Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Paul Graydon
slapos
Commits
d21df0ee
Commit
d21df0ee
authored
Sep 21, 2018
by
Jérome Perrin
Browse files
Options
Browse Files
Download
Plain Diff
Update Shellinabox in testnode
/reviewed-on
nexedi/slapos!408
parents
71d01aa6
5d4852c3
Changes
9
Hide whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
86 additions
and
404 deletions
+86
-404
component/shellinabox/0001-Switch-to-IPv6.patch
component/shellinabox/0001-Switch-to-IPv6.patch
+0
-213
component/shellinabox/0002-Allow-to-run-entire-command-path.patch
...t/shellinabox/0002-Allow-to-run-entire-command-path.patch
+0
-26
component/shellinabox/buildout.cfg
component/shellinabox/buildout.cfg
+1
-19
setup.py
setup.py
+0
-1
slapos/recipe/shellinabox.py
slapos/recipe/shellinabox.py
+0
-109
software/erp5testnode/buildout.hash.cfg
software/erp5testnode/buildout.hash.cfg
+1
-1
software/erp5testnode/instance-default.cfg
software/erp5testnode/instance-default.cfg
+80
-30
software/erp5testnode/software.cfg
software/erp5testnode/software.cfg
+4
-1
software/slaprunner/software.cfg
software/slaprunner/software.cfg
+0
-4
No files found.
component/shellinabox/0001-Switch-to-IPv6.patch
deleted
100644 → 0
View file @
71d01aa6
From 50ec7439e80bd6a77346dc6482895e481d8cd43a Mon Sep 17 00:00:00 2001
From: Antoine Catton <acatton@tiolive.com>
Date: Tue, 10 Jan 2012 18:30:20 +0100
Subject: [PATCH] Switch to IPv6
---
libhttp/http.h | 4 ++--
libhttp/httpconnection.c | 11 ++++++++++-
libhttp/server.c | 33 +++++++++++++++++++--------------
libhttp/server.h | 6 +++---
shellinabox/shellinaboxd.c | 14 +++++++-------
5 files changed, 41 insertions(+), 27 deletions(-)
diff --git a/libhttp/http.h b/libhttp/http.h
index e7840fa..5cd61e3 100644
--- a/libhttp/http.h
+++ b/libhttp/http.h
@@ -66,8 +66,8 @@
typedef struct ServerConnection ServerConnection;
typedef struct Server Server;
typedef struct URL URL;
-Server *newCGIServer(int localhostOnly, int portMin, int portMax, int timeout);
-Server *newServer(int localhostOnly, int port);
+Server *newCGIServer(char *ipv6, int portMin, int portMax, int timeout);
+Server *newServer(char *ipv6, int port);
void deleteServer(Server *server);
int serverGetListeningPort(Server *server);
int serverGetFd(Server *server);
diff --git a/libhttp/httpconnection.c b/libhttp/httpconnection.c
index c8e69f6..cae467f 100644
--- a/libhttp/httpconnection.c
+++ b/libhttp/httpconnection.c
@@ -823,8 +823,17 @@
static int httpHandleCommand(struct HttpConnection *http,
const char *host = getFromHashMap(&http->header,
"host");
if (host) {
+ int brackets = 0; // For IPv6 hosts
for (char ch; (ch = *host) != '\000'; host++) {
- if (ch == ':') {
+ if (ch == '[') {
+ brackets = 1;
+ break;
+ }
+ if (ch == ']') {
+ brackets = 0;
+ break;
+ }
+ if (!brackets && ch == ':') {
*(char *)host = '\000';
break;
}
diff --git a/libhttp/server.c b/libhttp/server.c
index f52a269..2c30bd8 100644
--- a/libhttp/server.c
+++ b/libhttp/server.c
@@ -170,19 +170,19 @@
static int serverQuitHandler(struct HttpConnection *http, void *arg) {
return HTTP_DONE;
}
-struct Server *newCGIServer(int localhostOnly, int portMin, int portMax,
+struct Server *newCGIServer(char *ipv6, int portMin, int portMax,
int timeout) {
struct Server *server;
check(server = malloc(sizeof(struct Server)));
- initServer(server, localhostOnly, portMin, portMax, timeout);
+ initServer(server, ipv6, portMin, portMax, timeout);
return server;
}
-struct Server *newServer(int localhostOnly, int port) {
- return newCGIServer(localhostOnly, port, port, -1);
+struct Server *newServer(char *ipv6, int port) {
+ return newCGIServer(ipv6, port, port, -1);
}
-void initServer(struct Server *server, int localhostOnly, int portMin,
+void initServer(struct Server *server, char *ipv6, int portMin,
int portMax, int timeout) {
server->looping = 0;
server->exitAll = 0;
@@ -192,14 +192,19 @@
void initServer(struct Server *server, int localhostOnly, int portMin,
server->numConnections = 0;
int true = 1;
- server->serverFd = socket(PF_INET, SOCK_STREAM, 0);
+ server->serverFd = socket(PF_INET6, SOCK_STREAM, 0);
check(server->serverFd >= 0);
check(!setsockopt(server->serverFd, SOL_SOCKET, SO_REUSEADDR,
&true, sizeof(true)));
- struct sockaddr_in serverAddr = { 0 };
- serverAddr.sin_family = AF_INET;
- serverAddr.sin_addr.s_addr = htonl(localhostOnly
- ? INADDR_LOOPBACK : INADDR_ANY);
+ struct sockaddr_in6 serverAddr = { 0 };
+ serverAddr.sin6_family = AF_INET6;
+ if (ipv6 != NULL) {
+ if (!inet_pton(AF_INET6, ipv6, serverAddr.sin6_addr.s6_addr)) {
+ fatal("Bad ipv6 address");
+ }
+ } else {
+ serverAddr.sin6_addr = in6addr_any;
+ }
// Linux unlike BSD does not have support for picking a local port range.
// So, we have to randomly pick a port from our allowed port range, and then
@@ -214,14 +219,14 @@
void initServer(struct Server *server, int localhostOnly, int portMin,
int portStart = rand() % (portMax - portMin + 1) + portMin;
for (int p = 0; p <= portMax-portMin; p++) {
int port = (p+portStart)%(portMax-portMin+1)+ portMin;
- serverAddr.sin_port = htons(port);
+ serverAddr.sin6_port = htons(port);
if (!bind(server->serverFd, (struct sockaddr *)&serverAddr,
sizeof(serverAddr))) {
break;
}
- serverAddr.sin_port = 0;
+ serverAddr.sin6_port = 0;
}
- if (!serverAddr.sin_port) {
+ if (!serverAddr.sin6_port) {
fatal("Failed to find any available port");
}
}
@@ -231,7 +236,7 @@
void initServer(struct Server *server, int localhostOnly, int portMin,
check(!getsockname(server->serverFd, (struct sockaddr *)&serverAddr,
&socklen));
check(socklen == sizeof(serverAddr));
- server->port = ntohs(serverAddr.sin_port);
+ server->port = ntohs(serverAddr.sin6_port);
info("Listening on port %d", server->port);
check(server->pollFds = malloc(sizeof(struct pollfd)));
diff --git a/libhttp/server.h b/libhttp/server.h
index bb879fb..5ffb698 100644
--- a/libhttp/server.h
+++ b/libhttp/server.h
@@ -78,10 +78,10 @@
struct Server {
struct SSLSupport ssl;
};
-struct Server *newCGIServer(int localhostOnly, int portMin, int portMax,
+struct Server *newCGIServer(char *ipv6, int portMin, int portMax,
int timeout);
-struct Server *newServer(int localhostOnly, int port);
-void initServer(struct Server *server, int localhostOnly, int portMin,
+struct Server *newServer(char *ipv6, int port);
+void initServer(struct Server *server, char *ipv6, int portMin,
int portMax, int timeout);
void destroyServer(struct Server *server);
void deleteServer(struct Server *server);
diff --git a/shellinabox/shellinaboxd.c b/shellinabox/shellinaboxd.c
index dcf05ff..2d1d758 100644
--- a/shellinabox/shellinaboxd.c
+++ b/shellinabox/shellinaboxd.c
@@ -80,7 +80,7 @@
static int port;
static int portMin;
static int portMax;
-static int localhostOnly = 0;
+static char *ipv6 = NULL;
static int noBeep = 0;
static int numericHosts = 0;
static int enableSSL = 1;
@@ -747,7 +747,7 @@
static void usage(void) {
" -g, --group=GID switch to this group (default: %s)\n"
" -h, --help print this message\n"
" --linkify=[none|normal|agressive] default is \"normal\"\n"
- " --localhost-only only listen on 127.0.0.1\n"
+ " --ipv6 listen on a specific ipv6\n"
" --no-beep suppress all audio output\n"
" -n, --numeric do not resolve hostnames\n"
" -p, --port=PORT select a port (default: %d)\n"
@@ -839,7 +839,7 @@
static void parseArgs(int argc, char * const argv[]) {
{ "static-file", 1, 0, 'f' },
{ "group", 1, 0, 'g' },
{ "linkify", 1, 0, 0 },
- { "localhost-only", 0, 0, 0 },
+ { "ipv6", 1, 0, 0 },
{ "no-beep", 0, 0, 0 },
{ "numeric", 0, 0, 'n' },
{ "port", 1, 0, 'p' },
@@ -1001,8 +1001,8 @@
static void parseArgs(int argc, char * const argv[]) {
"\"none\", \"normal\", or \"aggressive\".");
}
} else if (!idx--) {
- // Localhost Only
- localhostOnly = 1;
+ // IPv6
+ ipv6 = optarg;
} else if (!idx--) {
// No Beep
noBeep = 1;
@@ -1197,7 +1197,7 @@
int main(int argc, char * const argv[]) {
// Create a new web server
Server *server;
if (port) {
- check(server = newServer(localhostOnly, port));
+ check(server = newServer(ipv6, port));
dropPrivileges();
setUpSSL(server);
} else {
@@ -1217,7 +1217,7 @@
int main(int argc, char * const argv[]) {
_exit(0);
}
check(!NOINTR(close(fds[0])));
- check(server = newCGIServer(localhostOnly, portMin, portMax,
+ check(server = newCGIServer(ipv6, portMin, portMax,
AJAX_TIMEOUT));
cgiServer = server;
setUpSSL(server);
--
1.7.6.5
component/shellinabox/0002-Allow-to-run-entire-command-path.patch
deleted
100644 → 0
View file @
71d01aa6
From eee6f7180dc5dd4523264e7ce0721945ab2b78a1 Mon Sep 17 00:00:00 2001
From: Antoine Catton <acatton@tiolive.com>
Date: Wed, 11 Jan 2012 17:32:15 +0100
Subject: [PATCH 2/2] Allow to run entire command path.
---
shellinabox/launcher.c | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/shellinabox/launcher.c b/shellinabox/launcher.c
index fb8a133..e116a75 100644
--- a/shellinabox/launcher.c
+++ b/shellinabox/launcher.c
@@ -1226,8 +1226,7 @@
static void execService(int width, int height, struct Service *service,
extern char **environ;
environ = environment;
- char *cmd = strrchr(argv[0], '/');
- execvp(cmd ? cmd + 1: argv[0], argv);
+ execvp(argv[0], argv);
}
void setWindowSize(int pty, int width, int height) {
--
1.7.6.5
component/shellinabox/buildout.cfg
View file @
d21df0ee
...
@@ -11,24 +11,6 @@ extends =
...
@@ -11,24 +11,6 @@ extends =
parts = shellinabox
parts = shellinabox
[shellinabox]
<= shellinabox-2.10
[shellinabox-2.10]
; This version is old, but we patch it for IPv6 support
recipe = slapos.recipe.cmmi
url = http://shellinabox.googlecode.com/files/shellinabox-2.10.tar.gz
md5sum = 0e144910d85d92edc54702ab9c46f032
patch-binary = ${patch:location}/bin/patch
patch-options = -p1
patches =
${:_profile_base_location_}/0001-Switch-to-IPv6.patch#b61cb099c00e15a5fcaf6c98134fff45
${:_profile_base_location_}/0002-Allow-to-run-entire-command-path.patch#a506b4d83021e24c830f767501c1d3fc
environment =
CFLAGS = -I${zlib:location}/include -I${openssl:location}/include
LDFLAGS = -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib
PKG_CONFIG_PATH = ${openssl:location}/lib/pkgconfig/
[shellinabox-git-repository]
[shellinabox-git-repository]
; This version has much more features, but does not support IPv6 (support unix domain though)
; This version has much more features, but does not support IPv6 (support unix domain though)
recipe = slapos.recipe.build:gitclone
recipe = slapos.recipe.build:gitclone
...
@@ -36,7 +18,7 @@ repository = https://github.com/shellinabox/shellinabox
...
@@ -36,7 +18,7 @@ repository = https://github.com/shellinabox/shellinabox
revision = b8285748993c4c99e80793775f3d2a0a4e962d5a
revision = b8285748993c4c99e80793775f3d2a0a4e962d5a
git-executable = ${git:location}/bin/git
git-executable = ${git:location}/bin/git
[shellinabox
-github
]
[shellinabox]
recipe = slapos.recipe.cmmi
recipe = slapos.recipe.cmmi
path = ${shellinabox-git-repository:location}
path = ${shellinabox-git-repository:location}
configure-command =
configure-command =
...
...
setup.py
View file @
d21df0ee
...
@@ -168,7 +168,6 @@ setup(name=name,
...
@@ -168,7 +168,6 @@ setup(name=name,
'reverseproxy.nginx = slapos.recipe.reverse_proxy_nginx:Recipe'
,
'reverseproxy.nginx = slapos.recipe.reverse_proxy_nginx:Recipe'
,
'sheepdogtestbed = slapos.recipe.sheepdogtestbed:SheepDogTestBed'
,
'sheepdogtestbed = slapos.recipe.sheepdogtestbed:SheepDogTestBed'
,
'shell = slapos.recipe.shell:Recipe'
,
'shell = slapos.recipe.shell:Recipe'
,
'shellinabox = slapos.recipe.shellinabox:Recipe'
,
'signalwrapper= slapos.recipe.signal_wrapper:Recipe'
,
'signalwrapper= slapos.recipe.signal_wrapper:Recipe'
,
'simplelogger = slapos.recipe.simplelogger:Recipe'
,
'simplelogger = slapos.recipe.simplelogger:Recipe'
,
'simplehttpserver = slapos.recipe.simplehttpserver:Recipe'
,
'simplehttpserver = slapos.recipe.simplehttpserver:Recipe'
,
...
...
slapos/recipe/shellinabox.py
deleted
100644 → 0
View file @
71d01aa6
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from
getpass
import
getpass
import
hmac
import
pwd
import
grp
import
os
import
shlex
from
slapos.recipe.librecipe
import
GenericBaseRecipe
def
login_shell
(
password_file
,
shell
):
if
password_file
:
with
open
(
password_file
,
'r'
)
as
password_file
:
password
=
password_file
.
read
()
if
not
password
or
hmac
.
compare_digest
(
getpass
(),
password
):
commandline
=
shlex
.
split
(
shell
)
os
.
execv
(
commandline
[
0
],
commandline
)
return
1
def
shellinabox
(
args
):
certificate_dir
=
args
[
'certificate_dir'
]
certificate_path
=
os
.
path
.
join
(
certificate_dir
,
'certificate.pem'
)
with
open
(
certificate_path
,
'w'
)
as
certificate_file
:
with
open
(
args
[
'ssl_key'
],
'r'
)
as
key_file
:
# XXX: Dirty hack in order to make shellinabox work
print
>>
certificate_file
,
key_file
.
read
().
replace
(
' PRIVATE '
,
' RSA PRIVATE '
)
with
open
(
args
[
'ssl_certificate'
])
as
public_key_file
:
print
>>
certificate_file
,
public_key_file
.
read
()
user
=
pwd
.
getpwuid
(
os
.
getuid
()).
pw_uid
group
=
grp
.
getgrgid
(
os
.
getgid
()).
gr_gid
service
=
'/:%(user)s:%(group)s:%(directory)s:%(command)s'
%
{
'user'
:
user
,
'group'
:
group
,
'directory'
:
args
[
'directory'
],
'command'
:
args
[
'login_shell'
],
}
command_line
=
[
args
[
'shellinabox'
],
'-c'
,
certificate_dir
,
'-s'
,
service
,
'--ipv6'
,
args
[
'ipv6'
],
'-p'
,
args
[
'port'
],
]
# XXX: By default shellinbox drop privileges
# switching to nobody:nogroup user.
# This force root.
if
group
==
'root'
:
command_line
.
extend
([
'-g'
,
group
])
if
user
==
'root'
:
command_line
.
extend
([
'-u'
,
group
])
os
.
execv
(
command_line
[
0
],
command_line
)
class
Recipe
(
GenericBaseRecipe
):
def
install
(
self
):
login_shell_wrapper
=
self
.
createPythonScript
(
self
.
options
[
'login-shell'
],
__name__
+
'.login_shell'
,
(
self
.
options
[
'password-file'
],
self
.
options
[
'shell'
])
)
shellinabox_wrapper
=
self
.
createPythonScript
(
self
.
options
[
'wrapper'
],
__name__
+
'.shellinabox'
,
(
dict
(
certificate_dir
=
self
.
options
[
'certificate-directory'
],
ssl_key
=
self
.
options
[
'key-file'
],
ssl_certificate
=
self
.
options
[
'cert-file'
],
shellinabox
=
self
.
options
[
'shellinabox-binary'
],
directory
=
self
.
options
[
'directory'
],
ipv6
=
self
.
options
[
'ipv6'
],
port
=
self
.
options
[
'port'
],
login_shell
=
login_shell_wrapper
,
),)
)
return
login_shell_wrapper
,
shellinabox_wrapper
software/erp5testnode/buildout.hash.cfg
View file @
d21df0ee
...
@@ -18,4 +18,4 @@ md5sum = 307663d73ef3ef94b02567ecd322252e
...
@@ -18,4 +18,4 @@ md5sum = 307663d73ef3ef94b02567ecd322252e
[template-default]
[template-default]
filename = instance-default.cfg
filename = instance-default.cfg
md5sum =
555700e5d216ff32a981f4066791bda
b
md5sum =
d5a4270e5e7827db2e6a19d2eedb570
b
software/erp5testnode/instance-default.cfg
View file @
d21df0ee
...
@@ -9,8 +9,6 @@ extends = ${monitor2-template:rendered}
...
@@ -9,8 +9,6 @@ extends = ${monitor2-template:rendered}
parts =
parts =
testnode
testnode
shell
shellinabox
certificate-authority
certificate-authority
ca-shellinabox
ca-shellinabox
ca-httpd-testnode
ca-httpd-testnode
...
@@ -18,11 +16,12 @@ parts =
...
@@ -18,11 +16,12 @@ parts =
monitor-publish
monitor-publish
testnode-frontend
testnode-frontend
resiliency-exclude-file
resiliency-exclude-file
shellinabox-frontend-reload
promises
[monitor-publish]
[monitor-publish]
recipe = slapos.cookbook:publish
recipe = slapos.cookbook:publish
url = https://[$${shellinabox:ipv6}]:$${shellinabox:port}/
url = $${shellinabox-frontend:url}
password = $${pwgen:passwd}
frontend-url = $${testnode-frontend:connection-secure_access}
frontend-url = $${testnode-frontend:connection-secure_access}
[pwgen]
[pwgen]
...
@@ -73,34 +72,70 @@ apache-modules-dir = ${apache:location}/modules
...
@@ -73,34 +72,70 @@ apache-modules-dir = ${apache:location}/modules
apache-mime-file = ${apache:location}/conf/mime.types
apache-mime-file = ${apache:location}/conf/mime.types
apache-htpasswd = ${apache:location}/bin/htpasswd
apache-htpasswd = ${apache:location}/bin/htpasswd
[shell]
recipe = slapos.cookbook:shell
[shell-environment]
wrapper = $${rootdirectory:bin}/sh
shell = ${bash:location}/bin/bash
shell = ${busybox:location}/bin/sh
home = $${buildout:directory}
ps1 = "\\w> "
path =
${busybox:location}/bin/
${busybox:location}/usr/bin/
${git:location}/bin/
${python2.7:location}/bin/
${buildout:bin-directory}/
${busybox:location}/sbin/
${busybox:location}/usr/sbin/
[shellinabox]
[shellinabox]
recipe = slapos.cookbook:shellinabox
recipe = slapos.recipe.template:jinja2
# We cannot use slapos.cookbook:wrapper here because this recipe escapes too much
socket = $${directory:run}/siab.sock
mode = 0700
rendered = $${basedirectory:services}/shellinaboxd
template = inline:
#!/bin/sh
exec ${shellinabox:location}/bin/shellinaboxd \
--disable-ssl \
--disable-ssl-menu \
--unixdomain-only=$${:socket}:$(id -u):$(id -g):0600 \
--service "/:$(id -u):$(id -g):HOME:$${shell-environment:shell} -l"
[shellinabox-frontend-config]
recipe = slapos.recipe.template:jinja2
rendered = $${directory:etc}/$${:_buildout_section_name_}
template = inline:
https://$${:hostname}:$${:port} {
bind $${:ipv6}
tls $${:cert-file} $${:key-file}
gzip
log stdout
errors stderr
proxy / unix:$${shellinabox:socket}
basicauth $${:username} $${:passwd} {
realm "Test Node $${testnode:test-node-title}"
/
}
}
ipv6 = $${slap-network-information:global-ipv6}
ipv6 = $${slap-network-information:global-ipv6}
hostname = [$${:ipv6}]
port = 8080
port = 8080
shell = $${shell:wrapper}
username = testnode
wrapper = $${rootdirectory:bin}/shellinaboxd
passwd = $${pwgen:passwd}
shellinabox-binary = ${shellinabox:location}/bin/shellinaboxd
password-file = $${pwgen:storage-path}
directory = $${buildout:directory}/
login-shell = $${rootdirectory:bin}/login
certificate-directory = $${directory:shellinabox}
cert-file = $${directory:shellinabox}/public.crt
cert-file = $${directory:shellinabox}/public.crt
key-file = $${directory:shellinabox}/private.key
key-file = $${directory:shellinabox}/private.key
url = https://$${:username}:$${:passwd}@$${:hostname}:$${:port}
[shellinabox-frontend]
recipe = slapos.cookbook:wrapper
wrapper-path = $${rootdirectory:bin}/$${:_buildout_section_name_}
command-line =
${caddy:output} -conf $${shellinabox-frontend-config:rendered} -pidfile $${:pidfile}
url = $${shellinabox-frontend-config:url}
hostname = $${shellinabox-frontend-config:ipv6}
port = $${shellinabox-frontend-config:port}
pidfile = $${basedirectory:run}/$${:_buildout_section_name_}.pid
[shellinabox-frontend-reload]
recipe = slapos.cookbook:wrapper
wrapper-path = $${basedirectory:services}/$${:_buildout_section_name_}
command-line =
${bash:location}/bin/bash -c
"kill -s USR1 $$(${coreutils:location}/bin/cat $${shellinabox-frontend:pidfile}) \
&& ${coreutils:location}/bin/sleep infinity"
hash-files =
$${shellinabox-frontend-config:rendered}
$${shellinabox-frontend:wrapper-path}
[certificate-authority]
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
recipe = slapos.cookbook:certificate_authority
...
@@ -124,10 +159,10 @@ crl = $${directory:ca-dir}/crl/
...
@@ -124,10 +159,10 @@ crl = $${directory:ca-dir}/crl/
[ca-shellinabox]
[ca-shellinabox]
<= certificate-authority
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
recipe = slapos.cookbook:certificate_authority.request
executable = $${shellinabox
:wrapper
}
executable = $${shellinabox
-frontend:wrapper-path
}
wrapper = $${basedirectory:services}/shellinaboxd
wrapper = $${basedirectory:services}/shellinabox
-fronten
d
key-file = $${shellinabox:key-file}
key-file = $${shellinabox
-frontend-config
:key-file}
cert-file = $${shellinabox:cert-file}
cert-file = $${shellinabox
-frontend-config
:cert-file}
[ca-httpd-testnode]
[ca-httpd-testnode]
<= certificate-authority
<= certificate-authority
...
@@ -181,6 +216,21 @@ config-https-only = true
...
@@ -181,6 +216,21 @@ config-https-only = true
#software-type = custom-personal
#software-type = custom-personal
return = domain secure_access
return = domain secure_access
[promises]
recipe =
instance-promises =
$${shellinabox-frontend-listen-promise:path}
[check-port-listening-promise]
recipe = slapos.cookbook:check_port_listening
path = $${directory:promises}/$${:_buildout_section_name_}
[shellinabox-frontend-listen-promise]
<= check-port-listening-promise
hostname= $${shellinabox-frontend:hostname}
port = $${shellinabox-frontend:port}
[slap-parameter]
[slap-parameter]
node-quantity = 1
node-quantity = 1
test-suite-master-url =
test-suite-master-url =
...
...
software/erp5testnode/software.cfg
View file @
d21df0ee
...
@@ -5,7 +5,9 @@ extends =
...
@@ -5,7 +5,9 @@ extends =
../../component/git/buildout.cfg
../../component/git/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/zip/buildout.cfg
../../component/zip/buildout.cfg
../../component/busybox/buildout.cfg
../../component/bash/buildout.cfg
../../component/caddy/buildout.cfg
../../component/coreutils/buildout.cfg
../../component/shellinabox/buildout.cfg
../../component/shellinabox/buildout.cfg
../../component/pwgen/buildout.cfg
../../component/pwgen/buildout.cfg
../../component/apache/buildout.cfg
../../component/apache/buildout.cfg
...
@@ -27,6 +29,7 @@ eggs =
...
@@ -27,6 +29,7 @@ eggs =
zc.buildout
zc.buildout
slapos.libnetworkcache
slapos.libnetworkcache
slapos.core
slapos.core
slapos.recipe.template
supervisor
supervisor
jsonschema
jsonschema
hexagonit.recipe.download
hexagonit.recipe.download
...
...
software/slaprunner/software.cfg
View file @
d21df0ee
...
@@ -43,10 +43,6 @@ common-parts =
...
@@ -43,10 +43,6 @@ common-parts =
parts =
parts =
${:common-parts}
${:common-parts}
# Use shellinabox from github with AF_UNIX support
[shellinabox]
<= shellinabox-github
[template-base]
[template-base]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/${:filename}
url = ${:_profile_base_location_}/${:filename}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment