[buildout] parts = certificate-authority publish-apache-zope-backend-connection-string zope-instance apache-zope-backend-instance ca-apache-zope-backend logrotate erp5-certificate-authority logrotate-entry-zope cron cron-entry-logrotate binary-link bt5-erp5-link promise-zope promise-apache-zope-backend eggs-directory = {{ eggs_directory }} develop-eggs-directory = {{ develop_eggs_directory }} offline = true {% if 'frontend-software-url' in slapparameter_dict -%} [request-slave-frontend] recipe = slapos.cookbook:request.serialised software-url = {{ slapparameter_dict['frontend-software-url'] }} software-type = {{ slapparameter_dict.get('frontend-software-type', 'RootSoftwareInstance') }} sla = instance_guid sla-instance_guid = {{ slapparameter_dict['frontend-instance-guid'] }} server-url = ${slap-connection:server-url} key-file = ${slap-connection:key-file} cert-file = ${slap-connection:cert-file} computer-id = ${slap-connection:computer-id} partition-id = ${slap-connection:partition-id} name = SlaveFrontend slave = true {% set config_dict = { 'url': '${apache-zope-backend-instance:scheme}://[${apache-zope-backend-instance:ip}]:${apache-zope-backend-instance:port}', 'type': 'zope', } -%} {% if 'frontend-domain' in slapparameter_dict -%} {% do config_dict.__setitem__('custom_domain', slapparameter_dict['frontend-domain']) -%} {% endif -%} config = {{ config_dict.keys() | join(' ') }} {% for name, value in config_dict.items() -%} config-{{ name }} = {{ value }} {% endfor -%} return = site_url [publish-apache-zope-backend-connection-string] recipe = slapos.cookbook:publish.serialised url = ${request-slave-frontend:connection-site_url} login = ${zope-instance:user} password = ${zope-instance:password} url-deadlock = ${:url}/${zope-instance:deadlock-path}?${zope-instance:deadlock-password} {% else %} [publish-apache-zope-backend-connection-string] recipe = slapos.cookbook:publish.serialised url = https://${zope-instance:user}:${zope-instance:password}@[${apache-zope-backend-instance:ip}]:${apache-zope-backend-instance:port} url-deadlock = ${:url}/${zope-instance:deadlock-path}?${zope-instance:deadlock-password} {% endif %} [apache-zope-backend-instance] recipe = slapos.cookbook:apache.zope.backend backend = http://${zope-instance:ip}:${zope-instance:port}/ ip = ${slap-network-information:global-ipv6} port = 16001 wrapper = ${rootdirectory:bin}/apache key-file = ${directory:apache-conf}/apache.key cert-file = ${directory:apache-conf}/apache.crt configuration-file = ${directory:apache-conf}/apache.conf {# By default, if no white list is specified, backend allows access to everyone -#} access-control-string = {{ slapparameter_dict.get('access-control-string', 'all') }} pid-file = ${basedirectory:run}/apache.pid lock-file = ${basedirectory:run}/apache.lock ssl-session-cache = ${basedirectory:log}/apache-ssl-session-cache error-log = ${basedirectory:log}/apache-error.log access-log = ${basedirectory:log}/apache-access.log apache-binary = {{ apache_location }}/bin/httpd scheme = https [ca-apache-zope-backend] <= certificate-authority recipe = slapos.cookbook:certificate_authority.request key-file = ${apache-zope-backend-instance:key-file} cert-file = ${apache-zope-backend-instance:cert-file} executable = ${apache-zope-backend-instance:wrapper} wrapper = ${basedirectory:services}/apache [zope-instance] recipe = slapos.cookbook:generic.zope # Options user = zope port = 12001 ip = ${slap-network-information:local-ipv4} zodb-cache-size = 5000 thread-amount = 4 zodb-path = ${directory:zodb}/main.fs deadlock-path = /manage_debug_threads # Paths wrapper = ${basedirectory:services}/zope-development instance-path = ${directory:instance} instance-etc = ${directory:instance-etc} instance-products = ${directory:instance-products} bt5-repository = ${rootdirectory:var}/bt5_repository tmp-path = ${rootdirectory:tmp} bin-path = ${rootdirectory:bin} site-zcml = ${:instance-etc}/site.zcml logrotate-post = ${rootdirectory:bin}/zope-post-logrotate pid-file = ${basedirectory:run}/zope.pid lock-file = ${basedirectory:run}/zope.lock event-log = ${basedirectory:log}/zope-event.log z2-log = ${basedirectory:log}/zope-Z2.log configuration-file = ${rootdirectory:etc}/zope.conf inituser = ${:instance-path}/inituser # Binary information runzope-binary = {{ bin_directory }}/runzope # Defaults bt5-repository-list = [logrotate] recipe = slapos.cookbook:logrotate # Binaries logrotate-binary = {{ logrotate_location }}/usr/sbin/logrotate gzip-binary = {{ gzip_location }}/bin/gzip gunzip-binary = {{ gzip_location }}/bin/gunzip # Directories wrapper = ${rootdirectory:bin}/logrotate conf = ${rootdirectory:etc}/logrotate.conf logrotate-entries = ${directory:logrotate-entries} backup = ${directory:logrotate-backup} state-file = ${rootdirectory:srv}/logrotate.status [logrotate-entry-zope] <= logrotate recipe = slapos.cookbook:logrotate.d name = zope log = ${zope-instance:event-log} ${zope-instance:z2-log} frequency = daily rotate-num = 30 post = {{ bin_directory }}/killpidfromfile ${zope-instance:pid-file} SIGUSR2 sharedscripts = true notifempty = true create = true [logrotate-entry-apache-zope-backend] <= logrotate recipe = slapos.cookbook:logrotate.d name = zope log = ${apache-zope-backend-instance:error-log} ${apache-zope-backend-instance:access-log} frequency = daily rotate-num = 30 post = {{ bin_directory }}/killpidfromfile ${apache-zope-backend-instance:pid-file} SIGUSR1 sharedscripts = true notifempty = true create = true [cron] recipe = slapos.cookbook:cron dcrond-binary = {{ dcron_location }}/sbin/crond cron-entries = ${directory:cron-entries} crontabs = ${directory:crontabs} cronstamps = ${directory:cronstamps} catcher = ${cron-simplelogger:wrapper} binary = ${basedirectory:services}/crond [cron-simplelogger] recipe = slapos.cookbook:simplelogger wrapper = ${rootdirectory:bin}/cron_simplelogger log = ${basedirectory:log}/cron.log [cron-entry-logrotate] <= cron recipe = slapos.cookbook:cron.d name = logrotate frequency = 0 0 * * * command = ${logrotate:wrapper} [binary-link] recipe = slapos.cookbook:symbolic.link target-directory = ${rootdirectory:bin} link-binary = {{ coreutils_location }}/bin/basename {{ coreutils_location }}/bin/cat {{ coreutils_location }}/bin/cp {{ coreutils_location }}/bin/ls {{ coreutils_location }}/bin/tr {{ coreutils_location }}/bin/uname {{ git_location }}/bin/git {{ graphviz_location }}/bin/dot {{ grep_location }}/bin/grep {{ imagemagick_location }}/bin/convert {{ imagemagick_location }}/bin/identify {{ librsvg_location }}/bin/rsvg-convert {{ mariadb_location }}/bin/mysql {{ mariadb_location }}/bin/mysqldump {{ sed_location }}/bin/sed {{ tesseract_location }}/bin/tesseract {{ w3m_location }}/bin/w3m {{ openssl_location }}/bin/openssl {{ poppler_location }}/bin/pdfinfo {{ poppler_location }}/bin/pdfseparate {{ poppler_location }}/bin/pdftotext {{ poppler_location }}/bin/pdftohtml {{ poppler_location }}/bin/pdfunite {{ dmtx_utils_location }}/bin/dmtxwrite {{ aspell_location }}/bin/aspell [certificate-authority] recipe = slapos.cookbook:certificate_authority openssl-binary = {{ openssl_location }}/bin/openssl ca-dir = ${directory:ca-dir} requests-directory = ${cadirectory:requests} wrapper = ${basedirectory:services}/ca ca-private = ${cadirectory:private} ca-certs = ${cadirectory:certs} ca-newcerts = ${cadirectory:newcerts} ca-crl = ${cadirectory:crl} [bt5-erp5-link] recipe = slapos.cookbook:symbolic.link target-directory = ${basedirectory:bt5-erp5} link-binary = {{ erp5_location }}/product/ERP5/bootstrap {{ erp5_location }}/bt5 [cadirectory] recipe = slapos.cookbook:mkdirectory requests = ${directory:ca-dir}/requests private = ${directory:ca-dir}/private certs = ${directory:ca-dir}/certs newcerts = ${directory:ca-dir}/newcerts crl = ${directory:ca-dir}/crl [rootdirectory] recipe = slapos.cookbook:mkdirectory etc = ${buildout:directory}/etc var = ${buildout:directory}/var srv = ${buildout:directory}/srv bin = ${buildout:directory}/bin tmp = ${buildout:directory}/tmp [basedirectory] recipe = slapos.cookbook:mkdirectory log = ${rootdirectory:var}/log services = ${rootdirectory:etc}/run promises = ${rootdirectory:etc}/promise/ run = ${rootdirectory:var}/run backup = ${rootdirectory:srv}/backup bt5-erp5 = ${rootdirectory:var}/bt5_erp5 [erp5-certificate-authority] recipe = slapos.cookbook:certificate_authority openssl-binary = {{ openssl_location }}/bin/openssl ca-dir = ${directory:erp5-ca-dir} requests-directory = ${erp5-cadirectory:requests} wrapper = ${basedirectory:services}/erp5-ca ca-private = ${erp5-cadirectory:private} ca-certs = ${erp5-cadirectory:certs} ca-newcerts = ${erp5-cadirectory:newcerts} ca-crl = ${erp5-cadirectory:crl} [erp5-cadirectory] recipe = slapos.cookbook:mkdirectory requests = ${directory:erp5-ca-dir}/requests private = ${directory:erp5-ca-dir}/private certs = ${directory:erp5-ca-dir}/certs newcerts = ${directory:erp5-ca-dir}/newcerts crl = ${directory:erp5-ca-dir}/crl [directory] recipe = slapos.cookbook:mkdirectory zodb = ${rootdirectory:srv}/zodb instance = ${rootdirectory:srv}/erp5shared instance-etc = ${:instance}/etc apache-conf = ${rootdirectory:etc}/apache instance-etc-package-include = ${:instance}/etc/package-include # because of bug in slapos.recipe.template keys are lowercased instance-document = ${:instance}/Document instance-propertysheet = ${:instance}/PropertySheet instance-products = ${:instance}/Products instance-extensions = ${:instance}/Extensions instance-constraint = ${:instance}/Constraint instance-import = ${:instance}/import instance-lib = ${:instance}/lib instance-tests = ${:instance}/tests erp5-ca-dir = ${rootdirectory:srv}/erp5-ca ca-dir = ${rootdirectory:srv}/ssl cron-entries = ${rootdirectory:etc}/cron.d crontabs = ${rootdirectory:etc}/crontabs cronstamps = ${rootdirectory:etc}/cronstamps logrotate-backup = ${basedirectory:backup}/logrotate logrotate-entries = ${rootdirectory:etc}/logrotate.d # Deploy zope promises scripts [promise-zope] recipe = slapos.cookbook:check_port_listening path = ${basedirectory:promises}/zope hostname = ${zope-instance:ip} port = ${zope-instance:port} [promise-apache-zope-backend] recipe = slapos.cookbook:check_port_listening path = ${basedirectory:promises}/apache-backend hostname = ${apache-zope-backend-instance:ip} port = ${apache-zope-backend-instance:port}