instance-runner.cfg 25.7 KB
Newer Older
1 2
[buildout]
parts =
3 4 5 6
  nginx_conf
  nginx-launcher
  certificate-authority
  ca-nginx
7 8
  gunicorn-launcher
  gunicorn-graceful
9
  sshkeys-dropbear-runner
10
  dropbear-server-add-authorized-key
11
  sshkeys-authority
12
  publish-connection-information
13 14
  slaprunner-promise
  slaprunner-frontend-promise
15 16
  apache-httpd-promise
  httpd-frontend-promise
17
  slaprunner-supervisord-wrapper
18
  dropbear-promise
19
  runtestsuite
20
  symlinks
21
  shellinabox
22
  slapos-cfg
23
  slapos-repo
24
  cron-entry-prepare-software
25
  deploy-instance-parameters
26
  instance-software
27
  instance-software-type
28
  minishell-cwd
29
  bash-profile
30
  supervisord-wrapper
31
  supervisord-promise
32
  httpd-graceful-wrapper
33
{% if slapparameter_dict.get('custom-frontend-backend-url') and slapparameter_dict.get('check-custom-frontend-promise', 'false') == 'true' %}
34 35
  custom-frontend-promise
{% endif %}
36
## Monitoring part
37

38
  monitor-check-webrunner-internal-instance
39

40
extends = ${monitor2-template:rendered}
41 42 43 44 45

eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true

46 47
{% if slapparameter_dict.get('custom-frontend-backend-url') -%}
[request-custom-frontend]
48
recipe = slapos.cookbook:requestoptional
49
software-url = {{ slapparameter_dict.get('custom-frontend-software-url', 'http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg') }}
50 51 52 53
software-type = {{ slapparameter_dict.get('custom-frontend-software-type', 'RootSoftwareInstance') }}
slave = true
name = Custom Web Frontend

54 55 56 57 58
server-url = $${slap-connection:server-url}
key-file = $${slap-connection:key-file}
cert-file = $${slap-connection:cert-file}
computer-id = $${slap-connection:computer-id}
partition-id = $${slap-connection:partition-id}
59

60
{% if slapparameter_dict.get('custom-frontend-instance-guid') -%}
61
sla-instance_guid = $${slap-parameter:frontend-instance-guid}
62 63
{% endif -%}

64 65
{% set custom_frontend_backend_type = slapparameter_dict.get('custom-frontend-backend-type') -%}
{% if custom_frontend_backend_type -%}
66 67
config-type = {{ custom_frontend_backend_type }}
{% endif -%}
68
config-url = {{ slapparameter_dict.get('custom-frontend-backend-url') }}
69
return = site_url domain
70 71 72

[custom-frontend-promise]
recipe = slapos.cookbook:check_url_available
73 74 75 76 77
path = $${directory:promises}/custom_frontend_promise
url = https://$${request-custom-frontend:connection-domain}
{% if slapparameter_dict.get('custom-frontend-basic-auth') -%}
check-secure = 1
{% endif -%}
78 79 80
dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }}

81
[publish-connection-information]
82
custom-frontend-url = https://$${request-custom-frontend:connection-domain}
83
{% endif %}
84

85
# Create all needed directories
86
[directory]
87
recipe = slapos.cookbook:mkdirectory
88 89 90 91 92 93
home = $${buildout:directory}
etc = $${:home}/etc/
var = $${:home}/var/
srv = $${:home}/srv/
bin = $${:home}/bin/
tmp = $${:home}/tmp/
94

95 96 97 98 99 100 101 102 103
sshkeys = $${:srv}/sshkeys
services = $${:etc}/service/
scripts = $${:etc}/run/
ssh = $${:etc}/ssh/
log = $${:var}/log/
run = $${:var}/run/
backup = $${:srv}/backup/
promises = $${:etc}/promise/
test = $${:etc}/test/
104
nginx-data = $${:srv}/nginx
105
ca-dir = $${:srv}/ssl
106
project = $${:srv}/runner/project
107 108 109

[runnerdirectory]
recipe = slapos.cookbook:mkdirectory
110 111
home = $${directory:srv}/runner/
test = $${directory:srv}/test/
112
project = $${:home}/project
113
public = $${:home}/public
114 115
software-root = $${:home}/software
instance-root = $${:home}/instance
116 117 118
project-test = $${:test}/project
software-test = $${:test}/software
instance-test = $${:test}/instance
119
sessions = $${buildout:directory}/.sessions
120 121
private-project = $${:home}/.git-private
public-project = $${:home}/.git-public
122

123 124
#Create password recovery code for slaprunner
[recovery-code]
125
recipe = slapos.cookbook:generate.password
126
storage-path = $${directory:etc}/.rcode
127
bytes = 8
128

129
[slaprunner]
130
slaprunner = ${buildout:directory}/bin/slaprunner
131
slapos = ${buildout:directory}/bin/slapos
132 133
slapproxy = ${buildout:directory}/bin/slapproxy
supervisor = ${buildout:directory}/bin/slapgrid-supervisorctl
134
git-binary = ${git:location}/bin/git
135
root_check = false
136
slapos.cfg = $${directory:etc}/slapos.cfg
137 138
working-directory = $${runnerdirectory:home}
project-directory = $${runnerdirectory:project}
139 140
instance_root = $${runnerdirectory:instance-root}
software_root = $${runnerdirectory:software-root}
141
instance-monitor-url = https://[$${:ipv6}]:$${monitor-parameters:port}
142 143 144
etc_dir = $${directory:etc}
log_dir =  $${directory:log}
run_dir = $${directory:run}
145 146 147
ssh_client = $${sshkeys-dropbear-runner:wrapper}
public_key = $${sshkeys-dropbear-runner:public-key}
private_key = $${sshkeys-dropbear-runner:private-key}
148 149
ipv4 = $${slap-network-information:local-ipv4}
ipv6 = $${slap-network-information:global-ipv6}
150
instance_root = $${runnerdirectory:instance-root}
Jean-Baptiste Petre's avatar
Jean-Baptiste Petre committed
151
proxy_port = 50000
152
runner_port = 50005
153
partition-amount = $${slap-parameter:instance-amount}
154
wrapper = $${directory:services}/slaprunner
155
debug = $${slap-parameter:debug}
156
access-url = https://[$${:ipv6}]:$${:runner_port}
157
supervisord_config = $${directory:etc}/supervisord.conf
158
supervisord_server = http://$${supervisord:server}
159
proxy_database = $${slaprunner:working-directory}/proxy.db
160 161 162
console = False
verbose = False
debug = False
163 164 165
auto_deploy = $${slap-parameter:auto-deploy}
auto_deploy_instance = $${slap-parameter:auto-deploy-instance}
autorun = $${slap-parameter:autorun}
166
knowledge0_file = $${monitor-instance-parameter:configuration-file-path}
167
minishell_cwd_file = $${directory:etc}/.minishell-cwd
168
minishell_history_file = $${directory:etc}/.minishell_history
169 170
software_info_json = $${runnerdirectory:home}/software_info.json
instance_info_json = $${runnerdirectory:home}/instance_info.json
171
path = $${shell:path}
172
instance_name = $${slap-parameter:instance-name}
173

174 175 176 177 178 179 180 181 182 183 184

#---------------------------
#--
#-- supervisord managing slaprunner instance processes
[slaprunner-supervisord-wrapper]
recipe = slapos.cookbook:wrapper
# XXX hardcoded locations
command-line = $${buildout:directory}/bin/slapos node supervisord --cfg $${directory:etc}/slapos.cfg -n
wrapper-path = $${directory:services}/slaprunner-supervisord


185 186
[test-runner]
<= slaprunner
187
slapos.cfg = $${directory:etc}/slapos-test.cfg
188 189
working-directory = $${runnerdirectory:test}
project-directory = $${runnerdirectory:project-test}
190 191
software_root = $${runnerdirectory:software-test}
instance_root = $${runnerdirectory:instance-test}
192
proxy_port = 8602
193
etc_dir = $${directory:test}
194 195
autorun = False
auto_deploy = True
196

197 198 199
[runtestsuite]
recipe = slapos.cookbook:wrapper
command-line = ${buildout:directory}/bin/slaprunnertest
200
wrapper-path = $${directory:bin}/runTestSuite
201
environment = RUNNER_CONFIG=$${slapos-cfg:rendered}
202 203 204 205 206 207

# Deploy dropbear (minimalist SSH server)
[sshkeys-directory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:sshkeys}/requests/
keys = $${directory:sshkeys}/keys/
208

209 210 211 212
[sshkeys-authority]
recipe = slapos.cookbook:sshkeys_authority
request-directory = $${sshkeys-directory:requests}
keys-directory = $${sshkeys-directory:keys}
213
wrapper = $${directory:services}/sshkeys_authority
214 215
keygen-binary = ${dropbear:location}/bin/dropbearkey

216
[dropbear-runner-server]
217 218
recipe = slapos.cookbook:dropbear
host = $${slap-network-information:global-ipv6}
219
port = 22222
220
home = $${buildout:directory}
221 222
wrapper = $${directory:bin}/runner_sshd
shell = ${bash:location}/bin/bash
223
rsa-keyfile = $${directory:ssh}/server_key.rsa
224
allow-port-forwarding = true
225 226
dropbear-binary = ${dropbear:location}/sbin/dropbear

227
[sshkeys-dropbear-runner]
228 229 230 231
<= sshkeys-authority
recipe = slapos.cookbook:sshkeys_authority.request
name = dropbear
type = rsa
232 233 234 235
executable = $${dropbear-runner-server:wrapper}
public-key = $${dropbear-runner-server:rsa-keyfile}.pub
private-key = $${dropbear-runner-server:rsa-keyfile}
wrapper = $${directory:services}/runner_sshd
236 237

[dropbear-server-add-authorized-key]
238
<= dropbear-runner-server
239
recipe = slapos.cookbook:dropbear.add_authorized_key
240
key = $${slap-parameter:user-authorized-key}
241

242
#---------------------------
243
#--
244 245
#-- Set nginx frontend

246 247 248 249 250 251 252 253 254 255
[tempdirectory]
recipe = slapos.cookbook:mkdirectory
client_body_temp_path = $${directory:tmp}/client_body_temp_path
proxy_temp_path = $${directory:tmp}/proxy_temp_path
fastcgi_temp_path = $${directory:tmp}/fastcgi_temp_path
uwsgi_temp_path = $${directory:tmp}/uwsgi_temp_path
scgi_temp_path = $${directory:tmp}/scgi_temp_path

[nginx-frontend]
# Options
256
nb_workers = 5
257
# Network
258 259 260
local-ip = $${slap-network-information:local-ipv4}
global-ip = $${slap-network-information:global-ipv6}
global-port = $${slaprunner:runner_port}
261
# Backend
262 263
runner-ip = $${slaprunner:ipv4}
runner-port = $${slaprunner:runner_port}
264 265 266 267 268 269 270 271
# SSL
ssl-certificate = $${ca-nginx:cert-file}
ssl-key = $${ca-nginx:key-file}
# Log
path_pid = $${directory:run}/nginx.pid
path_log = $${directory:log}/nginx.log
path_access_log = $${directory:log}/nginx.access.log
path_error_log = $${directory:log}/nginx.error.log
272
path_tmp = $${directory:tmp}/
273
nginx_prefix = $${buildout:directory}
274 275 276
# Config files
path_nginx_conf = $${directory:etc}/nginx.conf
# Executables
277
bin_nginx = ${nginx-webdav:location}/sbin/nginx
278
bin_launcher = $${directory:bin}/launcher
279 280
# Utils
path_shell = ${dash:location}/bin/dash
281 282
# Misc.
etc_dir = $${directory:etc}
283
work_dir = $${slaprunner:working-directory}
284 285 286 287 288 289

[nginx_conf]
recipe = slapos.recipe.template:jinja2
template = ${template_nginx_conf:location}/${template_nginx_conf:filename}
rendered = $${nginx-frontend:path_nginx_conf}
context =
290
    key shellinabox_socket shellinabox:socket
291
    key socket gunicorn:socket
292 293 294 295 296 297 298 299 300 301 302
    section param_nginx_frontend nginx-frontend
    section param_tempdir tempdirectory

[nginx-launcher]
recipe = slapos.recipe.template:jinja2
template = ${template_launcher:location}/${template_launcher:filename}
rendered = $${nginx-frontend:bin_launcher}
mode = 700
context =
    section param_nginx_frontend nginx-frontend

303
[httpd-parameters]
304 305 306 307 308 309
path_pid = $${directory:run}/httpd.pid
path_error_log = $${directory:log}/httpd-error.log
path_access_log = $${directory:log}/httpd-access.log
# XXX Use ca-nginx, no need to regenerate certificate
cert_file = $${ca-nginx:cert-file}
key_file = $${ca-nginx:key-file}
310
global_ip = $${slap-network-information:global-ipv6}
311 312
global_port = 8386
#httpd_port = $${monitor-parameters:port}
313
#monitor_index = $${deploy-index:rendered}
314 315 316
working_directory = $${slaprunner:working-directory}
dav_lock = $${directory:var}/WebDavLock
htpasswd_file = $${monitor-httpd-conf-parameter:htpasswd-file}
317
etc_dir = $${directory:etc}
318 319
var_dir = $${directory:var}
project_folder = $${directory:project}
320
project_private_folder = $${runnerdirectory:private-project}
321
project_public_folder = $${runnerdirectory:public-project}
322
runner_home = $${runnerdirectory:home}
323
git_http_backend = ${git:location}/libexec/git-core/git-http-backend
324
#cgi_httpd_conf = $${monitor-httpd-configuration-file:rendered}
325
httpd_cors_file = $${slaprunner-httpd-cors:location}
326 327 328 329

[httpd-conf]
recipe = slapos.recipe.template:jinja2
template = ${template_httpd_conf:location}/${template_httpd_conf:filename}
330
rendered = $${directory:etc}/httpd.conf
331
context =
332 333
    section parameters httpd-parameters

334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366
[apache-httpd]
recipe = slapos.cookbook:wrapper
apache-executable = ${apache:location}/bin/httpd
wrapper-path = $${directory:services}/slaprunner-httpd
command-line = $${:apache-executable} -f $${httpd-conf:rendered} -DFOREGROUND
access-url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:global_port}
wait-for-files =
  $${ca-nginx:cert-file}
  $${ca-nginx:key-file}

[httpd-graceful-wrapper]
recipe = collective.recipe.template
input = inline:
  #!/bin/sh
  exec kill -USR1 $(cat $${httpd-parameters:path_pid})
output = $${directory:scripts}/slaprunner-httpd-graceful
mode = 700

[apache-httpd-promise]
recipe = slapos.cookbook:check_url_available
path = $${directory:promises}/$${:filename}
filename = apache-httpd-listening-on-tcp
url = $${apache-httpd:access-url}
check-secure = 1
dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }}

[slaprunner-httpd-cors]
recipe = plone.recipe.command
command = if [ ! -f $${:location} ]; then touch $${:location}; fi
location = $${directory:etc}/$${:filename}
filename = slaprunner-httpd-cors.cfg
stop-on-error = true
367

368 369 370 371
#--------------------
#--
#-- WSGI

372
[gunicorn]
373 374 375 376 377 378 379 380
bin_gunicorn = $${directory:bin}/gunicorn
bin_launcher = $${directory:services}/gunicorn
path_shell = ${dash:location}/bin/dash
socket = $${directory:tmp}/flaskserver.sock
path_pid = $${directory:run}/gunicorn.pid

[gunicorn-launcher]
recipe = slapos.cookbook:wrapper
381
command-line = $${gunicorn:bin_gunicorn} slapos.runner.run:app -p $${gunicorn:path_pid} -b unix:$${gunicorn:socket} -e RUNNER_CONFIG=$${slaprunner:slapos.cfg} --error-logfile $${directory:log}/$${:error-log-file} --log-level error --preload
382
error-log-file = gunicorn-error.log
383
wrapper-path = $${gunicorn:bin_launcher}
384
environment = PATH=$${environ:PATH}:${git:location}/bin/
385
  RUNNER_CONFIG=$${slaprunner:slapos.cfg}
386
  LANG=en_GB.UTF-8
387 388 389

[gunicorn-graceful]
recipe = slapos.cookbook:wrapper
390
command-line = $${directory:bin}/killpidfromfile $${gunicorn:path_pid} SIGHUP
391 392
wrapper-path = $${directory:scripts}/gunicorn-graceful

393
#--------------------
394
#--
395
#-- ssl certificates
396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420

[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${directory:ca-dir}
requests-directory = $${cadirectory:requests}
wrapper = $${directory:services}/certificate_authority
ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts}
ca-crl = $${cadirectory:crl}

[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:ca-dir}/requests/
private = $${directory:ca-dir}/private/
certs = $${directory:ca-dir}/certs/
newcerts = $${directory:ca-dir}/newcerts/
crl = $${directory:ca-dir}/crl/

[ca-nginx]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = $${cadirectory:certs}/nginx_frontend.key
cert-file = $${cadirectory:certs}/nginx_frontend.crt
421 422
executable = $${nginx-launcher:rendered}
wrapper = $${directory:services}/nginx-frontend
423 424 425
# Put domain name
name = example.com

426
#--------------------
427 428
#--
#-- Request frontend
429

430 431
[request-frontend]
<= slap-connection
432
recipe = slapos.cookbook:requestoptional
433
name = SlapRunner Frontend
434
# XXX We have hardcoded SR URL here.
435
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
436
slave = true
437
config-url = $${slaprunner:access-url}
438
config-domain = $${slap-parameter:frontend-domain}
439
return = site_url domain
440

441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459
[request-httpd-frontend]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = SlapRunner httpd Frontend
# XXX We have hardcoded SR URL here.
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
slave = true
config-url = $${apache-httpd:access-url}
config-domain = 
return = secure_access domain

[httpd-frontend-promise]
recipe = slapos.cookbook:check_url_available
path = $${directory:promises}/slaprunner-apache-http-frontend
url = $${request-httpd-frontend:connection-secure_access}
dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }}
check-secure = 1

460
#--------------------------------------
461
#--
462
#-- Send information to SlapOS Master
463

464
[publish-connection-information]
465
recipe = slapos.cookbook:publish
466
1_info = On your first run, Use "access_url" to setup you account. Then you can use both "url" or "access_url". Or "backend_url" if you want to use ipv6. Set up your account in the webrunner in order to use webdav, and being able to clone your git repositories from the runner.
467
2_info = In order to set up your account, get the recovery-code from the monitoring interface. Before read the notification on monitor_info.
468
backend_url = $${slaprunner:access-url}
469
access_url = $${:url}/login
470
url =  https://$${request-frontend:connection-domain}
471
ssh_command = ssh $${dropbear-runner-server:host} -p $${dropbear-runner-server:port}
472 473 474 475
webdav_url = $${request-httpd-frontend:connection-secure_access}/shared/
public_url =  $${request-httpd-frontend:connection-secure_access}/public/
git_public_url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:global_port}/git-public/
git_private_url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:global_port}/git/
476 477 478 479
monitor-base-url = $${publish:monitor-base-url}
monitor-url = $${publish:monitor-url}
monitor-user = $${publish:monitor-user}
monitor-password = $${publish:monitor-password}
480
{% if slapparameter_dict.get('monitor-interface-url', 'https://monitor.node.vifib.com') -%}
481 482
monitor_setup_url = {{ slapparameter_dict['monitor-interface-url'] }}/#page=settings_configurator&url=$${publish:monitor-url}
{% endif -%}
483 484 485
#---------------------------
#--
#-- Deploy promises scripts
Jean-Baptiste Petre's avatar
Jean-Baptiste Petre committed
486

487 488
[slaprunner-promise]
recipe = slapos.cookbook:check_port_listening
489
path = $${directory:promises}/slaprunner
490 491
hostname = $${slaprunner:ipv6}
port = $${slaprunner:runner_port}
Jean-Baptiste Petre's avatar
Jean-Baptiste Petre committed
492

493
[slaprunner-frontend-promise]
Jean-Baptiste Petre's avatar
Jean-Baptiste Petre committed
494
recipe = slapos.cookbook:check_url_available
495
path = $${directory:promises}/slaprunner_frontend
496
url = https://$${request-frontend:connection-domain}/login
Jean-Baptiste Petre's avatar
Jean-Baptiste Petre committed
497 498
dash_path = ${dash:location}/bin/dash
curl_path = ${curl:location}/bin/curl
499
check-secure = 1
Jean-Baptiste Petre's avatar
Jean-Baptiste Petre committed
500

501 502
[dropbear-promise]
recipe = slapos.cookbook:check_port_listening
503
path = $${directory:promises}/dropbear
504 505
hostname = $${dropbear-runner-server:host}
port = $${dropbear-runner-server:port}
506

507 508
[symlinks]
recipe = cns.recipe.symlink
509
symlink_target = $${directory:bin}
510
symlink_base = ${buildout:directory}/bin
511 512 513

[slap-parameter]
# Default value if no ssh key is specified
514
user-authorized-key =
515
# Default value of instances number in slaprunner
516
instance-amount = 10
517 518
debug = false
frontend-domain =
519
slapos-repository = https://lab.nexedi.com/nexedi/slapos.git
520
slapos-software =
521
slapos-software-type =
522
slapos-reference = master
523
auto-deploy = false
524
auto-deploy-instance = true
525
autorun = false
526
monitor-port = 9687
527
instance-name =
528 529
monitor-cors-domains = 
monitor-interface-url = 
530 531 532

[monitor-parameters]
port = $${slap-parameter:monitor-port}
533

534 535
[slapos-cfg]
recipe = slapos.recipe.template:jinja2
536
template = ${template-slapos-cfg:location}/${template-slapos-cfg:filename}
537 538 539
rendered = $${slaprunner:slapos.cfg}
mode = 700
context =
540
  section slaprunner slaprunner
541

542 543
[slapos-test-cfg]
recipe = slapos.recipe.template:jinja2
544
template = ${template-slapos-cfg:location}/${template-slapos-cfg:filename}
545 546 547 548 549
rendered = $${test-runner:slapos.cfg}
mode = 700
context =
  section slaprunner test-runner

550
[shellinabox]
551 552 553 554 555 556 557 558 559 560 561
recipe = slapos.recipe.template:jinja2
# We cannot use slapos.cookbook:wrapper here because this recipe escapes too much
socket = $${directory:run}/siab.sock
mode = 0700
rendered = $${directory:services}/shellinaboxd
template = inline:
  #!/bin/sh
  exec ${shellinabox:location}/bin/shellinaboxd \
    --disable-ssl \
    --disable-ssl-menu \
    --unixdomain-only=$${:socket}:$(id -u):$(id -g):0600 \
Jérome Perrin's avatar
Jérome Perrin committed
562
    --service "/:$(id -u):$(id -g):HOME:$${shell:wrapper} -l"
563 564 565

[shell]
recipe = slapos.cookbook:shell
Jérome Perrin's avatar
Jérome Perrin committed
566
wrapper = $${directory:bin}/bash
567
shell = ${bash:location}/bin/bash
568
home = $${buildout:directory}
569
path = $${environ:PATH}:/usr/bin:/bin/:${nano:location}/bin:${vim:location}/bin:${screen:location}/bin:${git:location}/bin:${tig:location}/bin
570 571
ps1 = "\\w> "

572 573 574
[environ]
recipe = collective.recipe.environment

575 576 577 578 579 580
[slapos-repo]
recipe = slapos.recipe.build:gitclone
repository = $${slap-parameter:slapos-repository}
git-executable = ${git:location}/bin/git
develop = true
location = $${directory:project}/slapos
581
branch = $${slap-parameter:slapos-reference}
582 583 584

[prepare-software]
recipe = slapos.cookbook:wrapper
585
command-line = ${curl:location}/bin/curl -g https://[$${slaprunner:ipv6}]:$${slaprunner:runner_port}/isSRReady --max-time 1 --insecure
586 587
wrapper-path = $${directory:scripts}/prepareSoftware

588 589 590 591 592 593 594
[cron-entry-prepare-software]
<= cron
recipe = slapos.cookbook:cron.d
name = prepare-software
frequency = */2 * * * *
command = $${prepare-software:wrapper-path}

595 596 597
[instance-parameters]
recipe = slapos.recipe.template:jinja2
extensions = jinja2.ext.do
598
template = ${template-parameters:location}/${template-parameters:filename}
599 600
rendered = $${directory:etc}/.parameter.xml.default
mode = 0644
601
context =
602 603 604 605 606 607 608 609
  key slapparameter_dict slap-configuration:configuration

[deploy-instance-parameters]
recipe = plone.recipe.command
stop-on-error = true
parameter-xml = $${directory:etc}/.parameter.xml
command = if [ ! -f $${:parameter-xml} ]; then cp $${instance-parameters:rendered} $${:parameter-xml}; fi

610 611 612 613 614 615 616
[instance-software-type]
recipe = plone.recipe.command
stop-on-error = true
# XXX It should not be named with .xml as it is not xml
software-type-path = $${directory:etc}/.software_type.xml
command = if [ ! -f $${:software-type-path} -a "$${slap-parameter:slapos-software-type}" != "" ]; then echo "$${slap-parameter:slapos-software-type}" > $${:software-type-path}; fi

617 618 619 620 621
[instance-software]
recipe = plone.recipe.command
stop-on-error = true
command = SR=$${slap-parameter:slapos-software} && if [ -n "$SR" ] && [ ! -f "$${directory:etc}/.project" ]; then echo workspace/slapos/$${slap-parameter:slapos-software}/ > $${directory:etc}/.project; fi

622 623 624 625 626 627 628 629
[slap-configuration]
recipe = slapos.cookbook:slapconfiguration.serialised
computer = $${slap-connection:computer-id}
partition = $${slap-connection:partition-id}
url = $${slap-connection:server-url}
key = $${slap-connection:key-file}
cert = $${slap-connection:cert-file}

630

631 632 633 634 635 636
[minishell-cwd]
recipe = plone.recipe.command
command = if [ ! -f $${slaprunner:minishell_cwd_file} ]; then echo $${runnerdirectory:home} > $${slaprunner:minishell_cwd_file}; fi
location = $${slaprunner:minishell_cwd_file}
stop-on-error = true

637
[bash-profile]
638 639 640 641
recipe = slapos.recipe.template:jinja2
template = ${template-bash-profile:location}/${template-bash-profile:filename}
rendered = $${buildout:directory}/.bash_profile
context =
642
    raw path $PATH:${nano:location}/bin:${vim:location}/bin:${screen:location}/bin:${git:location}/bin:${curl:location}/bin:${python2.7:location}/bin:${tig:location}/bin:${zip:location}/bin
643
    key workdir runnerdirectory:home
644

645 646 647 648 649

#---------------------------
#--
#-- supervisord managing slaprunner automation features

650
[supervisord]
651
autorestart = false
652 653 654 655
autostart = false
directory = $${buildout:directory}
exitcodes = 0
logfile = $${directory:log}/supervisord.log
656
no_logfile = NONE
657
numprocs = 1
658
path = $${shell:path}
659
pidfile = $${directory:run}/supervisord.pid
660 661
server = $${slaprunner:ipv4}:$${:port}
port = 39986
662
slapgrid-cp = slapgrid-cp
663
slapgrid-cp-command = $${slaprunner:slapos} node instance --all --cfg $${:slapos-cfg} --pidfile $${:slapgrid-cp-pid} --verbose --logfile $${:slapgrid-cp-log}
664 665
slapgrid-cp-log = $${runnerdirectory:home}/instance.log
slapgrid-cp-pid = $${directory:run}/slapgrid-cp.pid
666
slapgrid-cp-startretries = 0
667
slapgrid-sr = slapgrid-sr
668
slapgrid-sr-command = $${slaprunner:slapos} node software --all --cfg $${:slapos-cfg} --pidfile $${:slapgrid-sr-pid} --verbose --logfile $${:slapgrid-sr-log}
669 670
slapgrid-sr-log = $${runnerdirectory:home}/software.log
slapgrid-sr-pid = $${directory:run}/slapgrid-sr.pid
671
slapgrid-sr-startretries = 0
672 673 674
slapproxy = slapproxy
slapproxy-autorestart = true
slapproxy-autostart = true
675
slapproxy-startsecs = 1
676
slapproxy-command = $${slaprunner:slapos} proxy start --logfile $${:slapproxy-log} --cfg $${:slapos-cfg}
677
slapproxy-log = $${directory:log}/slapproxy.log
678 679
socket_name = unix://$${:socket_path}
socket_path = $${directory:tmp}/supervisord.sock
680
startsecs = 0
681 682 683
# This file logs errors from listeners. Supervisord has its own logfile.
# Processes should handle their logs by themselves
stderr_logfile = $${directory:log}/supervisord-errors.log
684
slapos-cfg = $${slaprunner:slapos.cfg}
685 686 687 688 689 690

[supervisord-conf]
recipe = slapos.recipe.template:jinja2
template = ${template-supervisord:location}/${template-supervisord:filename}
rendered = $${directory:etc}/supervisord.conf
context =
691 692
    import multiprocessing multiprocessing
    import builtin __builtin__
693
    section supervisord supervisord
694
    key slapparameter_dict slap-configuration:configuration
695 696 697 698 699 700 701 702 703 704
    key listener_slapgrid listener-slapgrid-bin:rendered

[listener-slapgrid-bin]
recipe = slapos.recipe.template:jinja2
template = ${template-listener-slapgrid:location}/${template-listener-slapgrid:filename}
rendered = $${directory:bin}/listener_slapgrid.py
mode = 0744
context =
    section supervisord supervisord
    section slaprunner slaprunner
705
    raw python_executable ${buildout:directory}/bin/${extra-eggs:interpreter}
706 707 708 709 710 711

[supervisord-wrapper]
recipe = slapos.cookbook:wrapper
command-line = $${buildout:directory}/bin/supervisord -c $${supervisord-conf:rendered} --nodaemon
wrapper-path = $${directory:services}/supervisord

712 713 714 715 716 717
[supervisord-promise]
recipe = slapos.cookbook:check_port_listening
path = $${directory:promises}/supervisord
hostname = $${slaprunner:ipv4}
port = $${supervisord:port}

718 719 720 721 722 723
# XXX Monitor 
[monitor-instance-parameter]
monitor-httpd-port = $${slap-parameter:monitor-port}
{% if slapparameter_dict.get('name', '') -%}
monitor-title = {{ slapparameter_dict['name'] }}
{% endif -%}
724
cors-domains = {{ slapparameter_dict.get('monitor-cors-domains', 'monitor.node.vifib.com') }}
725 726 727 728 729 730 731 732 733 734 735 736 737 738
{% if slapparameter_dict.get('monitor-username', '') -%}
username = {{ slapparameter_dict['monitor-username'] }}
{% endif -%}
{% if slapparameter_dict.get('monitor-password', '') -%}
password = {{ slapparameter_dict['monitor-password'] }}
{% endif -%}
{% if slapparameter_dict.get('monitor-url-list', '') -%}
opml-url-list = {{ slapparameter_dict['monitor-url-list'] }}
{% endif -%}
{% if not slapparameter_dict.get('authorized-key', '') -%}
# Parameter for resilient
# Pass some parameter to dispay in monitoring interface
instance-configuration =
  file recovery-code $${recovery-code:storage-path}
739 740
  httpdcors cors-domain $${slaprunner-httpd-cors:location} $${httpd-graceful-wrapper:output}
  raw webrunner-url https://$${request-frontend:connection-domain}
741 742
{% endif -%}
configuration-file-path = $${buildout:directory}/knowledge0.cfg
743

744 745 746 747 748 749 750
[monitor-check-webrunner-internal-instance]
recipe = slapos.recipe.template:jinja2
template = ${monitor-check-webrunner-internal-instance:location}/${monitor-check-webrunner-internal-instance:filename}
rendered = $${monitor-directory:promises}/$${:filename}
filename = monitor-check-webrunner-internal-instance
mode = 0744