Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Romain Courteaud
slapos
Commits
e13f7c63
Commit
e13f7c63
authored
Apr 23, 2013
by
Marco Mariani
Browse files
Options
Browse Files
Download
Plain Diff
Merge remote-tracking branch 'origin/master' into zimbra
parents
0e3ec32b
e40afbc5
Changes
22
Hide whitespace changes
Inline
Side-by-side
Showing
22 changed files
with
310 additions
and
185 deletions
+310
-185
CHANGES.txt
CHANGES.txt
+13
-0
component/noVNC/buildout.cfg
component/noVNC/buildout.cfg
+1
-1
component/qemu-kvm/buildout.cfg
component/qemu-kvm/buildout.cfg
+8
-3
component/zabbix/buildout.cfg
component/zabbix/buildout.cfg
+2
-2
setup.py
setup.py
+1
-1
slapos/recipe/apache_frontend/__init__.py
slapos/recipe/apache_frontend/__init__.py
+45
-58
slapos/recipe/apache_frontend/template/apache.conf.in
slapos/recipe/apache_frontend/template/apache.conf.in
+20
-6
slapos/recipe/kvm_frontend/__init__.py
slapos/recipe/kvm_frontend/__init__.py
+2
-1
slapos/recipe/kvm_frontend/template/kvm-proxy.js
slapos/recipe/kvm_frontend/template/kvm-proxy.js
+63
-39
slapos/recipe/kvm_frontend/template/nodejs_run.in
slapos/recipe/kvm_frontend/template/nodejs_run.in
+1
-1
slapos/recipe/zabbixagent/__init__.py
slapos/recipe/zabbixagent/__init__.py
+7
-4
software/apache-frontend/README.apache_frontend.txt
software/apache-frontend/README.apache_frontend.txt
+7
-0
software/apache-frontend/common.cfg
software/apache-frontend/common.cfg
+5
-3
software/apache-frontend/instance.cfg
software/apache-frontend/instance.cfg
+47
-6
software/apache-frontend/software.cfg
software/apache-frontend/software.cfg
+57
-23
software/kvm/common.cfg
software/kvm/common.cfg
+4
-10
software/kvm/development.cfg
software/kvm/development.cfg
+10
-3
software/kvm/instance-frontend.cfg.in
software/kvm/instance-frontend.cfg.in
+13
-4
software/kvm/instance-kvm.cfg.in
software/kvm/instance-kvm.cfg.in
+3
-4
software/kvm/instance-kvmplus.cfg.in
software/kvm/instance-kvmplus.cfg.in
+0
-14
software/kvm/instance.cfg.in
software/kvm/instance.cfg.in
+0
-1
software/kvm/software.cfg
software/kvm/software.cfg
+1
-1
No files found.
CHANGES.txt
View file @
e13f7c63
Changes
=======
0.77.1 (2013-04-18)
-------------------
* Re-release of 0.77.0.
0.77.0 (2013-04-18)
-------------------
* Allow to pass extra parameters when creating simple wrapper. [Sebastien Robin]
* Apache frontend: Append all rewrite module options to http as well. [Cedric de Saint Martin]
* Apache frontend: Add https-only support. [Cedric de Saint Martin]
* Apache frontend: make logrotate work by using "generic" component. [Cedric de Saint Martin]
0.76.0 (2013-04-03)
-------------------
...
...
component/noVNC/buildout.cfg
View file @
e13f7c63
...
...
@@ -6,5 +6,5 @@ parts =
recipe = hexagonit.recipe.download
# Post-0.4 release from January 2013
url = http://github.com/kanaka/noVNC/zipball/3b2acc2258d36137a37edfbe0f03a3099189c49d
md5sum =
0d06abc20e59643e14fefe52b42daf60
md5sum =
a276be8fa193652bb5de8a271603f11f
strip-top-level-dir = true
component/qemu-kvm/buildout.cfg
View file @
e13f7c63
...
...
@@ -3,6 +3,7 @@ extends =
../../component/gnutls/buildout.cfg
../../component/libpng/buildout.cfg
../../component/libuuid/buildout.cfg
../../component/xorg/buildout.cfg
../../component/zlib/buildout.cfg
[kvm]
...
...
@@ -11,9 +12,11 @@ extends =
[qemu-kvm]
recipe = slapos.recipe.cmmi
url = http://downloads.sourceforge.net/project/kvm/qemu-kvm/1.2.0/qemu-kvm-1.2.0.tar.gz
md5sum = d7b18b673c48abfee65a9c0245df0415
# qemu-kvm and qemu are now the same since 1.3.
url = http://wiki.qemu-project.org/download/qemu-1.4.1.tar.bz2
md5sum = eb2d696956324722b5ecfa46e41f9a75
configure-options =
--target-list=""
--disable-sdl
--disable-xen
--enable-vnc-tls
...
...
@@ -24,9 +27,11 @@ configure-options =
--disable-docs
--enable-vnc-png
--disable-vnc-jpeg
--enable-vnc-ws
--extra-cflags="-I${gnutls:location}/include -I${libuuid:location}/include -I${zlib:location}/include -I${libpng:location}/include"
--extra-ldflags="-Wl,-rpath -Wl,${glib:location}/lib -L${glib:location}/lib -Wl,-rpath -Wl,${gnutls:location}/lib -L${gnutls:location}/lib -Wl,-rpath -Wl,${gpg-error:location}/lib -L${gpg-error:location}/lib -L${gettext:location}/lib -Wl,-rpath -Wl,${gettext:location}/lib -Wl,-rpath -Wl,${libpng:location}/lib -L${libpng:location}/lib -L${libuuid:location}/lib -Wl,-rpath -Wl,${libuuid:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -lpng -lz -lgnutls"
--disable-werror
environment =
PATH=${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${gnutls:location}/lib/pkgconfig:${glib:location}/lib/pkgconfig
PKG_CONFIG_PATH=${gnutls:location}/lib/pkgconfig:${glib:location}/lib/pkgconfig:${pixman:location}/lib/pkgconfig
component/zabbix/buildout.cfg
View file @
e13f7c63
...
...
@@ -4,8 +4,8 @@ parts =
[zabbix-agent]
recipe = slapos.recipe.cmmi
url = http://prdownloads.sourceforge.net/zabbix/zabbix-2.0.
1
.tar.gz?download
md5sum =
3b301aa4f2b7cb5ede46884b9c7873e1
url = http://prdownloads.sourceforge.net/zabbix/zabbix-2.0.
5
.tar.gz?download
md5sum =
0c0721c31889b63bce9aa556bcb927e8
configure-options =
--enable-agent
--enable-ipv6
setup.py
View file @
e13f7c63
...
...
@@ -28,7 +28,7 @@ from setuptools import setup, find_packages
import
glob
import
os
version
=
'0.7
6.1
.dev'
version
=
'0.7
7.2
.dev'
name
=
'slapos.cookbook'
long_description
=
open
(
"README.txt"
).
read
()
+
"
\
n
"
+
\
open
(
"CHANGES.txt"
).
read
()
+
"
\
n
"
...
...
slapos/recipe/apache_frontend/__init__.py
View file @
e13f7c63
...
...
@@ -36,6 +36,7 @@ import ConfigParser
import
re
import
traceback
TRUE_VALUES
=
[
'y'
,
'yes'
,
'1'
,
'true'
]
class
Recipe
(
BaseSlapRecipe
):
...
...
@@ -65,13 +66,13 @@ class Recipe(BaseSlapRecipe):
# self.cron_d is a directory, where cron jobs can be registered
self
.
cron_d
=
self
.
installCrond
()
self
.
logrotate_d
,
self
.
logrotate_backup
=
self
.
installLogrotate
()
self
.
killpidfromfile
=
zc
.
buildout
.
easy_install
.
scripts
(
[(
'killpidfromfile'
,
'slapos.
recipe.erp5
.killpidfromfile'
,
[(
'killpidfromfile'
,
'slapos.
toolbox
.killpidfromfile'
,
'killpidfromfile'
)],
self
.
ws
,
sys
.
executable
,
self
.
bin_directory
)[
0
]
self
.
path_list
.
append
(
self
.
killpidfromfile
)
rewrite_rule_list
=
[]
rewrite_rule_https_only_list
=
[]
rewrite_rule_zope_list
=
[]
rewrite_rule_zope_path_list
=
[]
slave_dict
=
{}
...
...
@@ -88,20 +89,16 @@ class Recipe(BaseSlapRecipe):
# Sanitize inputs
backend_url
=
slave_instance
.
get
(
"url"
,
None
)
reference
=
slave_instance
.
get
(
"slave_reference"
)
enable_cache
=
slave_instance
.
get
(
'enable_cache'
,
''
).
lower
()
in
TRUE_VALUES
slave_type
=
slave_instance
.
get
(
'type'
,
''
).
lower
()
or
None
if
slave_instance
.
haskey
(
"enable_cache"
):
enable_cache
=
slave_instance
.
get
(
"enable_cache"
,
""
).
upper
()
in
(
'1'
,
'TRUE'
)
else
:
enable_cache
=
False
if
slave_instance
.
haskey
(
"type"
):
slave_type
=
slave_instance
.
get
(
"type"
,
""
).
lower
()
else
:
slave_type
=
None
https_only
=
slave_instance
.
get
(
'https-only'
,
''
).
lower
()
in
TRUE_VALUES
# Set scheme (http? https?)
# Future work may allow to choose between http and https (or both?)
scheme
=
'http://'
if
https_only
:
scheme
=
'https://'
else
:
scheme
=
'http://'
self
.
logger
.
info
(
'Processing slave instance: %s'
%
reference
)
...
...
@@ -143,6 +140,10 @@ class Recipe(BaseSlapRecipe):
rewrite_rule
=
"%s %s"
%
(
domain
,
backend_url
)
# Finally, if successful, we add the rewrite rule to our list of rules
# We have 4 RewriteMaps:
# - One for generic (non-zope) websites, accepting both HTTP and HTTPS
# - One for generic websites that only accept HTTPS
# - Two for Zope-based websites
if
rewrite_rule
:
# We check if we have a zope slave. It requires different rewrite
# rule structure.
...
...
@@ -154,7 +155,10 @@ class Recipe(BaseSlapRecipe):
rewrite_rule_path
=
"%s %s"
%
(
domain
,
slave_instance
.
get
(
'path'
,
''
))
rewrite_rule_zope_path_list
.
append
(
rewrite_rule_path
)
else
:
rewrite_rule_list
.
append
(
rewrite_rule
)
if
https_only
:
rewrite_rule_https_only_list
.
append
(
rewrite_rule
)
else
:
rewrite_rule_list
.
append
(
rewrite_rule
)
# Certificate stuff
valid_certificate_str
=
self
.
parameter_dict
.
get
(
"domain_ssl_ca_cert"
)
...
...
@@ -186,6 +190,7 @@ class Recipe(BaseSlapRecipe):
plain_http_port
=
frontend_plain_http_port_number
,
name
=
frontend_domain_name
,
rewrite_rule_list
=
rewrite_rule_list
,
rewrite_rule_https_only_list
=
rewrite_rule_https_only_list
,
rewrite_rule_zope_list
=
rewrite_rule_zope_list
,
rewrite_rule_zope_path_list
=
rewrite_rule_zope_path_list
,
key
=
key
,
certificate
=
certificate
)
...
...
@@ -279,29 +284,6 @@ class Recipe(BaseSlapRecipe):
return
"%s http://%s:%s"
%
\
(
domain
,
varnish_ip
,
base_varnish_port
)
def
installLogrotate
(
self
):
"""Installs logortate main configuration file and registers its to cron"""
logrotate_d
=
os
.
path
.
abspath
(
os
.
path
.
join
(
self
.
etc_directory
,
'logrotate.d'
))
self
.
_createDirectory
(
logrotate_d
)
logrotate_backup
=
self
.
createBackupDirectory
(
'logrotate'
)
logrotate_conf
=
self
.
createConfigurationFile
(
"logrotate.conf"
,
"include %s"
%
logrotate_d
)
logrotate_cron
=
os
.
path
.
join
(
self
.
cron_d
,
'logrotate'
)
state_file
=
os
.
path
.
join
(
self
.
data_root_directory
,
'logrotate.status'
)
open
(
logrotate_cron
,
'w'
).
write
(
'0 0 * * * %s -s %s %s'
%
(
self
.
options
[
'logrotate_binary'
],
state_file
,
logrotate_conf
))
self
.
path_list
.
extend
([
logrotate_d
,
logrotate_conf
,
logrotate_cron
])
return
logrotate_d
,
logrotate_backup
def
registerLogRotation
(
self
,
name
,
log_file_list
,
postrotate_script
):
"""Register new log rotation requirement"""
open
(
os
.
path
.
join
(
self
.
logrotate_d
,
name
),
'w'
).
write
(
self
.
substituteTemplate
(
self
.
getTemplateFilename
(
'logrotate_entry.in'
),
dict
(
file_list
=
' '
.
join
([
'"'
+
q
+
'"'
for
q
in
log_file_list
]),
postrotate
=
postrotate_script
,
olddir
=
self
.
logrotate_backup
)))
def
requestCertificate
(
self
,
name
):
hash
=
hashlib
.
sha512
(
name
).
hexdigest
()
key
=
os
.
path
.
join
(
self
.
ca_private
,
hash
+
self
.
ca_key_ext
)
...
...
@@ -418,8 +400,7 @@ class Recipe(BaseSlapRecipe):
def
_getApacheConfigurationDict
(
self
,
name
,
ip_list
,
port
):
apache_conf
=
dict
()
apache_conf
[
'server_name'
]
=
name
apache_conf
[
'pid_file'
]
=
os
.
path
.
join
(
self
.
run_directory
,
name
+
'.pid'
)
apache_conf
[
'pid_file'
]
=
self
.
options
[
'pid-file'
]
apache_conf
[
'lock_file'
]
=
os
.
path
.
join
(
self
.
run_directory
,
name
+
'.lock'
)
apache_conf
[
'document_root'
]
=
os
.
path
.
join
(
self
.
data_root_directory
,
...
...
@@ -429,13 +410,8 @@ class Recipe(BaseSlapRecipe):
apache_conf
[
'ip_list'
]
=
ip_list
apache_conf
[
'port'
]
=
port
apache_conf
[
'server_admin'
]
=
'admin@'
apache_conf
[
'error_log'
]
=
os
.
path
.
join
(
self
.
log_directory
,
'frontend-apache-error.log'
)
apache_conf
[
'access_log'
]
=
os
.
path
.
join
(
self
.
log_directory
,
'frontend-apache-access.log'
)
self
.
registerLogRotation
(
name
,
[
apache_conf
[
'error_log'
],
apache_conf
[
'access_log'
]],
self
.
killpidfromfile
+
' '
+
apache_conf
[
'pid_file'
]
+
' SIGUSR1'
)
apache_conf
[
'error_log'
]
=
self
.
options
[
'error-log'
]
apache_conf
[
'access_log'
]
=
self
.
options
[
'access-log'
]
return
apache_conf
def
installVarnishCache
(
self
,
name
,
ip
,
port
,
control_port
,
backend_host
,
...
...
@@ -517,10 +493,13 @@ class Recipe(BaseSlapRecipe):
port
=
4443
,
plain_http_port
=
8080
,
rewrite_rule_list
=
None
,
rewrite_rule_zope_list
=
None
,
rewrite_rule_https_only_list
=
None
,
rewrite_rule_zope_path_list
=
None
,
access_control_string
=
None
):
if
rewrite_rule_list
is
None
:
rewrite_rule_list
=
[]
if
rewrite_rule_https_only_list
is
None
:
rewrite_rule_zope_path_list
=
[]
if
rewrite_rule_zope_list
is
None
:
rewrite_rule_zope_list
=
[]
if
rewrite_rule_zope_path_list
is
None
:
...
...
@@ -571,15 +550,22 @@ class Recipe(BaseSlapRecipe):
self
.
path_list
.
append
(
backup_cron
)
# Create configuration file and rewritemaps
apachemap_name
=
"apachemap.txt"
apachemapzope_name
=
"apachemapzope.txt"
apachemapzopepath_name
=
"apachemapzopepath.txt"
self
.
createConfigurationFile
(
apachemap_name
,
"
\
n
"
.
join
(
rewrite_rule_list
))
self
.
createConfigurationFile
(
apachemapzope_name
,
"
\
n
"
.
join
(
rewrite_rule_zope_list
))
self
.
createConfigurationFile
(
apachemapzopepath_name
,
"
\
n
"
.
join
(
rewrite_rule_zope_path_list
))
apachemap_path
=
self
.
createConfigurationFile
(
"apache_rewritemap_generic.txt"
,
"
\
n
"
.
join
(
rewrite_rule_list
)
)
apachemap_httpsonly_path
=
self
.
createConfigurationFile
(
"apache_rewritemap_httpsonly.txt"
,
"
\
n
"
.
join
(
rewrite_rule_https_only_list
)
)
apachemap_zope_path
=
self
.
createConfigurationFile
(
"apache_rewritemap_zope.txt"
,
"
\
n
"
.
join
(
rewrite_rule_zope_list
)
)
apachemap_zopepath_path
=
self
.
createConfigurationFile
(
"apache_rewritemap_zopepath.txt"
,
"
\
n
"
.
join
(
rewrite_rule_zope_path_list
)
)
apache_conf
=
self
.
_getApacheConfigurationDict
(
name
,
ip_list
,
port
)
apache_conf
[
'ssl_snippet'
]
=
self
.
substituteTemplate
(
...
...
@@ -606,9 +592,10 @@ class Recipe(BaseSlapRecipe):
apache_conf
.
update
(
**
dict
(
path_enable
=
path
,
apachemap_path
=
os
.
path
.
join
(
self
.
etc_directory
,
apachemap_name
),
apachemapzope_path
=
os
.
path
.
join
(
self
.
etc_directory
,
apachemapzope_name
),
apachemapzopepath_path
=
os
.
path
.
join
(
self
.
etc_directory
,
apachemapzopepath_name
),
apachemap_path
=
apachemap_path
,
apachemap_httpsonly_path
=
apachemap_httpsonly_path
,
apachemapzope_path
=
apachemap_zope_path
,
apachemapzopepath_path
=
apachemap_zopepath_path
,
apache_domain
=
name
,
https_port
=
port
,
plain_http_port
=
plain_http_port
,
...
...
slapos/recipe/apache_frontend/template/apache.conf.in
View file @
e13f7c63
...
...
@@ -60,8 +60,8 @@ BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
# The following directive disables redirects on non-GET requests for
# a directory that does not include the trailing slash. This fixes a
# problem with Microsoft WebFolders which does not appropriately handle
# a directory that does not include the trailing slash. This fixes a
# problem with Microsoft WebFolders which does not appropriately handle
# redirects for folders with DAV methods.
# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
...
...
@@ -84,7 +84,7 @@ MCacheRemovalAlgorithm LRU
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/x-javascript application/javascript
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent
...
...
@@ -104,10 +104,12 @@ Header append Vary User-Agent
# or changed when slapgrid is ran. It can be freely customized by node admin.
Include %(custom_apache_virtualhost_conf)s
# Define the two RewriteMaps (key -> value store): one for Zope, one generic
# Define the 3 RewriteMaps (key -> value store): one for Zope, one generic,
# one generic https only,
# containing: rewritten URL -> original URL (a.k.a VirtualHostBase in Zope)
RewriteMap apachemapzope txt:%(apachemapzope_path)s
RewriteMap apachemapgeneric txt:%(apachemap_path)s
RewriteMap apachemapgenerichttpsonly txt:%(apachemap_httpsonly_path)s
# Define another RewriteMap for Zope, containing:
# rewritten URL -> VirtualHostRoot
...
...
@@ -123,21 +125,32 @@ Header append Vary User-Agent
RewriteCond ${apachemapgeneric:%%{SERVER_NAME}} >""
# We suppose that Apache listens to 443 (even indirectly thanks to things like iptables)
RewriteRule ^/(.*)$ ${apachemapgeneric:%%{SERVER_NAME}}/$1 [L,P]
# Same for https only server
RewriteCond ${apachemapgenerichttpsonly:%%{SERVER_NAME}} >""
# We suppose that Apache listens to 443 (even indirectly thanks to things like iptables)
RewriteRule ^/(.*)$ ${apachemapgenerichttpsonly:%%{SERVER_NAME}}/$1 [L,P]
# If nothing exist : put a nice error
ErrorDocument 404 /notfound.html
</VirtualHost>
# Only accept generic (i.e not Zope) backends on http
<VirtualHost *:%(plain_http_port)s>
RewriteEngine On
SSLProxyEngine on
# Rewrite part
ProxyVia On
ProxyPreserveHost On
ProxyTimeout 600
RewriteEngine On
# Remove "Secure" from cookies, as backend may be https
Header edit Set-Cookie "(?i)^(.+);secure$" "$1"
# Include configuration file not operated by slapos. This file won't be erased
# or changed when slapgrid is ran. It can be freely customized by node admin.
Include %(custom_apache_virtualhost_conf)s
# We accept generic (i.e not lamp) backends on http
RewriteMap apachemapgeneric txt:%(apachemap_path)s
RewriteCond ${apachemapgeneric:%%{SERVER_NAME}} >""
RewriteRule ^/(.*)$ ${apachemapgeneric:%%{SERVER_NAME}}/$1 [L,P]
...
...
@@ -148,6 +161,7 @@ Header append Vary User-Agent
RewriteRule ^/(.*)$ https://%%{SERVER_NAME}%%{REQUEST_URI}
</VirtualHost>
# Include configuration file not operated by slapos. This file won't be erased
# or changed when slapgrid is ran. It can be freely customized by node admin.
Include %(custom_apache_conf)s
slapos/recipe/kvm_frontend/__init__.py
View file @
e13f7c63
...
...
@@ -107,7 +107,8 @@ class Recipe(GenericSlapRecipe):
http_redirect_server
=
''
config
=
dict
(
ip
=
self
.
options
[
'ip'
],
ipv6
=
self
.
options
[
'ipv6'
],
ipv4
=
self
.
options
[
'ipv4'
],
port
=
self
.
options
[
'port'
],
key
=
self
.
options
[
'ssl-key-path'
],
certificate
=
self
.
options
[
'ssl-cert-path'
],
...
...
slapos/recipe/kvm_frontend/template/kvm-proxy.js
View file @
e13f7c63
...
...
@@ -37,12 +37,13 @@ var fs = require('fs'),
httpProxy
=
require
(
'
http-proxy
'
),
proxyByUrl
=
require
(
'
proxy-by-url
'
);
var
listenInterface
=
process
.
argv
[
2
],
port
=
process
.
argv
[
3
],
sslKeyFile
=
process
.
argv
[
4
],
sslCertFile
=
process
.
argv
[
5
],
proxyTable
=
process
.
argv
[
6
],
redirect
=
process
.
argv
[
7
]
||
false
,
var
listenInterfacev6
=
process
.
argv
[
2
],
listenInterfacev4
=
process
.
argv
[
3
],
port
=
process
.
argv
[
4
],
sslKeyFile
=
process
.
argv
[
5
],
sslCertFile
=
process
.
argv
[
6
],
proxyTable
=
process
.
argv
[
7
],
redirect
=
process
.
argv
[
8
]
||
false
,
isRawIPv6
;
if
(
process
.
argv
.
length
<
7
)
{
...
...
@@ -50,11 +51,6 @@ if (process.argv.length < 7) {
process
.
exit
(
1
);
}
isRawIPv6
=
function
checkipv6
(
str
)
{
// Inspired by http://forums.intermapper.com/viewtopic.php?t=452
return
(
/^
\s
*
((([
0-9A-Fa-f
]{1,4}
:
){7}([
0-9A-Fa-f
]{1,4}
|:
))
|
(([
0-9A-Fa-f
]{1,4}
:
){6}(
:
[
0-9A-Fa-f
]{1,4}
|
((
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)(\.(
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)){3})
|:
))
|
(([
0-9A-Fa-f
]{1,4}
:
){5}(((
:
[
0-9A-Fa-f
]{1,4}){1,2})
|:
((
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)(\.(
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)){3})
|:
))
|
(([
0-9A-Fa-f
]{1,4}
:
){4}(((
:
[
0-9A-Fa-f
]{1,4}){1,3})
|
((
:
[
0-9A-Fa-f
]{1,4})?
:
((
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)(\.(
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)){3}))
|:
))
|
(([
0-9A-Fa-f
]{1,4}
:
){3}(((
:
[
0-9A-Fa-f
]{1,4}){1,4})
|
((
:
[
0-9A-Fa-f
]{1,4}){0,2}
:
((
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)(\.(
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)){3}))
|:
))
|
(([
0-9A-Fa-f
]{1,4}
:
){2}(((
:
[
0-9A-Fa-f
]{1,4}){1,5})
|
((
:
[
0-9A-Fa-f
]{1,4}){0,3}
:
((
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)(\.(
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)){3}))
|:
))
|
(([
0-9A-Fa-f
]{1,4}
:
){1}(((
:
[
0-9A-Fa-f
]{1,4}){1,6})
|
((
:
[
0-9A-Fa-f
]{1,4}){0,4}
:
((
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)(\.(
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)){3}))
|:
))
|
(
:
(((
:
[
0-9A-Fa-f
]{1,4}){1,7})
|
((
:
[
0-9A-Fa-f
]{1,4}){0,5}
:
((
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)(\.(
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)){3}))
|:
)))(
%.+
)?\s
*$/
.
test
(
str
));
}(
listenInterface
);
/**
* Dummy middleware that throws 404 not found. Does not contain websocket
* middleware.
...
...
@@ -69,7 +65,7 @@ var middlewareNotFound = function(req, res, proxy) {
/**
* Create server
*/
var
proxyServer
=
httpProxy
.
createServer
(
var
proxyServer
v6
=
httpProxy
.
createServer
(
// We declare our proxyByUrl middleware
proxyByUrl
(
proxyTable
),
// Then we add your dummy middleware, called when proxyByUrl doesn't find url.
...
...
@@ -87,42 +83,70 @@ var proxyServer = httpProxy.createServer(
)
},
source
:
{
host
:
listenInterface
,
host
:
listenInterface
v6
,
port
:
port
}}
);
var
proxyServerv4
=
httpProxy
.
createServer
(
// We declare our proxyByUrl middleware
proxyByUrl
(
proxyTable
),
// Then we add your dummy middleware, called when proxyByUrl doesn't find url.
middlewareNotFound
,
// And we set HTTPS options for server. HTTP will be forbidden.
{
https
:
{
key
:
fs
.
readFileSync
(
sslKeyFile
,
'
utf8
'
),
cert
:
fs
.
readFileSync
(
sslCertFile
,
'
utf8
'
)
},
source
:
{
host
:
listenInterfacev4
,
port
:
port
}}
);
console
.
log
(
'
HTTPS server starting and trying to listen on
'
+
listenInterface
+
'
:
'
+
port
);
listenInterface
v4
+
'
:
'
+
port
);
// Release the beast.
proxyServer
.
listen
(
port
,
listenInterface
);
proxyServerv6
.
listen
(
port
,
listenInterfacev6
);
proxyServerv4
.
listen
(
port
,
listenInterfacev4
);
// Dummy HTTP server redirecting to HTTPS. Only has sense if we can use port 80
if
(
redirect
===
'
1
'
)
{
console
.
log
(
'
HTTP redirect server starting and trying to listen on
'
+
listenInterface
+
'
:
'
+
httpPort
);
try
{
var
httpPort
=
80
;
http
.
createServer
(
function
(
req
,
res
)
{
var
url
;
if
(
isRawIPv6
===
true
)
{
url
=
'
https://[
'
+
listenInterface
+
'
]
'
;
}
else
{
url
=
'
https://
'
+
listenInterface
;
}
// If non standard port : need to specify it
if
(
port
!==
443
)
{
url
=
url
+
'
:
'
+
port
;
}
// Add last part of URL
url
=
url
+
req
.
url
;
console
.
log
(
url
);
// Anwser "permanently redirected"
res
.
statusCode
=
301
;
res
.
setHeader
(
'
Location
'
,
url
);
res
.
end
();
}).
listen
(
httpPort
,
listenInterface
);
}
catch
(
error
)
{
console
.
log
(
'
Couldn
\'
t start plain HTTP redirection server :
'
+
error
)
}
/*
*try {
* var httpPort = 80;
* http.createServer(function(req, res) {
* var url;
* if (isRawIPv6 === true) {
* url = 'https://[' + listenInterface + ']';
* } else {
* url = 'https://' + listenInterface;
* }
* // If non standard port : need to specify it
* if (port !== 443) {
* url = url + ':' + port;
* }
* // Add last part of URL
* url = url + req.url;
* console.log(url);
* // Anwser "permanently redirected"
* res.statusCode = 301;
* res.setHeader('Location', url);
* res.end();
* }).listen(httpPort, listenInterface);
* } catch (error) {
* console.log('Couldn\'t start plain HTTP redirection server : ' + error)
* }
*/
}
slapos/recipe/kvm_frontend/template/nodejs_run.in
View file @
e13f7c63
...
...
@@ -2,4 +2,4 @@
# BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically
export NODE_PATH=%(node_env)s
exec %(node_path)s %(conf_path)s %(ip)s %(port)s %(key)s %(certificate)s %(map_path)s %(plain_http)s
exec %(node_path)s %(conf_path)s %(ip
v6)s %(ipv4
)s %(port)s %(key)s %(certificate)s %(map_path)s %(plain_http)s
slapos/recipe/zabbixagent/__init__.py
View file @
e13f7c63
...
...
@@ -119,10 +119,13 @@ class Recipe(BaseSlapRecipe):
# self.cron_d is a directory, where cron jobs can be registered
self
.
cron_d
=
self
.
installCrond
()
self
.
logrotate_d
,
self
.
logrotate_backup
=
self
.
installLogrotate
()
zabbix_agentd_conf
=
self
.
installZabbixAgentd
(
self
.
getGlobalIPv6Address
(),
10050
,
self
.
parameter_dict
[
'hostname'
],
self
.
parameter_dict
[
'server'
])
zabbix_agentd_conf
=
self
.
installZabbixAgentd
(
self
.
getGlobalIPv6Address
(),
10050
,
self
.
parameter_dict
[
'hostname'
],
self
.
parameter_dict
[
'server'
],
self
.
parameter_dict
.
get
(
'custom-user-parameter'
,
''
)
)
self
.
setConnectionDict
(
dict
(
ip
=
zabbix_agentd_conf
[
'ip'
],
name
=
zabbix_agentd_conf
[
'hostname'
],
port
=
str
(
zabbix_agentd_conf
[
'port'
])))
...
...
software/apache-frontend/README.apache_frontend.txt
View file @
e13f7c63
...
...
@@ -118,6 +118,13 @@ Domain name to use as frontend. The frontend will be accessible from this domain
[instancereference].[masterdomain].
Example: www.mycustomdomain.com
https-only
~~~~~~~~~~
Specify if website should be accessed using https only. If so, the frontend
will redirect the user to https if accessed from http.
Possible values: "true", "false".
This is an optional parameter. Defaults to false.
path
~~~~
Only used if type is "zope".
...
...
software/apache-frontend/common.cfg
View file @
e13f7c63
...
...
@@ -3,6 +3,7 @@ extends =
../../component/binutils/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/apache/buildout.cfg
../../component/gzip/buildout.cfg
../../component/stunnel/buildout.cfg
../../component/varnish/buildout.cfg
../../component/dcron/buildout.cfg
...
...
@@ -38,14 +39,15 @@ recipe = zc.recipe.egg
eggs = ${instance-recipe:egg}
[eggs]
recipe = z
c.recipe.egg
recipe = z
3c.recipe.scripts
eggs =
${lxml-python:egg}
slapos.toolbox
[template]
# Default template for apache instance.
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg
md5sum =
fea902a2b9dbf8c80ff201bcf73f9396
md5sum =
e7b9f57da7eb1450fc15789e239388d4
output = ${buildout:directory}/template.cfg
mode = 0644
\ No newline at end of file
mode = 0644
software/apache-frontend/instance.cfg
View file @
e13f7c63
[buildout]
parts =
directory
instanc
e
apach
e
configtest
logrotate
logrotate-entry-apache
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
...
...
@@ -10,15 +12,23 @@ develop-eggs-directory = ${buildout:develop-eggs-directory}
# Create all needed directories
[directory]
recipe = slapos.cookbook:mkdirectory
bin = $${buildout:directory}/bin/
etc = $${buildout:directory}/etc/
var = $${buildout:directory}/var/
srv = $${buildout:directory}/srv/
bin = $${buildout:directory}/bin/
var = $${buildout:directory}/var/
backup = $${:srv}/backup
log = $${:var}/log
run = $${:var}/run
service = $${:etc}/service
logrotate-backup = $${:backup}/logrotate
logrotate-entries = $${:etc}/logrotate.d
# Deploy Apache (old way, with monolithic recipe)
[
instanc
e]
[
apach
e]
recipe = ${instance-recipe:egg}:${instance-recipe:module}
httpd_home = ${apache-2.2:location}
httpd_binary = ${apache-2.2:location}/bin/httpd
...
...
@@ -31,9 +41,40 @@ rdiff_backup_binary = ${buildout:bin-directory}/rdiff-backup
gcc_binary = gcc
binutils_directory = ${binutils:location}/bin/
access-log = $${directory:log}/frontend-apache-access.log
error-log = $${directory:log}/frontend-apache-error.log
pid-file = $${directory:run}/httpd.pid
# Create wrapper for "apachectl conftest" in bin
[configtest]
recipe = slapos.cookbook:wrapper
command-line = $${instance:httpd_binary} -f $${directory:etc}/apache_frontend.conf -t
output = $${directory:bin}/apache-configtest
command-line = $${apache:httpd_binary} -f $${directory:etc}/apache_frontend.conf -t
wrapper-path = $${directory:bin}/apache-configtest
# Deploy Logrotate
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
gzip-binary = ${gzip:location}/bin/gzip
gunzip-binary = ${gzip:location}/bin/gunzip
# Directories
wrapper = $${directory:bin}/logrotate
conf = $${directory:etc}/logrotate.conf
logrotate-entries = $${directory:logrotate-entries}
backup = $${directory:logrotate-backup}
state-file = $${directory:srv}/logrotate.status
[logrotate-entry-apache]
<= logrotate
recipe = slapos.cookbook:logrotate.d
name = apache
log = $${apache:error-log} $${apache:access-log}
frequency = daily
rotate-num = 30
post = ${buildout:bin-directory}/killpidfromfile $${apache:pid-file} SIGUSR1
sharedscripts = true
notifempty = true
create = true
software/apache-frontend/software.cfg
View file @
e13f7c63
...
...
@@ -4,67 +4,101 @@ extends = common.cfg
[versions]
Jinja2 = 2.6
Werkzeug = 0.8.3
apache-libcloud = 0.12.3
async = 0.6.1
buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.6
gitdb = 0.5.4
hexagonit.recipe.cmmi = 2.0
meld3 = 0.6.10
pycrypto = 2.6
rdiff-backup = 1.0.5
slapos.
cookbook = 0.71.1
slapos.recipe.
build = 0.11.5
slapos.
recipe.build = 0.11.6
slapos.recipe.
cmmi = 0.1
slapos.recipe.template = 2.4.2
slapos.toolbox = 0.34.0
smmap = 0.8.2
z3c.recipe.scripts = 1.0.1
# Required by:
# slapos.core==0.33.1
# slapos.core==0.35.1
# slapos.toolbox==0.34.0
Flask = 0.9
# Required by:
#
hexagonit.recipe.cmmi==1.6
hexagonit.recipe.download = 1.6nxd002
#
slapos.toolbox==0.34.0
GitPython = 0.3.2.RC1
# Required by:
# slapos.cookbook==0.71.1
# slapos.toolbox==0.34.0
atomize = 0.1.1
# Required by:
# slapos.toolbox==0.34.0
feedparser = 5.1.3
# Required by:
# slapos.cookbook==0.77.1
inotifyx = 0.2.0
# Required by:
# slapos.cookbook==0.7
1
.1
# slapos.core==0.3
3
.1
# slapos.cookbook==0.7
7
.1
# slapos.core==0.3
5
.1
# xml-marshaller==0.9.7
lxml = 3.
0
.2
lxml = 3.
1
.2
# Required by:
# slapos.cookbook==0.7
1
.1
# slapos.cookbook==0.7
7
.1
netaddr = 0.7.10
# Required by:
# slapos.core==0.3
3
.1
# slapos.core==0.3
5
.1
netifaces = 0.8
# Required by:
# slapos.
cookbook==0.71.1
p
ytz = 2012j
# slapos.
toolbox==0.34.0
p
aramiko = 1.10.1
# Required by:
# slapos.cookbook==0.71.1
# slapos.core==0.33.1
# slapos.toolbox==0.34.0
psutil = 0.7.0
# Required by:
# slapos.core==0.35.1
pyflakes = 0.7
# Required by:
# slapos.cookbook==0.77.1
pytz = 2013b
# Required by:
# slapos.cookbook==0.77.1
# slapos.core==0.35.1
# slapos.toolbox==0.34.0
# zc.buildout==1.6.0-dev-SlapOS-010
# zc.recipe.egg==1.3.2
setuptools = 0.6c12dev-r88846
# Required by:
# slapos.cookbook==0.71.1
slapos.core = 0.33.1
# slapos.cookbook==0.77.1
# slapos.toolbox==0.34.0
slapos.core = 0.35.1
# Required by:
# slapos.core==0.3
3
.1
# slapos.core==0.3
5
.1
supervisor = 3.0b1
# Required by:
# slapos.co
okbook==0.71
.1
xml-marshaller = 0.9.7
# slapos.co
re==0.35
.1
unittest2 = 0.5.1
# Required by:
# slapos.core==0.33.1
zope.interface = 4.0.3
# slapos.cookbook==0.77.1
# slapos.toolbox==0.34.0
xml-marshaller = 0.9.7
# Required by:
# slapos.core==0.35.1
zope.interface = 4.0.5
[networkcache]
# signature certificates of the following uploaders.
...
...
software/kvm/common.cfg
View file @
e13f7c63
...
...
@@ -56,6 +56,7 @@ recipe = plone.recipe.command
destination = ${buildout:parts-directory}/${:_buildout_section_name_}
location = ${buildout:parts-directory}/${:_buildout_section_name_}
command =
export HOME=${:location};
rm -fr ${:destination} &&
mkdir -p ${:destination} &&
cd ${:destination} &&
...
...
@@ -69,17 +70,10 @@ command =
[template-kvm]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-kvm.cfg.in
md5sum =
c0320447308299ec9caaeece4187bc1f
md5sum =
87197471aa93863c310204e8865b5ac1
output = ${buildout:directory}/template-kvm.cfg
mode = 0644
[template-kvmplus]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-kvmplus.cfg.in
md5sum = c8e92237eeda93caca1132b5202c3a02
output = ${buildout:directory}/template-kvmplus.cfg
mode = 0644
[template-nbd]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-nbd.cfg.in
...
...
@@ -90,13 +84,13 @@ mode = 0644
[template-frontend]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-frontend.cfg.in
md5sum =
73359b52013b1b65f75005e8698ed180
md5sum =
cdb690495e9eb007d2b7d2f8e12f5c59
output = ${buildout:directory}/template-frontend.cfg
mode = 0644
[template]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
md5sum =
68788763d23f70f24b9e575871c903a8
md5sum =
0a98e34aaec7097a84066c0665e3a49a
output = ${buildout:directory}/template.cfg
mode = 0644
software/kvm/development.cfg
View file @
e13f7c63
[buildout]
extends =
../../git/buildout.cfg
../../
component/
git/buildout.cfg
common.cfg
parts +=
slapos.cookbook-repository
slapos.core-repository
slapos.toolbox-repository
check-recipe
develop =
${:parts-directory}/slapos.cookbook-repository
${:parts-directory}/slapos.toolbox-repository
[slapos.cookbook-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.git
branch = slaprunner
branch = kvm
git-executable = ${git:location}/bin/git
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
branch = master
git-executable = ${git:location}/bin/git
[check-recipe]
...
...
@@ -24,3 +30,4 @@ stop-on-error = true
update-command = ${:command}
command =
grep parts ${buildout:develop-eggs-directory}/slapos.cookbook.egg-link &&
grep parts ${buildout:develop-eggs-directory}/slapos.toolbox.egg-link
software/kvm/instance-frontend.cfg.in
View file @
e13f7c63
...
...
@@ -11,7 +11,8 @@ parts =
cron-entry-logrotate
ca-frontend
certificate-authority
frontend-promise
frontend-promise-ipv6
frontend-promise-ipv4
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
...
...
@@ -47,7 +48,8 @@ logrotate-entries = $${rootdirectory:etc}/logrotate.d
recipe = slapos.cookbook:kvm.frontend
domain = $${ca-frontend:name}
# port = $${slap-parameter:port}
ip = $${slap-network-information:local-ipv4}
ipv6 = $${slap-network-information:global-ipv6}
ipv4 = $${slap-network-information:local-ipv4}
port = $${slap-parameter:port}
http-redirection = $${slap-parameter:http-redirection}
ssl-key-path = $${ca-frontend:key-file}
...
...
@@ -60,10 +62,16 @@ node-binary = ${nodejs:location}/bin/node
node-env = ${buildout:parts-directory}:${npm-modules:location}/node_modules
shell-path = ${dash:location}/bin/dash
[frontend-promise]
[frontend-promise
-ipv6
]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/frontend_promise
hostname = $${frontend-instance:ip}
hostname = $${frontend-instance:ipv6}
port = $${frontend-instance:port}
[frontend-promise-ipv4]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/frontend_promise
hostname = $${frontend-instance:ipv4}
port = $${frontend-instance:port}
[certificate-authority]
...
...
@@ -133,6 +141,7 @@ state-file = $${rootdirectory:srv}/logrotate.status
# Default value if no port is specified
port = 4443
http-redirection = 0
slave_instance_list =
# [logrotate-entry-frontend]
# <= logrotate
...
...
software/kvm/instance-kvm.cfg.in
View file @
e13f7c63
...
...
@@ -36,7 +36,7 @@ storage-path = $${directory:srv}/mac
[gen-passwd]
recipe = slapos.cookbook:generate.password
storage-path = $${directory:srv}/passwd
bytes =
4
bytes =
8
[kvm-instance]
# XXX-Cedric: change "KVM" recipe to simple "create wrappers". No need for this
...
...
@@ -135,7 +135,7 @@ key-file = $${slap-connection:key-file}
cert-file = $${slap-connection:cert-file}
computer-id = $${slap-connection:computer-id}
partition-id = $${slap-connection:partition-id}
name =
Slave
Frontend
name =
VNC
Frontend
software-type = $${slap-parameter:frontend-software-type}
slave = true
config = host port
...
...
@@ -162,7 +162,6 @@ curl_path = ${curl:location}/bin/curl
[slap-parameter]
# Default values if not specified
frontend-instance-guid = SOFTINST-11031
frontend-software-type = frontend
frontend-software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.92:/software/kvm/software.cfg
...
...
@@ -175,4 +174,4 @@ ram-size = 1024
disk-size = 10
disk-type = virtio
cpu-count = 1
\ No newline at end of file
cpu-count = 1
software/kvm/instance-kvmplus.cfg.in
deleted
100644 → 0
View file @
0e3ec32b
#############################
#
# Instanciate kvm+
#
#############################
# Deprecated. Just specify amount of RAM / disk you want in instance parameter.
[buildout]
extends = ${template-kvm:output}
[slap-parameter]
ram-size = 2048
disk-size = 20
\ No newline at end of file
software/kvm/instance.cfg.in
View file @
e13f7c63
...
...
@@ -10,7 +10,6 @@ offline = true
recipe = slapos.cookbook:softwaretype
default = ${template-kvm:output}
kvm = ${template-kvm:output}
kvm+ = ${template-kvmplus:output}
nbd = ${template-nbd:output}
frontend = ${template-frontend:output}
...
...
software/kvm/software.cfg
View file @
e13f7c63
...
...
@@ -143,4 +143,4 @@ xml-marshaller = 0.9.7
# Required by:
# slapos.core==0.35.1
zope.interface = 4.0.5
\ No newline at end of file
zope.interface = 4.0.5
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment