[buildout] parts = resiliency urls stunnel certificate-authority ca-stunnel logrotate logrotate-entry-stunnel logrotate-entry-cron logrotate-entry-equeue cron cron-entry-logrotate sshkeys-authority dropbear-server sshkeys-dropbear dropbear-server-pbs-authorized-key notifier # adds the resiliency script for the bully algorithm [resiliency] recipe = slapos.cookbook:addresiliency script = $${basedirectory:script} run = $${basedirectory:services} # sets up an rdiff-backup server (with a dropbear server for ssh) [urls] ssh-public-key = $${sshkeys-dropbear:public-key-value} ssh-url = ssh://nobody@[$${dropbear-server:host}]:$${dropbear-server:port}/$${rdiff-backup-server:path} [sshkeys-directory] recipe = slapos.cookbook:mkdirectory requests = $${directory:sshkeys}/requests/ keys = $${directory:sshkeys}/keys/ [sshkeys-authority] recipe = slapos.cookbook:sshkeys_authority request-directory = $${sshkeys-directory:requests} keys-directory = $${sshkeys-directory:keys} wrapper = $${basedirectory:services}/sshkeys_authority keygen-binary = ${dropbear:location}/bin/dropbearkey [sshkeys-dropbear] <= sshkeys-authority recipe = slapos.cookbook:sshkeys_authority.request name = dropbear type = rsa executable = $${dropbear-server:wrapper} public-key = $${dropbear-server:rsa-keyfile}.pub private-key = $${dropbear-server:rsa-keyfile} wrapper = $${basedirectory:services}/sshd [dropbear-server] recipe = slapos.cookbook:dropbear host = $${slap-network-information:global-ipv6} port = 2222 home = $${directory:ssh} wrapper = $${rootdirectory:bin}/raw_sshd shell = $${rdiff-backup-server:wrapper} rsa-keyfile = $${directory:ssh}/server_key.rsa dropbear-binary = ${dropbear:location}/sbin/dropbear [dropbear-server-pbs-authorized-key] <= dropbear-server recipe = slapos.cookbook:dropbear.add_authorized_key key = $${slap-parameter:authorized-key} [rdiff-backup-server] recipe = slapos.cookbook:pbs client = false path = $${directory:backup} wrapper = $${rootdirectory:bin}/rdiffbackup-server rdiffbackup-binary = ${buildout:bin-directory}/rdiff-backup ## Sets up the execution queue for the notifier [logrotate-entry-equeue] <= logrotate recipe = slapos.cookbook:logrotate.d name = equeue log = $${equeue:log} frequency = daily rotate-num = 30 [equeue] recipe = slapos.cookbook:equeue socket = $${basedirectory:run}/equeue.sock log = $${basedirectory:log}/equeue.log database = $${rootdirectory:srv}/equeue.db wrapper = $${basedirectory:services}/equeue equeue-binary = ${buildout:bin-directory}/equeue ## notifier.notify adds the [exporter, notifier] to the execution queue ## notifier.notify.callback sets up a callback [notifier] recipe = slapos.cookbook:notifier feeds = $${directory:notifier-feeds} callbacks = $${directory:notifier-callbacks} id-file = $${rootdirectory:etc}/notifier.id equeue-socket = $${equeue:socket} host = $${slap-network-information:global-ipv6} port = 8080 wrapper = $${basedirectory:services}/notifier server-binary = ${buildout:bin-directory}/pubsubserver notifier-binary = ${buildout:bin-directory}/pubsubnotifier [basedirectory] script = $${rootdirectory:etc}/script/ services = $${rootdirectory:etc}/run/ cache = $${rootdirectory:var}/cache/ notifier = $${rootdirectory:etc}/notifier/ [directory] backup = $${basedirectory:backup}/$${slap-parameter:namebase} ssh = $${rootdirectory:etc}/ssh/ sshkeys = $${rootdirectory:srv}/sshkeys notifier-feeds = $${basedirectory:notifier}/feeds/ notifier-callbacks = $${basedirectory:notifier}/callbacks/ script = $${basedirectory:script}