{% set use_ipv6 = slapparameter_dict.get('use-ipv6', False) -%} {% set next_port = itertools.count(slapparameter_dict['port-base']).next -%} {% set site_id = slapparameter_dict['site-id'] -%} {% set zodb_dict = slapparameter_dict['zodb-dict'] -%} {% set instance_index_list = range(slapparameter_dict['instance-count']) -%} {% set node_id_base = slapparameter_dict['name'] -%} {% set saucelabs_dict = slapparameter_dict.get('saucelabs-dict', None) -%} {% set node_id_index_format = '-%%0%ii' % (len(str(instance_index_list[-1])), ) -%} {% set part_list = [] -%} {% set publish_list = [] -%} {% set longrequest_logger_base_path = buildout_directory ~ '/var/log/longrequest_logger_' -%} {% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%} {% set bin_directory = parameter_dict['buildout-bin-directory'] -%} {# XXX: This template only supports exactly one IPv4 and one IPv6 per partition. No more (undefined result), no less (IndexError). -#} {% set ipv4 = (ipv4_set | list)[0] -%} {% set hosts_dict = {} -%} {% set port_dict = {} -%} {% for alias, url in ( ('erp5-memcached-volatile', slapparameter_dict['memcached-url']), ('erp5-memcached-persistent', slapparameter_dict['kumofs-url']), ('erp5-cloudooo', slapparameter_dict['cloudooo-url']), ('erp5-smtp', slapparameter_dict['smtp-url']), ) -%} {% set parsed_url = urlparse.urlparse(url) -%} {% do port_dict.__setitem__(alias, parsed_url.port) -%} {% do hosts_dict.__setitem__(alias, parsed_url.hostname) -%} {%- endfor %} {% for i, url in enumerate(slapparameter_dict['mysql-url-list']) -%} {% do hosts_dict.__setitem__( 'erp5-catalog-' ~ i, urlparse.urlparse(url).hostname, ) -%} {%- endfor %} {% do hosts_dict.update(slapparameter_dict['hosts-dict']) -%} [jinja2-template-base] recipe = slapos.recipe.template:jinja2 mode = 644 [run-common] <= userhosts-wrapper-base environment-extra = environment += TMP=${directory:tmp} TMPDIR=${directory:tmp} HOME=${buildout:directory} PATH=${binary-link:target-directory}:{{ parameter_dict['coreutils'] }}/bin TZ={{ slapparameter_dict['timezone'] }} MATPLOTLIBRC={{ parameter_dict['matplotlibrc'] }} INSTANCE_HOME=${:instance-home} {% if slapparameter_dict.get('wendelin-core-zblk-fmt') %} WENDELIN_CORE_ZBLK_FMT={{ slapparameter_dict['wendelin-core-zblk-fmt'] }} {% endif %} ${:environment-extra} [test-certificate-authority] recipe = slapos.cookbook:certificate_authority openssl-binary = ${binary-link:target-directory}/openssl ca-dir = ${directory:test-ca-dir} requests-directory = ${directory:test-ca-requests} wrapper = ${directory:services}/test-ca ca-private = ${directory:test-ca-private} ca-certs = ${directory:test-ca-certs} ca-newcerts = ${directory:test-ca-newcerts} ca-crl = ${directory:test-ca-crl} {% if saucelabs_dict -%} [test-zelenium-runner-parameter] configuration = {{ dumps(saucelabs_dict) }} user = {{ dumps(slapparameter_dict['inituser-login']) }} password = {{ dumps(slapparameter_dict['inituser-password']) }} [{{ section('test-zelenium-runner') }}] recipe = slapos.recipe.template:jinja2 template = {{ parameter_dict['run-zelenium-template'] }} rendered = ${directory:bin}/runTestSuite extensions = jinja2.ext.do context = import json_module json key configuration test-zelenium-runner-parameter:configuration key user test-zelenium-runner-parameter:user key password test-zelenium-runner-parameter:password {% else -%} {% if slapparameter_dict['mysql-test-url-list'] -%} [{{ section('run-unit-test-userhosts-wrapper') }}] <= userhosts-wrapper-base wrapped-command-line = ${runUnitTest:wrapper-path} wrapper-path = ${buildout:bin-directory}/runUnitTest [{{ section('run-test-suite-userhosts-wrapper') }}] <= userhosts-wrapper-base wrapped-command-line = ${runTestSuite:wrapper-path} wrapper-path = ${buildout:bin-directory}/runTestSuite {% set connection_string_list = [] -%} {% for url in slapparameter_dict['mysql-test-url-list'] -%} {% set parsed_url = urlparse.urlparse(url) -%} {% do connection_string_list.append( '%s@%s:%s %s %s' % ( parsed_url.path.lstrip('/'), parsed_url.hostname, parsed_url.port, parsed_url.username, parsed_url.password, ), ) -%} {% endfor -%} [run-test-common] < = run-common environment-extra = REAL_INSTANCE_HOME=${:instance-home} OPENSSL_BINARY=${test-certificate-authority:openssl-binary} TEST_CA_PATH=${test-certificate-authority:ca-dir} instance-home = ${directory:unit-test-path} wrapper-path = ${directory:bin}/${:command-name}.real command-line = '{{ parameter_dict['bin-directory'] }}/${:command-name}' ${:command-line-extra} --conversion_server_url={{ slapparameter_dict['cloudooo-url'] }} --conversion_server_retry_count={{ slapparameter_dict.get('cloudooo-retry-count', 2) }} {#- BBB: We still have test suites that only accept the following 2 options. #} --conversion_server_hostname=erp5-cloudooo --conversion_server_port={{ port_dict['erp5-cloudooo'] }} --volatile_memcached_server_hostname=erp5-memcached-volatile --volatile_memcached_server_port={{ port_dict['erp5-memcached-volatile'] }} --persistent_memcached_server_hostname=erp5-memcached-persistent --persistent_memcached_server_port={{ port_dict['erp5-memcached-persistent'] }} [{{ section('runUnitTest') }}] < = run-test-common command-name = runUnitTest command-line-extra = --erp5_sql_connection_string '{{ connection_string_list[0] }}' --extra_sql_connection_string_list '{{ ','.join(connection_string_list[1:]) }}' [{{ section('runTestSuite') }}] < = run-test-common command-name = runTestSuite command-line-extra = --db_list '{{ ','.join(connection_string_list) }}' {%- endif %} {%- endif %} [directory] recipe = slapos.cookbook:mkdirectory bin = ${buildout:directory}/bin etc = ${buildout:directory}/etc instance = ${:srv}/erp5shared instance-constraint = ${:instance}/Constraint instance-document = ${:instance}/Document instance-etc = ${:instance}/etc instance-etc-package-include = ${:instance}/etc/package-include instance-extensions = ${:instance}/Extensions instance-import = ${:instance}/import instance-lib = ${:instance}/lib instance-products = ${:instance}/Products instance-propertysheet = ${:instance}/PropertySheet instance-tests = ${:instance}/tests log = ${:var}/log run = ${:var}/run services = ${:etc}/run service-on-watch = ${:etc}/service srv = ${buildout:directory}/srv tmp = ${buildout:directory}/tmp var = ${buildout:directory}/var promises = ${:etc}/promise unit-test-path = ${:srv}/test-instance/unit_test test-ca-dir = ${:srv}/test-ca test-ca-requests = ${:test-ca-dir}/requests test-ca-private = ${:test-ca-dir}/private test-ca-certs = ${:test-ca-dir}/certs test-ca-newcerts = ${:test-ca-dir}/newcerts test-ca-crl = ${:test-ca-dir}/crl ca-dir = ${:srv}/ca ca-requests = ${:ca-dir}/requests ca-private = ${:ca-dir}/private ca-certs = ${:ca-dir}/certs ca-newcerts = ${:ca-dir}/newcerts ca-crl = ${:ca-dir}/crl [binary-link] recipe = slapos.cookbook:symbolic.link target-directory = ${directory:bin} link-binary = {{ dumps(parameter_dict['link-binary']) }} [certificate-authority-common] requests-directory = ${directory:ca-requests} ca-dir = ${directory:ca-dir} ca-private = ${directory:ca-private} ca-certs = ${directory:ca-certs} ca-newcerts = ${directory:ca-newcerts} ca-crl = ${directory:ca-crl} [{{ section('certificate-authority') }}] < = certificate-authority-common recipe = slapos.cookbook:certificate_authority openssl-binary = ${binary-link:target-directory}/openssl wrapper = ${directory:services}/ca {% if use_ipv6 -%} {% set ipv6 = (ipv6_set | list)[0] -%} [ipv6toipv4-base] recipe = slapos.cookbook:ipv6toipv4 runner-path = ${directory:services}/${:base-name} 6tunnel-path = {{ parameter_dict['6tunnel'] }}/bin/6tunnel shell-path = {{ parameter_dict['dash'] }}/bin/dash ipv4 = {{ ipv4 }} ipv6 = {{ ipv6 }} {% endif -%} [hosts-parameter] # Used for both hosts and hostaliases sections. host-dict = {{ dumps(hosts_dict) }} hostalias-dict = {{ dumps(slapparameter_dict['hostalias-dict']) }} # Note: there is a subtle difference between hosts and hostaliases files: # - hosts files start with resolved, followed by alias(es) (only one alias per # line in this case) # - hostaliases start with alias, followed by resolved # ...so it's not possible to merge these templates (not a big deal anyway). [hostaliases] < = jinja2-template-base template = inline: {{ ' {% for alias, aliased in host_dict.items() -%} {{ alias }} {{ aliased }} {% endfor %} ' }} rendered = ${directory:etc}/hostaliases context = key host_dict hosts-parameter:hostalias-dict [hosts] < = jinja2-template-base template = inline: {{ ' {% for alias, aliased in host_dict.items() -%} {{ aliased }} {{ alias }} {% endfor %} ' }} rendered = ${directory:etc}/hosts context = key host_dict hosts-parameter:host-dict [userhosts-wrapper-base] recipe = slapos.cookbook:wrapper environment = HOSTALIASES=${hostaliases:rendered} HOSTS=${hosts:rendered} command-line = '{{ parameter_dict['userhosts'] }}' ${:wrapped-command-line} {# Hack to deploy SSL certs via instance parameters -#} {% for zodb in zodb_dict.itervalues() -%} {% set storage_dict = zodb.setdefault('storage-dict', {}) -%} {% if zodb['type'] == 'neo' and storage_dict.get('ssl', 1) -%} {% for k, v in (('_ca', 'ca.crt'), ('_cert', 'neo.crt'), ('_key', 'neo.key')) -%} {% if k in storage_dict -%} [{{ section('neo-ssl-' + k[1:]) }}] < = jinja2-template-base rendered = ${directory:etc}/{{v}} template = inline:{{'{{'}}pem}} context = key pem :pem pem = {{dumps(storage_dict.pop(k))}} {% endif -%} {% endfor -%} {% endif -%} {% endfor -%} {# endhack -#} [runzope-base] <= run-common instance-home = ${directory:instance} wrapped-command-line = '{{ bin_directory }}/runzope' -C '${:configuration-file}' private-dev-shm = {{ slapparameter_dict['private-dev-shm'] }} [{{ section('zcml') }}] recipe = slapos.cookbook:copyfilelist target-directory = ${directory:instance-etc} file-list = {{ parameter_dict['site-zcml'] }} [{{ section('zope-inituser') }}] < = jinja2-template-base rendered = ${directory:instance}/inituser template = inline:{{ slapparameter_dict['inituser-login'] }}:{SHA}{{ hashlib.sha1(slapparameter_dict['inituser-password']).digest().encode('base64').rstrip() }} mode = 600 once = ${:rendered}_done [zope-conf-parameter-base] ip = {{ ipv4 }} site-id = {{ site_id }} {% if site_id -%} mysql-url = {{ slapparameter_dict['mysql-url-list'][0] }} inituser = {{ slapparameter_dict['inituser-login'] }} {% set mysql = urlparse.urlsplit(slapparameter_dict['mysql-url-list'][0]) -%} sql-connection-string = {{ '%s@erp5-catalog-0:%s %s %s' % ( mysql.path.split('/')[1], mysql.port, mysql.username, mysql.password) }} bt5 = {{ slapparameter_dict['bt5'] }} bt5-repository-url = {{ slapparameter_dict['bt5-repository-url'] }} id-store-interval = {{ dumps(slapparameter_dict['id-store-interval']) }} home = ${buildout:directory} # We only want to change the hostname to 'erp5-cloudooo' if we use the internal # cloudooo. We plan to remove the ability to have an internal one, so this # heuristic is enough. {% set cloudooo = urlparse.urlsplit(slapparameter_dict['cloudooo-url']) -%} cloudooo-url = {{ (cloudooo if cloudooo.port == None else cloudooo._replace(netloc='erp5-cloudooo:%s' % cloudooo.port)).geturl() }} {% endif -%} {% set zeo_dict = slapparameter_dict.get('zodb-zeo', {}) -%} {% for name, zodb in zodb_dict.iteritems() -%} {% set storage_dict = zodb.setdefault('storage-dict', {}) -%} {% if zodb['type'] == 'zeo' -%} {% do storage_dict.update(zeo_dict.get(name, ())) -%} {% else -%} {% if name == slapparameter_dict.get('neo-name') -%} {% do storage_dict.update(master_nodes=slapparameter_dict['neo-masters'], name=slapparameter_dict['neo-cluster']) -%} {% endif -%} {{ assert(storage_dict['master_nodes'], name) }} {% if storage_dict.pop('ssl', 1) -%} {% do storage_dict.update(ca='~/etc/ca.crt', cert='~/etc/neo.crt', key='~/etc/neo.key') -%} {% endif -%} {% endif -%} {% endfor -%} developer-list = {{ dumps(slapparameter_dict['developer-list']) }} instance = ${directory:instance} instance-products = ${directory:instance-products} deadlock-path = /manage_debug_threads deadlock-debugger-password = {{ dumps(slapparameter_dict['deadlock-debugger-password']) }} {% if slapparameter_dict.get('tidstorage-ip') -%} tidstorage-ip = {{ dumps(slapparameter_dict['tidstorage-ip']) }} tidstorage-port = {{ dumps(slapparameter_dict['tidstorage-port']) }} {% endif -%} {% set thread_amount = slapparameter_dict['thread-amount'] -%} {% set large_file_threshold = slapparameter_dict['large-file-threshold'] -%} thread-amount = {{ thread_amount }} {% set webdav = slapparameter_dict['webdav'] -%} webdav = {{ dumps(webdav) }} {% if webdav -%} {% set timerserver_interval = 0 -%} {% else -%} {% set timerserver_interval = slapparameter_dict['timerserver-interval'] -%} {%- endif %} timerserver-interval = {{ dumps(timerserver_interval) }} [zope-conf-base] < = jinja2-template-base template = {{ parameter_dict['zope-conf-template'] }} {% macro zope( index, port, longrequest_logger_timeout, longrequest_logger_interval ) -%} {% set name = 'zope-' ~ index -%} {% set conf_name = name ~ '-conf' -%} {% set conf_parameter_name = conf_name ~ '-param' -%} {% set zope_tunnel_section_name = name ~ '-ipv6toipv4' -%} {% set zope_tunnel_base_name = zope_tunnel_section_name -%} [{{ conf_parameter_name }}] < = zope-conf-parameter-base pid-file = ${directory:run}/{{ name }}.pid lock-file = ${directory:run}/{{ name }}.lock port = {{ port }} event-log = ${directory:log}/{{ name }}-event.log z2-log = ${directory:log}/{{ name }}-Z2.log node-id = {{ dumps(node_id_base ~ (node_id_index_format % index)) }} {% set log_list = [] -%} {% set import_set = set() -%} {% for db_name, zodb in zodb_dict.iteritems() -%} {% do zodb.setdefault('pool-size', thread_amount) -%} {% if zodb['type'] == 'neo' -%} {% do import_set.add('neo.client') -%} {% set log = name ~ '-neo-' ~ db_name ~ '.log' -%} {% do log_list.append('${directory:log}/' + log) -%} {% do zodb['storage-dict'].update(logfile='~/var/log/'+log) -%} {% endif -%} {% endfor -%} import-list = {{ dumps(list(import_set)) }} zodb-dict = {{ dumps(zodb_dict) }} large-file-threshold = {{ large_file_threshold }} {% if longrequest_logger_interval > 0 -%} longrequest-logger-file = {{ longrequest_logger_base_path ~ name ~ ".log" }} longrequest-logger-timeout = {{ longrequest_logger_timeout }} longrequest-logger-interval = {{ longrequest_logger_interval }} {% else -%} longrequest-logger-file = {% endif -%} [{{ conf_name }}] < = zope-conf-base rendered = ${directory:etc}/{{ name }}.conf extensions = jinja2.ext.do context = section parameter_dict {{ conf_parameter_name }} import os os [{{ section(name) }}] < = runzope-base wrapper-path = ${directory:service-on-watch}/{{ name }} configuration-file = {{ '${' ~ conf_name ~ ':rendered}' }} [{{ section("promise-" ~ name) }}] recipe = slapos.cookbook:check_port_listening hostname = {{ ipv4 }} port = {{ port }} path = ${directory:promises}/{{ name }} {% set extra_path_list = [] -%} {% set shell_escaped_extra_path_list = [] -%} {% for line in parameter_dict['extra-path-list'].splitlines() -%} {% set line = line.strip() -%} {% do extra_path_list.append(line) -%} {% do shell_escaped_extra_path_list.append(line.replace("\x27", "\x27\\\x27\x27")) -%} {% endfor -%} [{{ section("promise-" ~ name ~ "-is-running-actual-product") }}] recipe = slapos.cookbook:wrapper command-line = '{{ parameter_dict['bin-directory'] }}/is-process-older-than-dependency-set' '{{ "${" ~ conf_parameter_name ~ ":pid-file}" }}' {{ " ".join(shell_escaped_extra_path_list) }} wrapper-path = ${directory:promises}/{{ name }}-is-running-actual-product {% if use_ipv6 -%} [{{ zope_tunnel_section_name }}] < = ipv6toipv4-base base-name = {{ zope_tunnel_base_name }} ipv6-port = {{ port }} ipv4-port = {{ port }} {% do publish_list.append(("[" ~ ipv6 ~ "]:" ~ port, thread_amount, webdav)) -%} [{{ section("promise-tunnel-" ~ name) }}] recipe = slapos.cookbook:check_port_listening hostname = {{ '${' ~ zope_tunnel_section_name ~ ':ipv6}' }} port = {{ '${' ~ zope_tunnel_section_name ~ ':ipv6-port}' }} path = ${directory:promises}/{{ zope_tunnel_base_name }} {% else -%} {% do publish_list.append((ipv4 ~ ":" ~ port, thread_amount, webdav)) -%} {% endif -%} [{{ section('logrotate-entry-' ~ name) }}] < = logrotate-entry-base name = {{ name }} log = {{ '${' ~ conf_parameter_name ~ ':event-log}' }} {{ '${' ~ conf_parameter_name ~ ':z2-log}' }} {{ '${' ~ conf_parameter_name ~ ':longrequest-logger-file}' }} {{ ' '.join(log_list) }} post = test ! -s {{ '${' ~ conf_parameter_name ~ ':pid-file}' }} || {{ bin_directory }}/slapos-kill --pidfile {{ '${' ~ conf_parameter_name ~ ':pid-file}' }} -s USR2 {% endmacro -%} {% for i in instance_index_list -%} {{ zope( i, next_port(), slapparameter_dict['longrequest-logger-timeout'], slapparameter_dict['longrequest-logger-interval'], ) }} {% endfor -%} [publish] recipe = slapos.cookbook:publish.serialised zope-address-list = {{ dumps(publish_list) }} {# Note: hosts_dist is generated at zope level rather than at erp5 (root partition) level, as it is easier: we can access urls as python values trivially here. This has the downside of making each zope partition publish the (hopefuly) same dict toward erp5 partition, violating the DRY principle and making the intent hard to guess. -#} hosts-dict = {{ dumps(hosts_dict) }} monitor-base-url = ${monitor-publish-parameters:monitor-base-url} [monitor-instance-parameter] monitor-httpd-ipv6 = {{ (ipv6_set | list)[0] }} monitor-httpd-port = {{ next_port() }} monitor-title = {{ slapparameter_dict['name'] }} password = {{ slapparameter_dict['monitor-passwd'] }} [buildout] extends = {{ logrotate_cfg }} {{ parameter_dict['template-monitor'] }} parts += {{ part_list | join('\n ') }} publish