list = []
+    for test_database, test_user, test_password in \
+          mysql_conf['mysql_parallel_test_dict'][-4:]:
+      connection_string_list.append(
+          '%s@%s:%s %s %s' % (test_database, mysql_conf['ip'],
+                            mysql_conf['tcp_port'], test_user, test_password))
     if not os.path.isdir(unit_test):
       os.mkdir(unit_test)
     runUnitTest = zc.buildout.easy_install.scripts([
@@ -341,6 +369,7 @@ class Recipe(BaseSlapRecipe):
           '--erp5_sql_connection_string', '%(mysql_test_database)s@%'
           '(ip)s:%(tcp_port)s %(mysql_test_user)s '
           '%(mysql_test_password)s' % mysql_conf,
+          '--extra_sql_connection_string_list',','.join(connection_string_list),
           '--conversion_server_hostname=%(conversion_server_ip)s' % \
                                                          conversion_server_conf,
           '--conversion_server_port=%(conversion_server_port)s' % \
@@ -611,7 +640,7 @@ class Recipe(BaseSlapRecipe):
     return user, password
 
   def installERP5Site(self, user, password, zope_access, mysql_conf,
-          conversion_server_conf=None, memcached_conf=None, kumo_conf=None, 
+          conversion_server_conf=None, memcached_conf=None, kumo_conf=None,
           erp5_site_id='erp5', default_bt5_list=[]):
     """ Create a script controlled by supervisor, which creates a erp5
     site on current available zope and mysql environment"""
@@ -881,13 +910,18 @@ class Recipe(BaseSlapRecipe):
     ident = 'frontend_' + name
     apache_conf = self._getApacheConfigurationDict(ident, ip, port)
     apache_conf['server_name'] = name
+    apache_conf['frontend_path'] = frontend_path
     apache_conf['ssl_snippet'] = pkg_resources.resource_string(__name__,
         'template/apache.ssl-snippet.conf.in') % dict(
         login_certificate=certificate, login_key=key)
 
     rewrite_rule_template = \
         "RewriteRule ^%(path)s($|/.*) %(backend_url)s/VirtualHostBase/https/%(server_name)s:%(port)s%(backend_path)s/VirtualHostRoot/_vh_%(vhname)s$1 [L,P]\n"
-    path = pkg_resources.resource_string(__name__, 'template/apache.zope.conf.path-protected.in') % dict(path='/', access_control_string='none')
+
+    path = pkg_resources.resource_string(__name__,
+           'template/apache.zope.conf.path-protected.in') % \
+              dict(path='/', access_control_string='none')
+
     if access_control_string is None:
       path_template = pkg_resources.resource_string(__name__,
         'template/apache.zope.conf.path.in')
@@ -903,8 +937,7 @@ class Recipe(BaseSlapRecipe):
           backend_path=backend_path,
           port=apache_conf['port'],
           vhname=frontend_path.replace('/', ''),
-          server_name=name
-    )
+          server_name=name)
     rewrite_rule = rewrite_rule_template % d
     apache_conf.update(**dict(
       path_enable=path,
@@ -925,7 +958,7 @@ class Recipe(BaseSlapRecipe):
             )
           ]))
     # Note: IPv6 is assumed always
-    return 'https://[%(ip)s]:%(port)s' % apache_conf
+    return 'https://%(server_name)s:%(port)s%(frontend_path)s' % (apache_conf)
 
   def installBackendApache(self, ip, port, backend, key, certificate,
       suffix='', access_control_string=None):
@@ -953,7 +986,8 @@ class Recipe(BaseSlapRecipe):
 
   def installMysqlServer(self, ip, port, database='erp5', user='user',
       test_database='test_erp5', test_user='test_user', template_filename=None,
-      parallel_test_database_amount=100, mysql_conf=None):
+      parallel_test_database_amount=100, mysql_conf=None, with_backup=True,
+      with_maatkit=True):
     if mysql_conf is None:
       mysql_conf = {}
     backup_directory = self.createBackupDirectory('mysql')
@@ -1027,38 +1061,64 @@ class Recipe(BaseSlapRecipe):
        )]))
     self.path_list.extend([mysql_conf_path])
 
-    # backup configuration
-    backup_directory = self.createBackupDirectory('mysql')
-    full_backup = os.path.join(backup_directory, 'full')
-    incremental_backup = os.path.join(backup_directory, 'incremental')
-    self._createDirectory(full_backup)
-    self._createDirectory(incremental_backup)
-    innobackupex_argument_list = [self.options['perl_binary'],
-        self.options['innobackupex_binary'],
-        '--defaults-file=%s' % mysql_conf_path,
-        '--socket=%s' %mysql_conf['socket'].strip(), '--user=root',
-        '--ibbackup=%s'% self.options['xtrabackup_binary']]
-    environment = dict(PATH='%s' % self.bin_directory)
-    innobackupex_incremental = zc.buildout.easy_install.scripts([(
-      'innobackupex_incremental','slapos.recipe.librecipe.execute', 'executee')],
-      self.ws, sys.executable, self.bin_directory, arguments=[
-        innobackupex_argument_list + ['--incremental'],
-        environment])[0]
-    self.path_list.append(innobackupex_incremental)
-    innobackupex_full = zc.buildout.easy_install.scripts([('innobackupex_full',
-     'slapos.recipe.librecipe.execute', 'executee')], self.ws,
-      sys.executable, self.bin_directory, arguments=[
-        innobackupex_argument_list,
-        environment])[0]
-    self.path_list.append(innobackupex_full)
-    backup_controller = zc.buildout.easy_install.scripts([
-      ('innobackupex_controller', __name__ + '.innobackupex', 'controller')],
-      self.ws, sys.executable, self.bin_directory,
-      arguments=[innobackupex_incremental, innobackupex_full, full_backup,
-        incremental_backup])[0]
-    self.path_list.append(backup_controller)
-    mysql_backup_cron = os.path.join(self.cron_d, 'mysql_backup')
-    open(mysql_backup_cron, 'w').write('0 0 * * * ' + backup_controller)
-    self.path_list.append(mysql_backup_cron)
+    if with_backup:
+      # backup configuration
+      backup_directory = self.createBackupDirectory('mysql')
+      full_backup = os.path.join(backup_directory, 'full')
+      incremental_backup = os.path.join(backup_directory, 'incremental')
+      self._createDirectory(full_backup)
+      self._createDirectory(incremental_backup)
+      innobackupex_argument_list = [self.options['perl_binary'],
+          self.options['innobackupex_binary'],
+          '--defaults-file=%s' % mysql_conf_path,
+          '--socket=%s' %mysql_conf['socket'].strip(), '--user=root',
+          '--ibbackup=%s'% self.options['xtrabackup_binary']]
+      environment = dict(PATH='%s' % self.bin_directory)
+      innobackupex_incremental = zc.buildout.easy_install.scripts([(
+        'innobackupex_incremental','slapos.recipe.librecipe.execute', 'executee')],
+        self.ws, sys.executable, self.bin_directory, arguments=[
+          innobackupex_argument_list + ['--incremental'],
+          environment])[0]
+      self.path_list.append(innobackupex_incremental)
+      innobackupex_full = zc.buildout.easy_install.scripts([('innobackupex_full',
+       'slapos.recipe.librecipe.execute', 'executee')], self.ws,
+        sys.executable, self.bin_directory, arguments=[
+          innobackupex_argument_list,
+          environment])[0]
+      self.path_list.append(innobackupex_full)
+      backup_controller = zc.buildout.easy_install.scripts([
+        ('innobackupex_controller', __name__ + '.innobackupex', 'controller')],
+        self.ws, sys.executable, self.bin_directory,
+        arguments=[innobackupex_incremental, innobackupex_full, full_backup,
+          incremental_backup])[0]
+      self.path_list.append(backup_controller)
+      mysql_backup_cron = os.path.join(self.cron_d, 'mysql_backup')
+      open(mysql_backup_cron, 'w').write('0 0 * * * ' + backup_controller)
+      self.path_list.append(mysql_backup_cron)
+
+    if with_maatkit:
+      # maatkit installation
+      for mk_script_name in (
+          'mk-variable-advisor',
+          'mk-table-usage',
+          'mk-visual-explain',
+          'mk-config-diff',
+          'mk-deadlock-logger',
+          'mk-error-log',
+          'mk-index-usage',
+          'mk-query-advisor',
+          ):
+        mk_argument_list = [self.options['perl_binary'],
+            self.options['%s_binary' % mk_script_name],
+            '--defaults-file=%s' % mysql_conf_path,
+            '--socket=%s' %mysql_conf['socket'].strip(), '--user=root',
+            ]
+        environment = dict(PATH='%s' % self.bin_directory)
+        mk_exe = zc.buildout.easy_install.scripts([(
+          mk_script_name,'slapos.recipe.librecipe.execute', 'executee')],
+          self.ws, sys.executable, self.bin_directory, arguments=[
+            mk_argument_list, environment])[0]
+        self.path_list.append(mk_exe)
+
     # The return could be more explicit database, user ...
     return mysql_conf

slapos/recipe/kumofs/__init__.py

@@ -220,9 +220,10 @@ class Recipe(BaseSlapRecipe):
         self.substituteTemplate(template_filename,
           stunnel_conf))
     wrapper = zc.buildout.easy_install.scripts([('stunnel',
-      'slapos.recipe.librecipe.execute', 'execute')], self.ws, sys.executable,
-      self.wrapper_directory, arguments=[
-        self.options['stunnel_binary'].strip(), stunnel_conf_path]
+      'slapos.recipe.librecipe.execute', 'execute_wait')], self.ws,
+      sys.executable, self.wrapper_directory, arguments=[
+        [self.options['stunnel_binary'].strip(), stunnel_conf_path],
+        [ca_certificate, key]]
       )[0]
     self.path_list.append(wrapper)
 
@@ -267,4 +268,4 @@ class Recipe(BaseSlapRecipe):
         config['kumo_gateway_port']),
       kumo_gateway_ip=config['kumo_gateway_ip'],
       kumo_gateway_port=config['kumo_gateway_port'],
-    )
\ No newline at end of file
+    )

slapos/recipe/kvm/__init__.py

@@ -30,113 +30,291 @@ from slapos.recipe.librecipe import BaseSlapRecipe
 import subprocess
 import binascii
 import random
-
+import zc.buildout
 import pkg_resources
-
+import ConfigParser
+import hashlib
 
 class Recipe(BaseSlapRecipe):
 
   def _install(self):
+    """
+    Set the connection dictionnary for the computer partition and create a list
+    of paths to the different wrappers
+
+    Parameters : none
+
+    Returns    : List path_list
+    """
+    self.path_list = []
+
+    self.requirements, self.ws           = self.egg.working_set()
+    self.cron_d                          = self.installCrond()    
+
+    self.ca_conf                         = self.installCertificateAuthority()
+    self.key_path, self.certificate_path = self.requestCertificate('noVNC')
+     
+    kvm_conf = self.installKvm(vnc_ip = self.getLocalIPv4Address())
+    
+    vnc_port = 5900 + kvm_conf['vnc_display']
+    
+    noVNC_conf = self.installNoVnc(source_ip   = self.getGlobalIPv6Address(),
+                                   source_port = 6080,
+                                   target_ip   = kvm_conf['vnc_ip'],
+                                   target_port = vnc_port,
+                                   python_path = kvm_conf['python_path'])
+    
+    self.linkBinary()
+    self.computer_partition.setConnectionDict(dict(
+        url = "https://[%s]:%s/vnc.html?host=[%s]&port=%s&encrypt=1" % (noVNC_conf['source_ip'],
+                                                     noVNC_conf['source_port'],
+                                                     noVNC_conf['source_ip'],
+                                                     noVNC_conf['source_port']
+                                                     ), 
+        password = kvm_conf['vnc_passwd']))
+    
+    return self.path_list
 
-    #Get the IP list
+  def installKvm(self, vnc_ip):
+    """
+    Create kvm configuration dictionnary and instanciate a wrapper for kvm and 
+    kvm controller 
+
+    Parameters : IP the vnc server is listening on
+
+    Returns    : Dictionnary kvm_conf
+    """
+    kvm_conf = dict(vnc_ip = vnc_ip)
+    
     connection_found = False
-    ip = self.getGlobalIPv6Address()
-    for tap, dummy in self.parameter_dict['ip_list']:
+    for tap_interface, dummy in self.parameter_dict['ip_list']:
       # Get an ip associated to a tap interface
-      if tap:
+      if tap_interface:
         connection_found = True
     if not connection_found:
       raise NotImplementedError("Do not support ip without tap interface")
 
+    kvm_conf['tap_interface'] = tap_interface
+    
     # Disk path
-    disk_path = os.path.join(self.data_root_directory, 'virtual.qcow2')
-    socket_path = os.path.join(self.var_directory, 'qmp_socket')
+    kvm_conf['disk_path'] = os.path.join(self.data_root_directory,
+        'virtual.qcow2')
+    kvm_conf['socket_path'] = os.path.join(self.var_directory, 'qmp_socket')
     # XXX Weak password
-    vnc_passwd = binascii.hexlify(os.urandom(4))
+    ##XXX -Vivien: add an option to generate one password for all instances 
+    # and/or to input it yourself
+    kvm_conf['vnc_passwd'] = binascii.hexlify(os.urandom(4))
 
-    #XXX pid_file path, database_path and xml path
-    pid_file_path = os.path.join(self.run_directory, 'pid_file')
-    database_path = os.path.join(self.data_root_directory, 'slapmonitor_database')
+    #XXX pid_file path, database_path, path to python binary and xml path
+    kvm_conf['pid_file_path'] = os.path.join(self.run_directory, 'pid_file')
+    kvm_conf['database_path'] = os.path.join(self.data_root_directory,
+        'slapmonitor_database')
+    kvm_conf['python_path']   = sys.executable
+    kvm_conf['qemu_path']     = self.options['qemu_path']
     #xml_path = os.path.join(self.var_directory, 'slapreport.xml' )
 
     # Create disk if needed
-    if not os.path.exists(disk_path):
+    if not os.path.exists(kvm_conf['disk_path']):
       retcode = subprocess.call(["%s create -f qcow2 %s %iG" % (
-          self.options['qemu_img_path'], disk_path,
+          self.options['qemu_img_path'], kvm_conf['disk_path'],
           int(self.options['disk_size']))], shell=True)
       if retcode != 0:
         raise OSError, "Disk creation failed!"
-
-    # Instanciate KVM
-    kvm_config = {}
+    
     # Options nbd_ip and nbd_port are provided by slapos master
-    kvm_config.update(self.options)
-    #raise NotImplementedError("%s" % self.parameter_dict)
-    kvm_config['vnc_ip'] = ip
-    kvm_config['tap_interface'] = tap
-    kvm_config['nbd_ip'] = self.parameter_dict['nbd_ip']
-    kvm_config['nbd_port'] = self.parameter_dict['nbd_port']
-    #XXX
-    kvm_config['pid_file'] = pid_file_path 
-    kvm_config['image'] = disk_path
+    kvm_conf['nbd_ip']   = self.parameter_dict['nbd_ip']
+    kvm_conf['nbd_port'] = self.parameter_dict['nbd_port']
+
     # First octet has to represent a locally administered address
-    octet_list = [254] + [random.randint(0x00, 0xff) for x in range(5)]
-    kvm_config['mac_address'] = ':'.join(['%02x' % x for x in octet_list])
-    kvm_config['qmp_socket'] = socket_path
-    kvm_config['hostname'] = "slaposkvm"
+    octet_list         = [254] + [random.randint(0x00, 0xff) for x in range(5)]
+    kvm_conf['mac_address'] = ':'.join(['%02x' % x for x in octet_list])
 
-    kvm_wrapper_template_location = pkg_resources.resource_filename(
-                                             __name__, os.path.join(
-                                             'template', 'kvm_run.in'))
-    kvm_runner_path = self.createRunningWrapper("kvm",
-          self.substituteTemplate(kvm_wrapper_template_location, kvm_config))
+    kvm_conf['hostname']    = "slaposkvm"
+    kvm_conf['smp_count']   = self.options['smp_count']
+    kvm_conf['ram_size']    = self.options['ram_size']
 
+    kvm_conf['vnc_display'] = 1
+    
+    # Instanciate KVM
+    kvm_template_location = pkg_resources.resource_filename(          
+                                             __name__, os.path.join(         
+                                             'template', 'kvm_run.in'))     
+    
+    kvm_runner_path = self.createRunningWrapper("kvm",                        
+          self.substituteTemplate(kvm_template_location,
+                                  kvm_conf))
+   
+    self.path_list.append(kvm_runner_path)
 
     # Instanciate KVM controller
-    controller_config = {}
-    # Options nbd_ip and nbd_port are provided by slapos master
-    controller_config.update(self.options)
-    controller_config['qmp_socket'] = socket_path
-    controller_config['vnc_passwd'] = vnc_passwd
-    controller_config['python_path'] = sys.executable
-
-    controller_wrapper_template_location = pkg_resources.resource_filename(
-                                             __name__, os.path.join(
-                                             'template', 'kvm_controller_run.in'))
-    controller_runner_path = self.createRunningWrapper("kvm_controller",
-          self.substituteTemplate(controller_wrapper_template_location, controller_config))
-
-    #XXX Instanciate Slapmonitor
-    slapmonitor_config={}
-    slapmonitor_config.update(self.options)
-    slapmonitor_config['database_path'] = database_path 
-    slapmonitor_config['pid_file'] = pid_file_path
-    slapmonitor_config['python_path'] = sys.executable
-    slapmonitor_wrapper_template_location = pkg_resources.resource_filename(
-                                             __name__, os.path.join(
-                                             'template', 'slapmonitor_run.in'))
-    slapmonitor_runner_path = self.createRunningWrapper("slapmonitor",
-          self.substituteTemplate(slapmonitor_wrapper_template_location, slapmonitor_config))
-
-
-    #XXX Instanciate Slapreport
-    slapreport_config={}
-    slapreport_config.update(self.options)
-    slapreport_config['database_path'] = database_path 
-    slapreport_config['python_path'] = sys.executable
-    slapreport_wrapper_template_location = pkg_resources.resource_filename(
-                                             __name__, os.path.join(
-                                             'template', 'slapreport_run.in'))
-    slapreport_runner_path = self.createReportRunningWrapper(self.substituteTemplate(
-                      slapreport_wrapper_template_location, slapreport_config))
+    kvm_controller_template_location = pkg_resources.resource_filename(          
+                                             __name__, os.path.join(         
+                                             'template',
+                                             'kvm_controller_run.in' ))     
     
+    kvm_controller_runner_path = self.createRunningWrapper("kvm_controller",                        
+          self.substituteTemplate(kvm_controller_template_location,
+                                  kvm_conf))
+   
+    self.path_list.append(kvm_controller_runner_path)
+   
+    # Instanciate Slapmonitor
+    ##slapmonitor_runner_path = self.instanciate_wrapper("slapmonitor",
+    #    [database_path, pid_file_path, python_path])
+    # Instanciate Slapreport
+    ##slapreport_runner_path = self.instanciate_wrapper("slapreport",
+    #    [database_path, python_path])
+    
+    return kvm_conf
 
+  def installNoVnc(self, source_ip, source_port, target_ip, target_port, 
+                   python_path):
+    """
+    Create noVNC configuration dictionnary and instanciate Websockify proxy
 
+    Parameters : IP of the proxy, port on which is situated the proxy,
+                 IP of the vnc server, port on which is situated the vnc server,
+                 path to python binary
 
-    self.computer_partition.setConnectionDict(dict(
-      vnc_connection_string="vnc://[%s]:1" % ip,
-      vnc_password=vnc_passwd,
-    ))
+    Returns    : noVNC configuration dictionnary
+    """
+
+    noVNC_conf = {}
+   
+    noVNC_conf['source_ip']   = source_ip                                          
+    noVNC_conf['source_port'] = source_port
+    
+    # Instanciate Websockify
+    websockify_runner_path = zc.buildout.easy_install.scripts([('websockify',
+      'slapos.recipe.librecipe.execute', 'execute_wait')], self.ws,
+      sys.executable, self.wrapper_directory, arguments=[
+        [python_path.strip(),
+         self.options['websockify_path'],
+         '--web',
+         self.options['noVNC_location'],
+         '--key=%s' % (self.key_path),
+         '--cert=%s' % (self.certificate_path),
+         '--ssl-only',
+         '%s:%s' % (source_ip, source_port),
+         '%s:%s' % (target_ip, target_port)],
+        [self.certificate_path, self.key_path]]
+       )[0]
+    
+    self.path_list.append(websockify_runner_path)
+  
+    return noVNC_conf
 
-    return [kvm_runner_path, controller_runner_path]
+  def linkBinary(self):
+    """Links binaries to instance's bin directory for easier exposal"""
+    for linkline in self.options.get('link_binary_list', '').splitlines():
+      if not linkline:
+        continue
+      target = linkline.split()
+      if len(target) == 1:
+        target = target[0]
+        path, linkname = os.path.split(target)
+      else:
+        linkname = target[1]
+        target = target[0]
+      link = os.path.join(self.bin_directory, linkname)
+      if os.path.lexists(link):
+        if not os.path.islink(link):
+          raise zc.buildout.UserError(
+              'Target link already %r exists but it is not link' % link)
+        os.unlink(link)
+      os.symlink(target, link)
+      self.logger.debug('Created link %r -> %r' % (link, target))
+      self.path_list.append(link)
+      
+  def installCertificateAuthority(self, ca_country_code='XX',
+      ca_email='xx@example.com', ca_state='State', ca_city='City',
+      ca_company='Company'):
+    backup_path = self.createBackupDirectory('ca')
+    self.ca_dir = os.path.join(self.data_root_directory, 'ca')
+    self._createDirectory(self.ca_dir)
+    self.ca_request_dir = os.path.join(self.ca_dir, 'requests')
+    self._createDirectory(self.ca_request_dir)
+    config = dict(ca_dir=self.ca_dir, request_dir=self.ca_request_dir)
+    self.ca_private = os.path.join(self.ca_dir, 'private')
+    self.ca_certs = os.path.join(self.ca_dir, 'certs')
+    self.ca_crl = os.path.join(self.ca_dir, 'crl')
+    self.ca_newcerts = os.path.join(self.ca_dir, 'newcerts')
+    self.ca_key_ext = '.key'
+    self.ca_crt_ext = '.crt'
+    for d in [self.ca_private, self.ca_crl, self.ca_newcerts, self.ca_certs]:
+      self._createDirectory(d)
+    for f in ['crlnumber', 'serial']:
+      if not os.path.exists(os.path.join(self.ca_dir, f)):
+        open(os.path.join(self.ca_dir, f), 'w').write('01')
+    if not os.path.exists(os.path.join(self.ca_dir, 'index.txt')):
+      open(os.path.join(self.ca_dir, 'index.txt'), 'w').write('')
+    openssl_configuration = os.path.join(self.ca_dir, 'openssl.cnf')
+    config.update(
+        working_directory=self.ca_dir,
+        country_code=ca_country_code,
+        state=ca_state,
+        city=ca_city,
+        company=ca_company,
+        email_address=ca_email,
+    )
+    self._writeFile(openssl_configuration, pkg_resources.resource_string(
+      __name__, 'template/openssl.cnf.ca.in') % config)
+    self.path_list.extend(zc.buildout.easy_install.scripts([
+      ('certificate_authority',
+        __name__ + '.certificate_authority', 'runCertificateAuthority')],
+        self.ws, sys.executable, self.wrapper_directory, arguments=[dict(
+          openssl_configuration=openssl_configuration,
+          openssl_binary=self.options['openssl_binary'],
+          certificate=os.path.join(self.ca_dir, 'cacert.pem'),
+          key=os.path.join(self.ca_private, 'cakey.pem'),
+          crl=os.path.join(self.ca_crl),
+          request_dir=self.ca_request_dir
+          )]))
+    # configure backup
+    backup_cron = os.path.join(self.cron_d, 'ca_rdiff_backup')
+    open(backup_cron, 'w').write(
+        '''0 0 * * * %(rdiff_backup)s %(source)s %(destination)s'''%dict(
+          rdiff_backup=self.options['rdiff_backup_binary'],
+          source=self.ca_dir,
+          destination=backup_path))
+    self.path_list.append(backup_cron)
 
+    return dict(
+      ca_certificate=os.path.join(config['ca_dir'], 'cacert.pem'),
+      ca_crl=os.path.join(config['ca_dir'], 'crl'),
+      certificate_authority_path=config['ca_dir']
+    )
+  
+  def requestCertificate(self, name):
+    hash = hashlib.sha512(name).hexdigest()
+    key = os.path.join(self.ca_private, hash + self.ca_key_ext)
+    certificate = os.path.join(self.ca_certs, hash + self.ca_crt_ext)
+    parser = ConfigParser.RawConfigParser()
+    parser.add_section('certificate')
+    parser.set('certificate', 'name', name)
+    parser.set('certificate', 'key_file', key)
+    parser.set('certificate', 'certificate_file', certificate)
+    parser.write(open(os.path.join(self.ca_request_dir, hash), 'w'))
+    return key, certificate
+  
+  def installCrond(self):
+    timestamps = self.createDataDirectory('cronstamps')
+    cron_output = os.path.join(self.log_directory, 'cron-output')
+    self._createDirectory(cron_output)
+    catcher = zc.buildout.easy_install.scripts([('catchcron',
+      __name__ + '.catdatefile', 'catdatefile')], self.ws, sys.executable,
+      self.bin_directory, arguments=[cron_output])[0]
+    self.path_list.append(catcher)
+    cron_d = os.path.join(self.etc_directory, 'cron.d')
+    crontabs = os.path.join(self.etc_directory, 'crontabs')
+    self._createDirectory(cron_d)
+    self._createDirectory(crontabs)
+    # Use execute from erp5.
+    wrapper = zc.buildout.easy_install.scripts([('crond',
+      'slapos.recipe.librecipe.execute', 'execute')], self.ws, sys.executable,
+      self.wrapper_directory, arguments=[
+        self.options['dcrond_binary'].strip(), '-s', cron_d, '-c', crontabs,
+        '-t', timestamps, '-f', '-l', '5', '-M', catcher]
+      )[0]
+    self.path_list.append(wrapper)
+    return cron_d

slapos/recipe/kvm/certificate_authority.py

+import os
+import subprocess
+import time
+import ConfigParser
+
+
+def popenCommunicate(command_list, input=None):
+  subprocess_kw = dict(stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
+  if input is not None:
+    subprocess_kw.update(stdin=subprocess.PIPE)
+  popen = subprocess.Popen(command_list, **subprocess_kw)
+  result = popen.communicate(input)[0]
+  if popen.returncode is None:
+    popen.kill()
+  if popen.returncode != 0:
+    raise ValueError('Issue during calling %r, result was:\n%s' % (
+      command_list, result))
+  return result
+
+
+class CertificateAuthority:
+  def __init__(self, key, certificate, openssl_binary,
+      openssl_configuration, request_dir):
+    self.key = key
+    self.certificate = certificate
+    self.openssl_binary = openssl_binary
+    self.openssl_configuration = openssl_configuration
+    self.request_dir = request_dir
+
+  def checkAuthority(self):
+    file_list = [ self.key, self.certificate ]
+    ca_ready = True
+    for f in file_list:
+      if not os.path.exists(f):
+        ca_ready = False
+        break
+    if ca_ready:
+      return
+    for f in file_list:
+      if os.path.exists(f):
+        os.unlink(f)
+    try:
+      # no CA, let us create new one
+      popenCommunicate([self.openssl_binary, 'req', '-nodes', '-config',
+          self.openssl_configuration, '-new', '-x509', '-extensions',
+          'v3_ca', '-keyout', self.key, '-out', self.certificate,
+          '-days', '10950'], 'Automatic Certificate Authority\n')
+    except:
+      try:
+        for f in file_list:
+          if os.path.exists(f):
+            os.unlink(f)
+      except:
+        # do not raise during cleanup
+        pass
+      raise
+
+  def _checkCertificate(self, common_name, key, certificate):
+    file_list = [key, certificate]
+    ready = True
+    for f in file_list:
+      if not os.path.exists(f):
+        ready = False
+        break
+    if ready:
+      return False
+    for f in file_list:
+      if os.path.exists(f):
+        os.unlink(f)
+    csr = certificate + '.csr'
+    try:
+      popenCommunicate([self.openssl_binary, 'req', '-config',
+        self.openssl_configuration, '-nodes', '-new', '-keyout',
+        key, '-out', csr, '-days', '3650'],
+        common_name + '\n')
+      try:
+        popenCommunicate([self.openssl_binary, 'ca', '-batch', '-config',
+          self.openssl_configuration, '-out', certificate,
+          '-infiles', csr])
+      finally:
+        if os.path.exists(csr):
+          os.unlink(csr)
+    except:
+      try:
+        for f in file_list:
+          if os.path.exists(f):
+            os.unlink(f)
+      except:
+        # do not raise during cleanup
+        pass
+      raise
+    else:
+      return True
+
+  def checkRequestDir(self):
+    for request_file in os.listdir(self.request_dir):
+      parser = ConfigParser.RawConfigParser()
+      parser.readfp(open(os.path.join(self.request_dir, request_file), 'r'))
+      if self._checkCertificate(parser.get('certificate', 'name'),
+          parser.get('certificate', 'key_file'), parser.get('certificate',
+            'certificate_file')):
+        print 'Created certificate %r' % parser.get('certificate', 'name')
+
+def runCertificateAuthority(args):
+  ca_conf = args[0]
+  ca = CertificateAuthority(ca_conf['key'], ca_conf['certificate'],
+      ca_conf['openssl_binary'], ca_conf['openssl_configuration'],
+      ca_conf['request_dir'])
+  while True:
+    ca.checkAuthority()
+    ca.checkRequestDir()
+    time.sleep(60)

slapos/recipe/kvm/template/kvm_controller_run.in

@@ -11,7 +11,7 @@ so = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
 connected = False
 while not connected:
   try:
-    so.connect('%(qmp_socket)s')
+    so.connect('%(socket_path)s')
   except socket.error:
     time.sleep(1)
   else:

slapos/recipe/kvm/template/kvm_run.in

@@ -10,8 +10,8 @@ exec %(qemu_path)s \
   -smp %(smp_count)s \
   -m %(ram_size)s \
   -cdrom nbd:[%(nbd_ip)s]:%(nbd_port)s \
-  -drive file=%(image)s,if=virtio,boot=on \
-  -vnc [%(vnc_ip)s]:1,ipv6,tls,password \
+  -drive file=%(disk_path)s,if=virtio,boot=on \
+  -vnc %(vnc_ip)s:1,ipv4,password \
   -boot menu=on \
-  -qmp unix:%(qmp_socket)s,server \
-  -pidfile %(pid_file)s
+  -qmp unix:%(socket_path)s,server \
+  -pidfile %(pid_file_path)s

slapos/recipe/kvm/template/openssl.cnf.ca.in

+#
+# OpenSSL example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+# This definition stops the following lines choking if HOME isn't
+# defined.
+HOME			= .
+RANDFILE		  = $ENV::HOME/.rnd
+
+# Extra OBJECT IDENTIFIER info:
+#oid_file      		  = $ENV::HOME/.oid
+oid_section		    = new_oids
+
+# To use this configuration file with the "-extfile" option of the
+# "openssl x509" utility, name here the section containing the
+# X.509v3 extensions to use:
+# extensions	     	= 
+# (Alternatively, use a configuration file that has only
+# X.509v3 extensions in its main [= default] section.)
+
+[ new_oids ]
+
+# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
+# Add a simple OID like this:
+# testoid1=1.2.3.4
+# Or use config file substitution like this:
+# testoid2=${testoid1}.5.6
+
+# Policies used by the TSA examples.
+tsa_policy1 = 1.2.3.4.1
+tsa_policy2 = 1.2.3.4.5.6
+tsa_policy3 = 1.2.3.4.5.7
+
+####################################################################
+[ ca ]
+default_ca	= CA_default		# The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir		= %(working_directory)s		# Where everything is kept
+certs		= $dir/certs			  # Where the issued certs are kept
+crl_dir		= $dir/crl			    # Where the issued crl are kept
+database	= $dir/index.txt		    # database index file.
+#unique_subject	= no			      	       # Set to 'no' to allow creation of
+		      					       	     # several ctificates with same subject.
+new_certs_dir	= $dir/newcerts	       # default place for new certs.
+
+certificate	= $dir/cacert.pem 	       # The CA certificate
+serial		= $dir/serial 	       	 # The current serial number
+crlnumber	= $dir/crlnumber		 # the current crl number
+				       # must be commented out to leave a V1 CRL
+crl		= $dir/crl.pem        # The current CRL
+private_key	= $dir/private/cakey.pem # The private key
+RANDFILE	= $dir/private/.rand	  # private random number file
+
+x509_extensions	= usr_cert		    # The extentions to add to the cert
+
+# Comment out the following two lines for the "traditional"
+# (and highly broken) format.
+name_opt      = ca_default		# Subject Name options
+cert_opt      = ca_default		  # Certificate field options
+
+# Extension copying option: use with caution.
+# copy_extensions = copy
+
+# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
+# so this is commented out by default to leave a V1 CRL.
+# crlnumber must also be commented out to leave a V1 CRL.
+# crl_extensions = crl_ext
+
+default_days	 = 3650			# how long to certify for
+default_crl_days = 30			      # how long before next CRL
+default_md	 = default		      	# use public key default MD
+preserve	 = no				      # keep passed DN ordering
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy	       	      = policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName	= match
+stateOrProvinceName	= match
+organizationName	= match
+organizationalUnitName	= optional
+commonName		= supplied
+emailAddress		= optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName		= optional
+stateOrProvinceName	= optional
+localityName		= optional
+organizationName	= optional
+organizationalUnitName	= optional
+commonName		= supplied
+emailAddress		= optional
+
+####################################################################
+[ req ]
+default_bits		= 2048
+default_md		= sha1
+default_keyfile 	= privkey.pem
+distinguished_name	= req_distinguished_name
+#attributes		= req_attributes
+x509_extensions		= v3_ca	# The extentions to add to the self signed cert
+
+# Passwords for private keys if not present they will be prompted for
+# input_password = secret
+# output_password = secret
+
+# This sets a mask for permitted string types. There are several options. 
+# default: PrintableString, T61String, BMPString.
+# pkix	    : PrintableString, BMPString (PKIX recommendation before 2004)
+# utf8only: only UTF8Strings (PKIX recommendation after 2004).
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
+string_mask = utf8only
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+[ req_distinguished_name ]
+countryName				= Country Name (2 letter code)
+countryName_value			= %(country_code)s
+countryName_min				= 2
+countryName_max				= 2
+
+stateOrProvinceName			= State or Province Name (full name)
+stateOrProvinceName_value		= %(state)s
+
+localityName				= Locality Name (eg, city)
+localityName_value			= %(city)s
+
+0.organizationName			= Organization Name (eg, company)
+0.organizationName_value		= %(company)s
+
+# we can do this but it is not needed normally :-)
+#1.organizationName  	= Second Organization Name (eg, company)
+#1.organizationName_default	 = World Wide Web Pty Ltd
+
+commonName	   = Common Name (eg, your name or your server\'s hostname)
+commonName_max	   = 64
+
+emailAddress	   = Email Address
+emailAddress_value = %(email_address)s
+emailAddress_max   = 64
+
+# SET-ex3	   = SET extension number 3
+
+#[ req_attributes ]
+#challengePassword	= A challenge password
+#challengePassword_min	= 4
+#challengePassword_max	= 20
+#
+#unstructuredName	= An optional company name
+
+[ usr_cert ]
+
+# These extensions are added when 'ca' signs a request.
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType 	    = server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment      		 = "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This is required for TSA certificates.
+# extendedKeyUsage = critical,timeStamping
+
+[ v3_req ]
+
+# Extensions to add to a certificate request
+
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+[ v3_ca ]
+
+
+# Extensions for a typical CA
+
+
+# PKIX recommendation.
+
+subjectKeyIdentifier=hash
+
+authorityKeyIdentifier=keyid:always,issuer
+
+# This is what PKIX recommends but some broken software chokes on critical
+# extensions.
+#basicConstraints = critical,CA:true
+# So we do this instead.
+basicConstraints = CA:true
+
+# Key usage: this is typical for a CA certificate. However since it will
+# prevent it being used as an test self-signed certificate it is best
+# left out by default.
+# keyUsage = cRLSign, keyCertSign
+
+# Some might want this also
+# nsCertType = sslCA, emailCA
+
+# Include email address in subject alt name: another PKIX recommendation
+# subjectAltName=email:copy
+# Copy issuer details
+# issuerAltName=issuer:copy
+
+# DER hex encoding of an extension: beware experts only!
+# obj=DER:02:03
+# Where 'obj' is a standard or added object
+# You can even override a supported extension:
+# basicConstraints= critical, DER:30:03:01:01:FF
+
+[ crl_ext ]
+
+# CRL extensions.
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always
+
+[ proxy_cert_ext ]
+# These extensions should be added when creating a proxy certificate
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType 	    = server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment      		 = "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This really needs to be in place for it to be a proxy certificate.
+proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
+
+####################################################################
+[ tsa ]
+
+default_tsa = tsa_config1	# the default TSA section
+
+[ tsa_config1 ]
+
+# These are used by the TSA reply generation only.
+dir	                = /etc/pki/tls  	  # TSA root directory
+serial	                = $dir/tsaserial	  # The current serial number (mandatory)
+crypto_device           = builtin		    # OpenSSL engine to use for signing
+signer_cert             = $dir/tsacert.pem    # The TSA signing certificate
+	      		      	  # (optional)
+certs	                = $dir/cacert.pem	# Certificate chain to include in reply
+		  	      # (optional)
+signer_key              = $dir/private/tsakey.pem # The TSA private key (optional)
+
+default_policy          = tsa_policy1		  # Policy if request did not specify it
+					    	   # (optional)
+other_policies          = tsa_policy2, tsa_policy3 # acceptable policies (optional)
+digests	                = md5, sha1  	      # Acceptable message digests (mandatory)
+accuracy                = secs:1, millisecs:500, microsecs:100	   # (optional)
+clock_precision_digits  = 0	    # number of digits after dot. (optional)
+ordering		= yes	    # Is ordering defined for timestamps?
+			  	       # (optional, default: no)
+tsa_name		= yes	    # Must the TSA name be included in the reply?
+			  	      # (optional, default: no)
+ess_cert_id_chain	= no	   # Must the ESS cert id chain be included?
+				     # (optional, default: no)

slapos/recipe/kvm/template/slapmonitor_run.in

 #!/bin/sh
 # BEWARE: This file is operated by slapgrid
 # BEWARE: It will be overwritten automatically
-exec %(python_path)s %(slapmonitor_path)s %(pid_file)s %(database_path)s
+exec %(python_path)s %(slapmonitor_path)s %(pid_file_path)s %(database_path)s

slapos/recipe/librecipe/execute.py

@@ -10,6 +10,23 @@ def execute(args):
   # Note: Candidate for slapos.lib.recipe
   os.execv(args[0], args + sys.argv[1:])
 
+def execute_wait(args):
+  """Execution but after all files in args[1] exists"""
+  exec_list = list(args[0])
+  file_list = list(args[1])
+  sleep = 60
+  while True:
+    ready = True
+    for f in file_list:
+      if not os.path.exists(f):
+        print 'File %r does not exists, sleeping for %s' % (f, sleep)
+        ready = False
+    if ready:
+      break
+    time.sleep(sleep)
+  os.execv(exec_list[0], exec_list + sys.argv[1:])
+
+
 child_pg = None
 
 

slapos/recipe/memcached/__init__.py

@@ -220,9 +220,10 @@ class Recipe(BaseSlapRecipe):
         self.substituteTemplate(template_filename,
           stunnel_conf))
     wrapper = zc.buildout.easy_install.scripts([('stunnel',
-      'slapos.recipe.librecipe.execute', 'execute')], self.ws, sys.executable,
-      self.wrapper_directory, arguments=[
-        self.options['stunnel_binary'].strip(), stunnel_conf_path]
+      'slapos.recipe.librecipe.execute', 'execute_wait')], self.ws,
+      sys.executable, self.wrapper_directory, arguments=[
+        [self.options['stunnel_binary'].strip(), stunnel_conf_path],
+        [ca_certificate, key]]
       )[0]
     self.path_list.append(wrapper)
     return stunnel_conf

slapos/recipe/mysql/__init__.py

@@ -224,9 +224,10 @@ class Recipe(BaseSlapRecipe):
         self.substituteTemplate(template_filename,
           stunnel_conf))
     wrapper = zc.buildout.easy_install.scripts([('stunnel',
-      'slapos.recipe.librecipe.execute', 'execute')], self.ws, sys.executable,
-      self.wrapper_directory, arguments=[
-        self.options['stunnel_binary'].strip(), stunnel_conf_path]
+      'slapos.recipe.librecipe.execute', 'execute_wait')], self.ws,
+      sys.executable, self.wrapper_directory, arguments=[
+        [self.options['stunnel_binary'].strip(), stunnel_conf_path],
+        [ca_certificate, key]]
       )[0]
     self.path_list.append(wrapper)
     return stunnel_conf

slapos/recipe/slaprunner/__init__.py

@@ -68,9 +68,11 @@ class Recipe(BaseSlapRecipe):
         self.substituteTemplate(pkg_resources.resource_filename(__name__,
           'template/slapos.cfg.in'), configuration))
     self.path_list.append(config_file)
+    
+    execute_arguments = dict(path = os.environ['PATH'],
+        launch_args = [self.options['slaprunner'].strip(), config_file])
     self.path_list.extend(zc.buildout.easy_install.scripts([('slaprunner',
       'slapos.recipe.slaprunner.execute', 'execute')], self.ws, sys.executable,
-      self.wrapper_directory, arguments=[self.options['slaprunner'].strip(),
-        config_file]))
+      self.wrapper_directory, arguments=execute_arguments))
     self.setConnectionDict(dict(url='http://[%s]:%s' % (ipv6, runner_port)))
     return self.path_list

slapos/recipe/slaprunner/execute.py

@@ -3,4 +3,6 @@ import os
 
 def execute(args):
   """Portable execution with process replacement"""
-  os.execv(args[0], args)
+  if args.get("path", None):
+    os.environ['PATH'] = args["path"]
+  os.execv(args["launch_args"][0], args["launch_args"])

slapos/recipe/vifib.py

@@ -31,6 +31,9 @@ import zc.buildout
 import sys
 
 class Recipe(slapos.recipe.erp5.Recipe):
+  
+  default_bt5_list = []
+
   def installKeyAuthorisationApache(self, ip, port, backend, key, certificate,
       ca_conf, key_auth_path='/erp5/portal_slap'):
     ssl_template = """SSLEngine on
@@ -172,6 +175,12 @@ SSLCARevocationPath %(ca_crl)s"""
     self.installTidStorage(tidstorage_config['host'], tidstorage_config['port'],
         known_tid_storage_identifier_dict, 'http://'+login_haproxy)
     self.linkBinary()
+
+    # Connect direct to Zope to create the instance.
+    self.installERP5Site(user, password, service_url_list[-1], mysql_conf,
+             conversion_server_conf, memcached_conf, kumo_conf,
+             self.site_id, self.default_bt5_list)
+
     self.setConnectionDict(dict(
       front_end_url=apache_frontend_login,
       site_url=apache_login,
@@ -227,6 +236,10 @@ SSLCARevocationPath %(ca_crl)s"""
     self.installTestSuiteRunner(ca_conf, mysql_conf, conversion_server_conf,
                            memcached_conf, kumo_conf)
     self.linkBinary()
+    self.installERP5Site(user, password, zope_access, mysql_conf,
+             conversion_server_conf, memcached_conf, kumo_conf,
+             self.site_id, self.default_bt5_list)
+
     self.setConnectionDict(dict(
       development_zope='http://%s:%s/' % (ip, zope_port),
       site_user=user,
@@ -260,6 +273,9 @@ SSLCARevocationPath %(ca_crl)s"""
         [('killpidfromfile', 'slapos.recipe.erp5.killpidfromfile',
           'killpidfromfile')], self.ws, sys.executable, self.bin_directory)[0]
     self.path_list.append(self.killpidfromfile)
+    if self.parameter_dict.get("flavour", "default") == 'configurator':
+      self.default_bt5_list = self.options.get("configurator_bt5_list", '').split()
+
     if self.parameter_dict.get('development', 'false').lower() == 'true':
       return self.installDevelopment()
     if self.parameter_dict.get('production', 'false').lower() == 'true':

software/erp5/instance.cfg

@@ -9,6 +9,7 @@ develop-eggs-directory = ${buildout:develop-eggs-directory}
 recipe = ${instance-recipe:egg}:${instance-recipe:module}
 dcrond_binary = ${dcron:location}/sbin/crond
 haproxy_binary = ${haproxy:location}/sbin/haproxy
+gzip_binary = ${gzip:location}/bin/gzip
 httpd_binary = ${apache:location}/bin/httpd
 innobackupex_binary = ${xtrabackup:location}/bin/innobackupex
 kumo_gateway_binary = ${kumo:location}/bin/kumo-gateway
@@ -32,6 +33,14 @@ tidstorage_repozo_binary = ${buildout:bin-directory}/tidstorage_repozo
 tidstoraged_binary = ${buildout:bin-directory}/tidstoraged
 xtrabackup_binary = ${xtrabackup:location}/bin/xtrabackup_51
 zabbix_agent_binary = ${zabbix-agent:location}/sbin/zabbix_agent
+mk-variable-advisor_binary = ${perl:siteprefix}/bin/mk-variable-advisor
+mk-table-usage_binary = ${perl:siteprefix}/bin/mk-table-usage
+mk-visual-explain_binary = ${perl:siteprefix}/bin/mk-visual-explain
+mk-config-diff_binary = ${perl:siteprefix}/bin/mk-config-diff
+mk-deadlock-logger_binary = ${perl:siteprefix}/bin/mk-deadlock-logger
+mk-error-log_binary = ${perl:siteprefix}/bin/mk-error-log
+mk-index-usage_binary = ${perl:siteprefix}/bin/mk-index-usage
+mk-query-advisor_binary = ${perl:siteprefix}/bin/mk-query-advisor
 
 # cloudooo specific configuration
 ooo_binary_path = ${libreoffice-bin:location}/program
@@ -69,4 +78,4 @@ environment =
 
 bt5_repository_list = ${bt5-repository:list}
 
-configurator_bt5_list = erp5_core_proxy_field_legacy erp5_full_text_myisam_catalog erp5_base erp5_workflow erp5_configurator erp5_configurator_standard erp5_configurator_maxma_demo erp5_configurator_ung
+configurator_bt5_list = ${instance-recipe:configurator_bt5_list}

software/erp5/software.cfg

@@ -21,11 +21,14 @@ unzip = true
 egg = slapos.cookbook
 module = erp5
 
+# Additional Configuration
+configurator_bt5_list = erp5_core_proxy_field_legacy erp5_full_text_myisam_catalog erp5_base erp5_workflow erp5_configurator erp5_configurator_standard erp5_configurator_maxma_demo erp5_configurator_ung
+
 [template]
 # Default template for erp5 instance.
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance.cfg
-md5sum = 65d9b269e204ba49ac5ff11e891a4b84
+md5sum = 77062d472e88aca0fe632bdee4f9bb21
 output = ${buildout:directory}/template.cfg
 mode = 0644
 
@@ -34,7 +37,7 @@ mode = 0644
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/configuration.json
 md5sum = cbe1d75339c6cb20e1aef818797face1 
-output = ${buildout:directory}/validator.json
+output = ${buildout:directory}/schema.json
 mode = 0644
 
 [versions]
@@ -79,17 +82,18 @@ hexagonit.recipe.download = 1.5.0
 http-parser = 0.6.2
 ipdb = 0.4
 meld3 = 0.6.7
+mr.developer = 1.17
 ordereddict = 1.1
 paramiko = 1.7.7.1
 plone.recipe.command = 1.1
 ply = 3.4
-psutil = 0.2.1
+psutil = 0.3.0
 pycrypto = 2.3
-python-ldap = 2.4.0
+python-ldap = 2.4.1
 python-memcached = 1.45
 restkit = 3.3.0
 rtjp-eventlet = 0.3.2
-slapos.cookbook = 0.9
+slapos.cookbook = 0.16
 slapos.recipe.template = 1.1
 threadframe = 0.2
 timerserver = 2.0.2
@@ -99,8 +103,8 @@ validictory = 0.7.1
 xupdate-processor = 0.4
 
 # Required by:
-# slapos.core==0.8
-Flask = 0.7.1
+# slapos.core==0.12
+Flask = 0.7.2
 
 # Required by:
 # PasteScript==1.7.3
@@ -113,7 +117,7 @@ WSGIUtils = 0.7
 
 # Required by:
 # cloudooo==1.2.3
-# slapos.core==0.8
+# slapos.core==0.12
 argparse = 1.1
 
 # Required by:
@@ -129,11 +133,11 @@ fpconst = 0.7.2
 ipython = 0.10.2
 
 # Required by:
-# slapos.cookbook==0.9
+# slapos.cookbook==0.16
 netaddr = 0.7.5
 
 # Required by:
-# slapos.core==0.8
+# slapos.core==0.12
 netifaces = 0.4
 
 # Required by:
@@ -141,17 +145,38 @@ netifaces = 0.4
 python-magic = 0.4.0.1
 
 # Required by:
-# zc.buildout==1.5.3-dev-SlapOS-004
+# Products.CMFActionIcons==2.1.3
+# Products.CMFCalendar==2.2.2
+# Products.CMFCore==2.2.4
+# Products.CMFDefault==2.2.2
+# Products.CMFTopic==2.2.1
+# Products.CMFUid==2.2.1
+# Products.DCWorkflow==2.2.3nxd002
+# Products.DCWorkflowGraph==0.4nxd001
+# Products.ExternalEditor==1.1.0
+# Products.GenericSetup==1.6.3
+# Products.MimetypesRegistry==2.0.2
+# Products.PluggableAuthService==1.7.5
+# Products.PluginRegistry==1.3b1
+# Products.TIDStorage==5.4.7.dev-r45842
+# Products.Zelenium==1.0.3
+# Zope2==2.12.19
+# five.localsitemanager==2.0.5
+# mr.developer==1.17
+# python-ldap==2.4.1
+# zc.buildout==1.5.3-dev-SlapOS-005
+# zope.deprecation==3.4.0
+# zope.structuredtext==3.4.0
 setuptools = 0.6c12dev-r88846
 
 # Required by:
-# slapos.cookbook==0.9
-slapos.core = 0.8
+# slapos.cookbook==0.16
+slapos.core = 0.12
 
 # Required by:
-# slapos.core==0.8
+# slapos.core==0.12
 supervisor = 3.0a10
 
 # Required by:
-# slapos.cookbook==0.9
+# slapos.cookbook==0.16
 xml-marshaller = 0.9.7

software/kumofs/software.cfg

 [buildout]
-
-extensions =
-  slapos.zcbworkarounds
-  slapos.rebootstrap
-
 find-links +=
     http://www.nexedi.org/static/packages/source/slapos.buildout/
 
@@ -15,6 +10,7 @@ extends =
   ../../component/stunnel/buildout.cfg
   ../../component/rdiff-backup/buildout.cfg
   ../../component/lxml-python/buildout.cfg
+  ../../stack/shacache-client.cfg
 
 # Use only quite well working sites.
 allow-hosts =
@@ -43,11 +39,6 @@ parts +=
 # development / fast switching environment for whole software
 unzip = true
 
-[rebootstrap]
-# Default first version of rebootstrapped python
-version = 2
-section = python2.7
-
 [instance-recipe]
 egg = slapos.cookbook
 module = kumofs
@@ -72,13 +63,13 @@ output = ${buildout:directory}/template.cfg
 mode = 0644
 
 [versions]
-slapos.cookbook = 0.7
+slapos.cookbook = 0.13
 
 erp5.recipe.cmmiforcei686 = 0.1.1
 hexagonit.recipe.cmmi = 1.5.0
 hexagonit.recipe.download = 1.5.0
 
-# Required by slapos.cookbook==0.7
+# Required by slapos.cookbook==0.13
 slapos.core = 0.2
 collective.recipe.template = 1.8
 netaddr = 0.7.5
@@ -86,4 +77,4 @@ xml-marshaller = 0.9.7
 setuptools = 0.6c12dev-r88795
 
 # Use SlapOS patched zc.buildout
-zc.buildout = 1.5.3-dev-SlapOS-001
+zc.buildout = 1.5.3-dev-SlapOS-005

software/kvm/instance.cfg

+[buildout]
+parts =
+  kvminstance
+
+eggs-directory = ${buildout:eggs-directory}
+develop-eggs-directory = ${buildout:develop-eggs-directory} 
+
+[kvminstance]
+recipe = slapos.cookbook:kvm
+qemu_path = ${kvm:location}/bin/qemu-system-x86_64
+qemu_img_path = ${kvm:location}/bin/qemu-img
+#slapmonitor_path = ${buildout:bin-directory}/slapmonitor
+#slapreport_path = ${buildout:bin-directory}/slapreport
+websockify_path = ${noVNC:location}/utils/wsproxy.py
+noVNC_location = ${noVNC:location}
+openssl_binary = ${openssl:location}/bin/openssl
+rdiff_backup_binary = ${buildout:bin-directory}/rdiff-backup
+dcrond_binary = ${dcron:location}/sbin/crond
+
+smp_count = 1
+ram_size = 1024
+disk_size = 10

software/kvm/software.cfg

+[buildout]
+extends =
+  ../../stack/kvm.cfg
+
+[template]
+recipe = slapos.recipe.template
+url = ${:_profile_base_location_}/instance.cfg
+md5sum = d899f2111aab18ad25776f35ed49a91b
+output = ${buildout:directory}/template.cfg
+mode = 0644
+
+[kvmsource]
+command =
+  (${git:location}/bin/git clone --quiet http://git.erp5.org/repos/slapos.kvm.git ${:location} && cd ${:location} && ${git:location}/bin/git reset --hard 94ee45cc02e69798cac8209d2296fd1751125018) || (rm -fr ${:location} ; exit 1)
+update-command =
+
+[versions]
+Jinja2 = 2.5.5
+Werkzeug = 0.6.2
+hexagonit.recipe.cmmi = 1.5.0
+lxml = 2.3
+meld3 = 0.6.7
+plone.recipe.command = 1.1
+slapos.cookbook = 0.15
+slapos.recipe.template = 1.1
+z3c.recipe.scripts = 1.0.1
+
+# Required by:
+# slapos.core==0.9
+Flask = 0.7.2
+
+# Required by:
+# slapos.cookbook==0.15
+PyXML = 0.8.4
+
+# Required by:
+# slapos.recipe.template==1.1
+collective.recipe.template = 1.8
+
+# Required by:
+# hexagonit.recipe.cmmi==1.5.0
+hexagonit.recipe.download = 1.5.0
+
+# Required by:
+# slapos.cookbook==0.15
+netaddr = 0.7.5
+
+# Required by:
+# slapos.core==0.9
+netifaces = 0.5
+
+# Required by:
+# slapos.cookbook==0.15
+# slapos.core==0.9
+# zc.buildout==1.5.3-dev-SlapOS-005
+# zc.recipe.egg==1.3.2
+setuptools = 0.6c12dev-r88846
+
+# Required by:
+# slapos.cookbook==0.15
+slapos.core = 0.9
+
+# Required by:
+# slapos.core==0.9
+supervisor = 3.0a10
+
+# Required by:
+# slapos.cookbook==0.15
+xml-marshaller = 0.9.7
+
+# Required by:
+# slapos.cookbook==0.15
+zc.recipe.egg = 1.3.2
+
+# Required by:
+# slapos.core==0.9
+zope.interface = 3.6.4

software/mariadb/software.cfg

@@ -17,6 +17,7 @@ extends =
   ../../component/xtrabackup/buildout.cfg
   ../../component/rdiff-backup/buildout.cfg
   ../../component/lxml-python/buildout.cfg
+  ../../stack/shacache-client.cfg
 
 # Use only quite well working sites.
 allow-hosts =
@@ -88,4 +89,4 @@ hexagonit.recipe.download = 1.5.0
 plone.recipe.command = 1.1
 
 # Use SlapOS patched zc.buildout
-zc.buildout = 1.5.3-dev-SlapOS-001
+zc.buildout = 1.5.3-dev-SlapOS-005

software/memcached/software.cfg

@@ -14,6 +14,7 @@ extends =
   ../../component/stunnel/buildout.cfg
   ../../component/rdiff-backup/buildout.cfg
   ../../component/lxml-python/buildout.cfg
+  ../../stack/shacache-client.cfg
 
 # Use only quite well working sites.
 allow-hosts =
@@ -85,4 +86,4 @@ hexagonit.recipe.download = 1.5.0
 plone.recipe.command = 1.1
 
 # Use SlapOS patched zc.buildout
-zc.buildout = 1.5.3-dev-SlapOS-001
+zc.buildout = 1.5.3-dev-SlapOS-005

software/mysql-5.1/software.cfg

 [buildout]
-
-extensions =
-  slapos.zcbworkarounds
-  slapos.rebootstrap
-
 find-links +=
     http://www.nexedi.org/static/packages/source/slapos.buildout/
 
@@ -17,6 +12,7 @@ extends =
   ../../component/xtrabackup/buildout.cfg
   ../../component/rdiff-backup/buildout.cfg
   ../../component/lxml-python/buildout.cfg
+  ../../stack/shacache-client.cfg
 
 # Use only quite well working sites.
 allow-hosts =
@@ -46,11 +42,6 @@ parts +=
 # development / fast switching environment for whole software
 unzip = true
 
-[rebootstrap]
-# Default first version of rebootstrapped python
-version = 2
-section = python2.7
-
 [instance-recipe]
 egg = slapos.cookbook
 module = mysql
@@ -75,9 +66,9 @@ output = ${buildout:directory}/template.cfg
 mode = 0644
 
 [versions]
-slapos.cookbook = 0.9
+slapos.cookbook = 0.13
 
-# Required by slapos.cookbook==0.9
+# Required by slapos.cookbook==0.13
 slapos.core = 0.4
 collective.recipe.template = 1.8
 netaddr = 0.7.5
@@ -89,4 +80,4 @@ hexagonit.recipe.download = 1.5.0
 plone.recipe.command = 1.1
 
 # Use SlapOS patched zc.buildout
-zc.buildout = 1.5.3-dev-SlapOS-001
+zc.buildout = 1.5.3-dev-SlapOS-005

software/nbd/instance.cfg

+[buildout]
+parts =
+  nbdserverinstance
+
+eggs-directory = ${buildout:eggs-directory}
+develop-eggs-directory = ${buildout:develop-eggs-directory} 
+
+[nbdserverinstance]
+recipe = ${instance-recipe:egg}:${instance-recipe:module}
+qemu_path = ${nbdserver:location}/bin/qemu-nbd
+onetimeupload_path = ${buildout:bin-directory}/onetimeupload

software/nbd/software.cfg

+[buildout]
+
+extends =
+  ../../stack/nbd.cfg
+  ../../stack/shacache-client.cfg
+
+parts +=
+  template
+
+[template]
+recipe = slapos.recipe.template
+url = ${:_profile_base_location_}/instance.cfg
+md5sum = 82e948e1c0cb0d5540ef185edeef3ec3
+output = ${buildout:directory}/template.cfg
+mode = 0644

software/phpmyadmin/software.cfg

 [buildout]
-find-links +=
-    http://www.nexedi.org/static/packages/source/slapos.buildout/
-
-# Use only quite well working sites.
-allow-hosts =
-  *.nexedi.org
-  *.python.org
-  *.sourceforge.net
-  dist.repoze.org
-  effbot.org
-  github.com
-  peak.telecommunity.com
-  psutil.googlecode.com
-  www.dabeaz.com
-
 versions = versions
 
 parts =
@@ -24,20 +9,8 @@ parts =
   instance-recipe-egg
   
 extends =
-  ../../component/mariadb/buildout.cfg
-  ../../component/apache/buildout.cfg
-  ../../component/apache-php/buildout.cfg
-  ../../component/dcron/buildout.cfg
-  ../../component/git/buildout.cfg
-  ../../component/glib/buildout.cfg
-  ../../component/logrotate/buildout.cfg
-  ../../component/python-2.7/buildout.cfg
-  ../../component/perl/buildout.cfg
-  ../../component/sqlite3/buildout.cfg
-  ../../component/xtrabackup/buildout.cfg
-  ../../component/rdiff-backup/buildout.cfg
-  ../../component/lxml-python/buildout.cfg
-  ../../component/zlib/buildout.cfg
+  ../../stack/lamp.cfg
+  ../../stack/shacache-client.cfg
   
 [template]
 # Default template for the instance.
@@ -51,13 +24,11 @@ mode = 0644
 recipe = hexagonit.recipe.download
 url = http://downloads.sourceforge.net/project/phpmyadmin/phpMyAdmin/3.3.10/phpMyAdmin-3.3.10-all-languages.tar.bz2?r=http%3A%2F%2Fwww.phpmyadmin.net%2Fhome_page%2Fdownloads.php&ts=1300959842&use_mirror=sunet
 #md5sum = Student may put here md5sum of this file, this is good idea
-#If provided tarball does not containt top directory this option shall be changed o false
-strip-top-level-dir = true
 
 [application-template]
 recipe = slapos.recipe.download
 url = ${:_profile_base_location_}/phpmyadmin.inc.php.in
-#md5sum = Student may put here md5sum of this file, this is good idea
+md5sum = caab45c34c75661c214f4628ff545bb4
 download-only = True
 filename = template.in
 mode = 0644
@@ -66,11 +37,6 @@ location = ${buildout:parts-directory}/${:_buildout_section_name_}
 [application-configuration]
 location = config.inc.php
 
-[eggs]
-recipe = zc.recipe.egg
-eggs =
-  ${lxml-python:egg}
-  
 [instance-recipe]
 egg = slapos.cookbook
 module = osoeslaptraining.simple
@@ -80,22 +46,10 @@ recipe = zc.recipe.egg
 python = python2.7
 eggs = ${instance-recipe:egg}
 
-[downloadcache-workaround]
-# workaround irritating problem of hexagonit.recipe.cmmi which automatically
-# creates download cache, which in turn switches builout to "semi-offline" mode
-recipe = plone.recipe.command
-# in hexagonit.recipe.cmmi if there is no ${buildout:download-cache} set it resolves
-# to ${buildout:directory}/downloads but this variable is available late, that's
-# why it is hardcoded only for required case
-download-cache = ${buildout:directory}/downloads
-command = [ -d ${:download-cache} ] && rm -fr ${:download-cache}/* || exit 0
-update-command = ${:command}
-stop-on-error = True
-
 [versions]
-slapos.cookbook = 0.10
+slapos.cookbook = 0.12
 
-# Required by slapos.cookbook==0.10
+# Required by slapos.cookbook==0.12
 slapos.core = 0.8
 collective.recipe.template = 1.8
 netaddr = 0.7.5
@@ -107,4 +61,4 @@ hexagonit.recipe.download = 1.5.0
 plone.recipe.command = 1.1
 
 # Use SlapOS patched zc.buildout
-zc.buildout = 1.5.3-dev-SlapOS-004
\ No newline at end of file
+zc.buildout = 1.5.3-dev-SlapOS-005

software/slaprunner/instance.cfg

@@ -12,3 +12,4 @@ slapgrid_sr = ${buildout:directory}/bin/slapgrid-sr
 slapgrid_cp = ${buildout:directory}/bin/slapgrid-cp
 slapproxy = ${buildout:directory}/bin/slapproxy
 supervisor = ${buildout:directory}/bin/slapgrid-supervisorctl
+

software/slaprunner/software.cfg

 [buildout]
 extends =
   ../../stack/flask.cfg
+  ../../stack/shacache-client.cfg
 
 parts =
   template
@@ -26,17 +27,18 @@ recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance.cfg
 output = ${buildout:directory}/template.cfg
 mode = 0644
-md5sum = 04b17b8665eb4e11ce3a4661ad98e5e3
+md5sum = e2cbd8fe7b8e4c7e92a19cd775de0aa6
 
 [eggs]
 eggs +=
+  slapos.libnetworkcache
   slapos.toolbox
   slapos.core
 
 [versions]
-slapos.cookbook = 0.10
+slapos.cookbook = 0.12
 
-# Required by slapos.cookbook==0.10
+# Required by slapos.cookbook==0.12
 slapos.core = 0.8
 collective.recipe.template = 1.8
 netaddr = 0.7.5
@@ -46,6 +48,7 @@ setuptools = 0.6c12dev-r88795
 hexagonit.recipe.cmmi = 1.5.0
 hexagonit.recipe.download = 1.5.0
 plone.recipe.command = 1.1
+slapos.libnetworkcache = 0.2
 
 # Use SlapOS patched zc.buildout
-zc.buildout = 1.5.3-dev-SlapOS-004
\ No newline at end of file
+zc.buildout = 1.5.3-dev-SlapOS-005

software/vifib/software.cfg

@@ -11,19 +11,16 @@ eggs += slapos.core
 [instance-recipe]
 module = vifib
 
+# Additional Configuration
+configurator_bt5_list = erp5_core_proxy_field_legacy erp5_full_text_myisam_catalog erp5_base erp5_workflow erp5_configurator erp5_configurator_vifib
+
+[erp5_repository_list]
+repository_id_list += vifib/master
+
 [vifib]
-# Recipe zerokspot.recipe.git is disabled, as is not possible to change its
-# environment to use localy delivered git.
-# plone.recipe.command can do same job, but it is controllable which binary
-# will be used
-recipe = plone.recipe.command
-location = ${buildout:parts-directory}/${:_buildout_section_name_}
-stop-on-error = true
+<= erp5
 repository = http://git.erp5.org/repos/slapos.core.git
-branch = master
-revision = f95ca3ccda07292895939ef9b48678acb5f524ce
-command = ${git:location}/bin/git clone --quiet -b ${:branch} ${:repository} ${:location} && if [ -n ${:revision} ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi
-update-command = cd ${:location} && ${git:location}/bin/git pull --quiet && if [ -n ${:revision} ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi
+revision = 3f766ab93c5312c75b7315a60238c1c5b3e4170d 
 
 [local-bt5-repository]
 # XXX: workaround for zc.buildout bug, as list += ends up with adding new entry

software/wordpress/instance.cfg

+[buildout]
+eggs-directory = ${buildout:eggs-directory}
+develop-eggs-directory = ${buildout:develop-eggs-directory}
+
+parts = instance
+
+[instance]
+recipe = ${instance-recipe:egg}:${instance-recipe:module}
+source = ${application:location}
+template = ${application-template:location}/${application-template:filename}
+configuration = ${application-configuration:location}
+
+httpd_binary = ${apache:location}/bin/httpd
+mysql_binary = ${mariadb:location}/bin/mysql
+mysql_install_binary = ${mariadb:location}/bin/mysql_install_db
+mysql_upgrade_binary = ${mariadb:location}/bin/mysql_upgrade
+mysqld_binary = ${mariadb:location}/libexec/mysqld

software/wordpress/software.cfg

+[buildout]
+versions = versions
+
+parts =
+  template
+  apache-php
+  mariadb
+  eggs
+  instance-recipe-egg
+  
+extends =
+  ../../stack/lamp.cfg
+  ../../stack/shacache-client.cfg
+
+[application]
+url = http://wordpress.org/latest.tar.gz
+#md5sum = Student may put here md5sum of this file, this is good idea
+
+[application-template]
+recipe = slapos.recipe.download
+url = ${:_profile_base_location_}/wp-config.php.in
+#md5sum = ${application-configuration:md5sum}
+download-only = True
+filename = template.in
+mode = 0644
+location = ${buildout:parts-directory}/${:_buildout_section_name_}
+
+[application-configuration]
+location = wp-config.php
+  
+[instance-recipe]
+egg = slapos.cookbook
+module = osoeslaptraining.request
+
+[instance-recipe-egg]
+recipe = zc.recipe.egg
+python = python2.7
+eggs = ${instance-recipe:egg}
+
+[template]
+# Default template for the instance.
+recipe = slapos.recipe.template
+url = ${:_profile_base_location_}/instance.cfg
+md5sum = efdb8509f40c86b1b73924fc1ce92f13
+output = ${buildout:directory}/template.cfg
+mode = 0644
+
+[versions]
+slapos.cookbook = 0.12
+
+# Required by slapos.cookbook==0.12
+slapos.core = 0.8
+collective.recipe.template = 1.8
+netaddr = 0.7.5
+xml-marshaller = 0.9.7
+setuptools = 0.6c12dev-r88795
+
+hexagonit.recipe.cmmi = 1.5.0
+hexagonit.recipe.download = 1.5.0
+plone.recipe.command = 1.1
+
+# Use SlapOS patched zc.buildout
+zc.buildout = 1.5.3-dev-SlapOS-005

software/wordpress/wp-config.php.in

+<?php
+/**
+ * The base configurations of the WordPress.
+ *
+ * This file has the following configurations: MySQL settings, Table Prefix,
+ * Secret Keys, WordPress Language, and ABSPATH. You can find more information
+ * by visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing
+ * wp-config.php} Codex page. You can get the MySQL settings from your web host.
+ *
+ * This file is used by the wp-config.php creation script during the
+ * installation. You don't have to use the web site, you can just copy this file
+ * to "wp-config.php" and fill in the values.
+ *
+ * @package WordPress
+ */
+
+// ** MySQL settings - You can get this info from your web host ** //
+/** The name of the database for WordPress */
+define('DB_NAME', '%(mysql_database)s');
+
+/** MySQL database username */
+define('DB_USER', '%(mysql_user)s');
+
+/** MySQL database password */
+define('DB_PASSWORD', '%(mysql_password)s');
+
+/** MySQL hostname */
+define('DB_HOST', '%(mysql_host)s');
+
+/** Database Charset to use in creating database tables. */
+define('DB_CHARSET', 'utf8');
+
+/** The Database Collate type. Don't change this if in doubt. */
+define('DB_COLLATE', '');
+
+/**#@+
+ * Authentication Unique Keys and Salts.
+ *
+ * Change these to different unique phrases!
+ * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
+ * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
+ *
+ * @since 2.6.0
+ */
+define('AUTH_KEY',         'put your unique phrase here');
+define('SECURE_AUTH_KEY',  'put your unique phrase here');
+define('LOGGED_IN_KEY',    'put your unique phrase here');
+define('NONCE_KEY',        'put your unique phrase here');
+define('AUTH_SALT',        'put your unique phrase here');
+define('SECURE_AUTH_SALT', 'put your unique phrase here');
+define('LOGGED_IN_SALT',   'put your unique phrase here');
+define('NONCE_SALT',       'put your unique phrase here');
+
+/**#@-*/
+
+/**
+ * WordPress Database Table prefix.
+ *
+ * You can have multiple installations in one database if you give each a unique
+ * prefix. Only numbers, letters, and underscores please!
+ */
+$table_prefix  = 'wp_';
+
+/**
+ * WordPress Localized Language, defaults to English.
+ *
+ * Change this to localize WordPress. A corresponding MO file for the chosen
+ * language must be installed to wp-content/languages. For example, install
+ * de_DE.mo to wp-content/languages and set WPLANG to 'de_DE' to enable German
+ * language support.
+ */
+define('WPLANG', '');
+
+/**
+ * For developers: WordPress debugging mode.
+ *
+ * Change this to true to enable the display of notices during development.
+ * It is strongly recommended that plugin and theme developers use WP_DEBUG
+ * in their development environments.
+ */
+define('WP_DEBUG', false);
+
+/* That's all, stop editing! Happy blogging. */
+
+/** Absolute path to the WordPress directory. */
+if ( !defined('ABSPATH') )
+	define('ABSPATH', dirname(__FILE__) . '/');
+
+/** Sets up WordPress vars and included files. */
+require_once(ABSPATH . 'wp-settings.php');

stack/erp5.cfg

@@ -2,12 +2,14 @@
 extensions =
   slapos.rebootstrap
   slapos.zcbworkarounds
+  buildout-versions
   mr.developer
 
 find-links =
     http://www.nexedi.org/static/packages/source/slapos.buildout/
     http://dist.repoze.org
     http://www.nexedi.org/static/packages/source/
+    http://www.owlfish.com/software/wsgiutils/download.html
 
 # Separate from site eggs
 allowed-eggs-from-site-packages =
@@ -25,6 +27,7 @@ allow-hosts =
   peak.telecommunity.com
   psutil.googlecode.com
   www.dabeaz.com
+  www.owlfish.com
 
 extends =
 # Exact version of Zope
@@ -37,12 +40,14 @@ extends =
   ../component/git/buildout.cfg
   ../component/glib/buildout.cfg
   ../component/graphviz/buildout.cfg
+  ../component/gzip/buildout.cfg
   ../component/haproxy/buildout.cfg
   ../component/hookbox/buildout.cfg
   ../component/imagemagick/buildout.cfg
   ../component/kumo/buildout.cfg
   ../component/libreoffice-bin/buildout.cfg
   ../component/lxml-python/buildout.cfg
+  ../component/maatkit/buildout.cfg
   ../component/mariadb/buildout.cfg
   ../component/memcached/buildout.cfg
   ../component/mysql-python/buildout.cfg
@@ -82,7 +87,7 @@ parts =
   stunnel
   w3m
   poppler
-  libpng12
+  libpng
   ghostscript
   mariadb
   sphinx
@@ -215,7 +220,7 @@ location = ${buildout:parts-directory}/${:_buildout_section_name_}
 stop-on-error = true
 repository = http://git.erp5.org/repos/erp5.git
 branch = master
-revision = 336a8d63bdcabd92bfe3d9466685e5cd47fad716
+revision = dd36cf064495e04f2ad0eaa9c527a2c3246e9ecb 
 command = ${git:location}/bin/git clone --quiet -b ${:branch} ${:repository} ${:location} && if [ -n ${:revision} ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi
 update-command = cd ${:location} && ${git:location}/bin/git pull --quiet && if [ -n ${:revision} ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi
 
@@ -393,7 +398,7 @@ scripts =
 
 [versions]
 # Use SlapOS patched zc.buildout
-zc.buildout = 1.5.3-dev-SlapOS-004
+zc.buildout = 1.5.3-dev-SlapOS-005
 
 # pin Acquisition and Products.DCWorkflow to Nexedi flavour of eggs
 Acquisition = 2.13.7nxd001

stack/kvm.cfg

+[buildout]
+extends =
+  shacache-client.cfg
+  ../component/python-2.7/buildout.cfg
+  ../component/lxml-python/buildout.cfg
+  ../component/git/buildout.cfg
+  ../component/zlib/buildout.cfg
+  ../component/readline/buildout.cfg
+  ../component/ncurses/buildout.cfg
+  ../component/libuuid/buildout.cfg
+  ../component/noVNC/buildout.cfg
+  ../component/openssl/buildout.cfg
+  ../component/rdiff-backup/buildout.cfg
+  ../component/dcron/buildout.cfg
+  ../component/libpng/buildout.cfg
+
+parts =
+  template
+  gnutls
+  kvm
+  eggs
+
+find-links +=
+  http://www.nexedi.org/static/packages/source/slapos.buildout/
+
+versions = versions
+
+[gpg-error]
+recipe = hexagonit.recipe.cmmi
+url = ftp://ftp.gnupg.org/gcrypt/libgpg-error/libgpg-error-1.10.tar.gz
+md5sum = 7c2710ef439f82ac429b88fec88e9a4c
+
+[gcrypt]
+recipe = hexagonit.recipe.cmmi
+url = ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.6.tar.gz
+md5sum = bfd45922eefb8a24d598af77366220d4
+configure-options =
+  --with-gpg-error-prefix=${gpg-error:location}
+environment =
+  CPPFLAGS=-I${gpg-error:location}/include
+  LDFLAGS=-Wl,-rpath -Wl,${gpg-error:location}/lib -Wl,${gpg-error:location}/lib/libgpg-error.so.0
+
+[gnutls]
+recipe = hexagonit.recipe.cmmi
+url = ftp://ftp.gnupg.org/gcrypt/gnutls/gnutls-2.8.6.tar.bz2
+md5sum = eb0a6d7d3cb9ac684d971c14f9f6d3ba
+configure-options =
+  --with-libgcrypt-prefix=${gcrypt:location}
+environment =
+  CPPFLAGS=-I${zlib:location}/include -I${readline:location}/include -I${ncurses:location}/include -I${ncurses:location}/include/ncursesw -I${gcrypt:location}/include -I${gpg-error:location}/include
+  LDFLAGS=-L${readline:location}/lib -L${ncurses:location}/lib -L${gcrypt:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -Wl,-rpath -Wl,${readline:location}/lib -Wl,-rpath -Wl,${ncurses:location}/lib -Wl,-rpath -Wl,${gcrypt:location}/lib -Wl,-rpath -Wl,${gpg-error:location}/lib -Wl,${gcrypt:location}/lib/libgcrypt.so.11
+  PKG_CONFIG=${zlib:location}/lib/pkgconfig
+
+[kvm]
+recipe = hexagonit.recipe.cmmi
+path = ${kvmsource:location}/
+configure-options =
+  --disable-sdl
+  --disable-xen
+  --enable-vnc-tls
+  --disable-vnc-sasl
+  --disable-curses
+  --disable-curl
+  --enable-kvm
+  --disable-docs
+  --enable-vnc-png
+  --disable-vnc-jpeg
+  --extra-cflags="-I${gnutls:location}/include -I${libuuid:location}/include -I${zlib:location}/include -I${libpng:location}/include"
+  --extra-ldflags="-Wl,-rpath -Wl,${gnutls:location}/lib -L${gnutls:location}/lib -Wl,-rpath -Wl,${libpng:location}/lib -L${libpng:location}/lib -L${libuuid:location}/lib -Wl,-rpath -Wl,${libuuid:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -lpng -lz -lgnutls"
+  --disable-werror
+environment =
+  PKG_CONFIG_PATH=${gnutls:location}/lib/pkgconfig
+
+[kvmsource]
+recipe=plone.recipe.command
+location = ${buildout:parts-directory}/${:_buildout_section_name_}
+stop-on-error = true
+#tag = slapos-v0.1
+command =
+  (${git:location}/bin/git clone --quiet http://git.erp5.org/repos/slapos.kvm.git ${:location} ) || (rm -fr ${:location} ; exit 1)
+update-command =
+ cd ${:location} && ${git:location}/bin/git pull --quiet origin master
+
+[eggs]
+python = python2.7
+recipe = z3c.recipe.scripts
+eggs =
+  ${lxml-python:egg}
+  slapos.cookbook
+
+[versions]
+zc.buildout = 1.5.3-dev-SlapOS-005

stack/lamp.cfg

+[buildout]
+find-links +=
+    http://www.nexedi.org/static/packages/source/slapos.buildout/
+
+# Use only quite well working sites.
+allow-hosts =
+  *.nexedi.org
+  *.python.org
+  *.sourceforge.net
+  dist.repoze.org
+  effbot.org
+  github.com
+  peak.telecommunity.com
+  psutil.googlecode.com
+  www.dabeaz.com
+
+parts =
+  template
+  apache-php
+  mariadb
+  eggs
+  instance-recipe-egg
+  
+extends =
+  ../component/mariadb/buildout.cfg
+  ../component/apache/buildout.cfg
+  ../component/apache-php/buildout.cfg
+  ../component/dcron/buildout.cfg
+  ../component/git/buildout.cfg
+  ../component/glib/buildout.cfg
+  ../component/logrotate/buildout.cfg
+  ../component/python-2.7/buildout.cfg
+  ../component/perl/buildout.cfg
+  ../component/sqlite3/buildout.cfg
+  ../component/xtrabackup/buildout.cfg
+  ../component/rdiff-backup/buildout.cfg
+  ../component/lxml-python/buildout.cfg
+  ../component/zlib/buildout.cfg
+
+[application]
+recipe = hexagonit.recipe.download
+#If provided tarball does not containt top directory this option shall be changed to false
+strip-top-level-dir = true
+
+[eggs]
+recipe = zc.recipe.egg
+eggs =
+  ${lxml-python:egg}

stack/nbd.cfg

+[buildout]
+extends =
+  ../component/python-2.6/buildout.cfg
+  ../component/lxml-python/buildout.cfg
+  ../component/zlib/buildout.cfg
+  ../component/git/buildout.cfg
+
+# Python2.6 needed by Flask and pyopenssl
+extensions =
+  slapos.rebootstrap
+
+parts +=
+  nbdserver
+  pyOpenSSL-python
+  eggs
+
+find-links +=
+  http://www.nexedi.org/static/packages/source/slapos.buildout/
+
+versions = versions
+
+# Use only quite well working sites.
+allow-hosts =
+  *.nexedi.org
+  *.python.org
+  *.sourceforge.net
+  dist.repoze.org
+  effbot.org
+  github.com
+  peak.telecommunity.com
+  psutil.googlecode.com
+  www.dabeaz.com
+
+[rebootstrap]
+section = python2.6
+version = 3
+eggs = slapos.libnetworkcache
+
+[nbdserver]
+recipe = hexagonit.recipe.cmmi
+path = ${nbdserversource:location}/
+configure-options =
+  --disable-system
+  --disable-kvm
+  --extra-cflags="-I${zlib:location}/include"
+  --extra-ldflags="-L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib"
+  --disable-werror
+
+[nbdserversource]
+recipe=plone.recipe.command
+location = ${buildout:parts-directory}/${:_buildout_section_name_}
+stop-on-error = true
+command =
+  (${git:location}/bin/git clone --quiet http://git.erp5.org/repos/slapos.kvm.git ${:location} ) || (rm -fr ${:location} ; exit 1)
+update-command =
+ cd ${:location} && ${git:location}/bin/git pull --quiet origin master
+
+[instance-recipe]
+egg = slapos.cookbook
+module = nbdserver
+
+[eggs]
+recipe = zc.recipe.egg
+eggs =
+  slapos.toolbox
+  slapos.cookbook
+  pyOpenSSL
+
+[pyOpenSSL-python]
+recipe = zc.recipe.egg:custom
+egg = pyOpenSSL
+include-dirs =
+  ${openssl:location}/include/
+  ${python2.6:location}/include/
+library-dirs =
+  ${openssl:location}/lib/
+  ${python2.6:location}/lib/
+rpath =
+  ${openssl:location}/lib/
+  ${python2.6:location}/lib/
+
+
+[versions]
+# Use SlapOS patched zc.buildout
+zc.buildout = 1.5.3-dev-SlapOS-005
+
+Jinja2 = 2.5.5
+Werkzeug = 0.6.2
+apache-libcloud = 0.5.2
+hexagonit.recipe.cmmi = 1.5.0
+meld3 = 0.6.7
+plone.recipe.command = 1.1
+pyOpenSSL = 0.12
+pycrypto = 2.3
+slapos.cookbook = 0.14
+slapos.recipe.template = 1.1
+slapos.toolbox = 0.6
+
+# Required by:
+# slapos.core==0.9
+# slapos.toolbox==0.6
+Flask = 0.7.2
+
+# Required by:
+# slapos.cookbook==0.14
+PyXML = 0.8.4
+
+# Required by:
+# slapos.core==0.9
+argparse = 1.1
+
+# Required by:
+# slapos.recipe.template==1.1
+collective.recipe.template = 1.8
+
+# Required by:
+# hexagonit.recipe.cmmi==1.5.0
+hexagonit.recipe.download = 1.5.0
+
+# Required by:
+# slapos.cookbook==0.14
+# slapos.core==0.9
+# slapos.toolbox==0.6
+# xml-marshaller==0.9.7
+lxml = 2.3
+
+# Required by:
+# slapos.cookbook==0.14
+netaddr = 0.7.5
+
+# Required by:
+# slapos.core==0.9
+netifaces = 0.4
+
+# Required by:
+# slapos.toolbox==0.6
+paramiko = 1.7.7.1
+
+# Required by:
+# slapos.toolbox==0.6
+psutil = 0.3.0
+
+# Required by:
+# slapos.cookbook==0.14
+# slapos.core==0.9
+# slapos.toolbox==0.6
+# zc.buildout==1.5.3-dev-SlapOS-005
+# zc.recipe.egg==1.3.2
+setuptools = 0.6c12dev-r88846
+
+# Required by:
+# slapos.cookbook==0.14
+# slapos.toolbox==0.6
+slapos.core = 0.9
+
+# Required by:
+# slapos.core==0.9
+supervisor = 3.0a10
+
+# Required by:
+# slapos.cookbook==0.14
+# slapos.toolbox==0.6
+xml-marshaller = 0.9.7
+
+# Required by:
+# slapos.cookbook==0.14
+zc.recipe.egg = 1.3.2
+
+# Required by:
+# slapos.core==0.9
+zope.interface = 3.6.4