Commit 96975aee authored by Vincent Pelletier's avatar Vincent Pelletier

erp5: Call dumps() when rendering user-provided strings

Not perfect yet, as some strings end in configuration files for example
and need escape mechanisms aware of individual configuration file syntaxes.
parent a45c1758
No related merge requests found
......@@ -179,7 +179,7 @@ context =
[template-mariadb]
< = download-base
filename = instance-mariadb.cfg.in
md5sum = 31e49ad3abb6926f21f29c53cda49ebb
md5sum = 7946369d6df508d854c786ab653e8cd4
link-binary =
${coreutils:location}/bin/basename
${coreutils:location}/bin/cat
......@@ -200,7 +200,7 @@ md5sum = fe9a9349c4bad2ba999e9d8bac065ebb
[template-cloudooo]
< = download-base
filename = instance-cloudoo.cfg.in
md5sum = 1cb9160482a6be615c34dbc55b017dce
md5sum = 5ad1664a39fbab5f8450c7fb36c81945
[template-zope-conf]
< = download-base
......@@ -225,7 +225,7 @@ md6sum = 4504b8e58cf6eb0f17ef30c29c04432d
[template-create-erp5-site-real]
< = download-base
filename = instance-create-erp5-site-real.cfg.in
md5sum = 2440e054821628bfbc4837d4ceb16bc2
md5sum = a88881e00d56286e16fcaf36d94c025e
[template]
< = template-jinja2-base
......@@ -306,12 +306,12 @@ md5sum = 7735d535aa34dfdc18a776b80bc0ca3d
[template-zeo]
< = download-base
filename = instance-zeo.cfg.in
md5sum = 32de16140a294a7e456a9665124bdb93
md5sum = 537454dcd64330ddb0360c05526b7824
[template-zope]
< = download-base
filename = instance-zope.cfg.in
md5sum = d293450efd0bebc91c0bad5c1c7989bc
md5sum = 4e90f7eae9e14d47077e3d884fe79474
link-binary =
${aspell:location}/bin/aspell
${coreutils:location}/bin/basename
......@@ -341,7 +341,7 @@ link-binary =
[template-balancer]
< = download-base
filename = instance-balancer.cfg.in
md5sum = 2d2bd66f5771e106ce31253e01162ff3
md5sum = e0b8ba297c4ab92f6ecb61c3384d893e
[template-haproxy-cfg]
< = download-base
......
......@@ -64,7 +64,7 @@ ipv6 = {{ zope_address.split(']:')[0][1:] }}
[haproxy-cfg-parameter-dict]
socket-path = ${directory:run}/haproxy.sock
server-check-path = {{ slapparameter_dict['haproxy-server-check-path'] }}
server-check-path = {{ dumps(slapparameter_dict['haproxy-server-check-path']) }}
backend-dict = {{ dumps(haproxy_dict) }}
ip = {{ ipv4 }}
......@@ -90,15 +90,15 @@ scheme = https
key-file = ${directory:apache-conf}/apache.key
cert-file = ${directory:apache-conf}/apache.crt
configuration-file = ${directory:apache-conf}/apache.conf
access-control-string = {{ slapparameter_dict['apache-access-control-string'] }}
access-control-string = {{ dumps(slapparameter_dict['apache-access-control-string']) }}
pid-file = ${directory:run}/apache.pid
lock-file = ${directory:run}/apache.lock
ssl-session-cache = $${directory:log}/apache-ssl-session-cache
error-log = ${directory:log}/apache-error.log
access-log = ${directory:log}/apache-access.log
apache-binary = {{ parameter_dict['apache'] }}/bin/httpd
ssl-authentication = {{ slapparameter_dict['apache-ssl-authentication'] }}
backend-path = {{ slapparameter_dict['apache-backend-path'] }}
ssl-authentication = {{ dumps(slapparameter_dict['apache-ssl-authentication']) }}
backend-path = {{ dumps(slapparameter_dict['apache-backend-path']) }}
# Note: Without certificate-authority main certificate have to be hardcoded
ssl-authentication-certificate = ${certificate-authority:ca-dir}/cacert.pem
ssl-authentication-crl = ${certificate-authority:ca-crl}
......@@ -123,11 +123,11 @@ ca-certs = ${directory:certs}
ca-newcerts = ${directory:newcerts}
ca-crl = ${directory:crl}
{% set ca = slapparameter_dict['ca'] -%}
country-code = {{ ca.get('country-code', 'ZZ') }}
email = {{ ca.get('email', 'nobody@example.com') }}
state = {{ ca.get('state', 'Dummy State') }}
city = {{ ca.get('city', 'Dummy City') }}
company = {{ ca.get('company', 'Dummy Company') }}
country-code = {{ dumps(ca.get('country-code', 'ZZ')) }}
email = {{ dumps(ca.get('email', 'nobody@example.com')) }}
state = {{ dumps(ca.get('state', 'Dummy State')) }}
city = {{ dumps(ca.get('city', 'Dummy City')) }}
company = {{ dumps(ca.get('company', 'Dummy Company')) }}
[ca-apache]
< = certificate-authority
......
......@@ -51,7 +51,7 @@ conf-path = ${directory:etc}/font.conf
font-system-folder = {{ parameter_dict['fonts'] }}
font-folder = ${directory:font}
{# XXX: violates "instanciation happens offline" rule -#}
url-list = {{ slapparameter_dict.get('font-url-list', []) | join(' ') }}
url-list = {{ dumps(slapparameter_dict.get('font-url-list', []) | join(' ')) }}
service-folder = ${directory:service}
onetimedownload_path = {{ bin_directory }}/onetimedownload
......
......@@ -16,7 +16,7 @@ mysql-url = {{ publish['mariadb-database-list'][0] }}
{% do family_list.append(value.split('://', 1)) -%}
{% endif -%}
{% endfor -%}
zope-url = {{ family_list[0][0] + '://' + publish['inituser-login'] + ':' + publish['inituser-password'] + '@' + family_list[0][1] + '/' + publish['site-id'] }}
zope-url = {{ dumps(family_list[0][0] + '://' + publish['inituser-login'] + ':' + publish['inituser-password'] + '@' + family_list[0][1] + '/' + publish['site-id']) }}
[promise-erp5-site]
recipe = slapos.cookbook:check_url_available
......
......@@ -56,7 +56,7 @@ recipe = slapos.cookbook:generate.password
[deadlock-debugger-password]
{% set deadlock_debugger_password = slapparameter_dict.get('deadlock-debugger-password') -%}
{% if deadlock_debugger_password -%}
passwd = {{ deadlock_debugger_password }}
passwd = {{ dumps(deadlock_debugger_password) }}
{% else -%}
recipe = slapos.cookbook:generate.password
{% endif -%}
......@@ -95,15 +95,15 @@ config-mysql-test-url-list = ${request-mariadb:connection-test-database-list}
config-memcached-url = ${request-memcached-volatile:connection-url}
config-cloudooo-url = ${request-cloudooo:connection-url}
config-kumofs-url = ${request-memcached-persistent:connection-url}
config-bt5 = {{ slapparameter_dict.get('bt5', 'erp5_full_text_myisam_catalog erp5_configurator_standard erp5_configurator_maxma_demo erp5_configurator_ung erp5_configurator_run_my_doc') }}
config-bt5-repository-url = {{ slapparameter_dict.get('bt5-repository-url', local_bt5_repository) }}
config-smtp-url = {{ slapparameter_dict.get('smtp-url', 'smtp://localhost:25/') }}
config-bt5 = {{ dumps(slapparameter_dict.get('bt5', 'erp5_full_text_myisam_catalog erp5_configurator_standard erp5_configurator_maxma_demo erp5_configurator_ung erp5_configurator_run_my_doc')) }}
config-bt5-repository-url = {{ dumps(slapparameter_dict.get('bt5-repository-url', local_bt5_repository)) }}
config-smtp-url = {{ dumps(slapparameter_dict.get('smtp-url', 'smtp://localhost:25/')) }}
config-zodb-dict = ${request-zodb:connection-zodb-dict}
config-zodb-storage-type = ${request-zodb:connection-zodb-storage-type}
config-tidstorage-ip = ${request-zodb:connection-tidstorage-ip}
config-tidstorage-port = ${request-zodb:connection-tidstorage-port}
config-timezone = {{ slapparameter_dict.get('timezone', 'UTC') }}
config-site-id = {{ site_id }}
config-timezone = {{ dumps(slapparameter_dict.get('timezone', 'UTC')) }}
config-site-id = {{ dumps(site_id) }}
config-deadlock-debugger-password = ${deadlock-debugger-password:passwd}
config-inituser-login = {{ dumps(inituser_login) }}
config-inituser-password = ${inituser-password:passwd}
......@@ -124,7 +124,7 @@ config-timerserver-interval = {{ dumps(zope_parameter_dict.get('timerserver-inte
config-longrequest-logger-interval = {{ dumps(zope_parameter_dict.get('longrequest-logger-interval', -1)) }}
config-longrequest-logger-timeout = {{ dumps(zope_parameter_dict.get('longrequest-logger-timeout', 1)) }}
config-port-base = {{ dumps(zope_parameter_dict.get('port-base', 2200)) }}
sla-computer_guid = {{ zope_parameter_dict.get('computer-guid', computer_id) }}
sla-computer_guid = {{ dumps(zope_parameter_dict.get('computer-guid', computer_id)) }}
{% endfor -%}
{# We need to concatenate lists that we cannot read as lists, so this gets hairy. -#}
......@@ -153,7 +153,7 @@ config-url = ${request-balancer:{{ family_name }}-v6}
< = request-common
name = balancer
software-type = balancer
sla-computer_guid = {{ slapparameter_dict.get('balancer-computer-guid', computer_id) }}
sla-computer_guid = {{ dumps(slapparameter_dict.get('balancer-computer-guid', computer_id)) }}
extra-config =
tcpv4-port
haproxy-server-check-path
......@@ -174,19 +174,19 @@ config-tcpv4-port = {{ dumps(slapparameter_dict.get('', 2150)) }}
config-{{ name }} = {{ ' ${' ~ zope_section_id ~ ':connection-zope-address-list}' }}
{% endfor -%}
# XXX: should those really be same for all families ?
config-haproxy-server-check-path = {{ slapparameter_dict.get('haproxy-server-check-path', '/') % {'site-id': site_id} }}
config-apache-access-control-string = {{ slapparameter_dict.get('apache-access-control-string', 'all') }}
config-apache-ssl-authentication = {{ slapparameter_dict.get('apache-ssl-authentication', '0') }}
config-apache-backend-path = {{ slapparameter_dict.get('apache-backend-path', '/') % {'site-id': site_id} }}
config-haproxy-server-check-path = {{ dumps(slapparameter_dict.get('haproxy-server-check-path', '/') % {'site-id': site_id}) }}
config-apache-access-control-string = {{ dumps(slapparameter_dict.get('apache-access-control-string', 'all')) }}
config-apache-ssl-authentication = {{ dumps(slapparameter_dict.get('apache-ssl-authentication', '0')) }}
config-apache-backend-path = {{ dumps(slapparameter_dict.get('apache-backend-path', '/') % {'site-id': site_id}) }}
config-ca = {{ dumps(slapparameter_dict.get('ca', {})) }}
[request-frontend-base]
{% if has_frontend -%}
< = request-common
software-url = {{ frontend_dict['software-url'] }}
software-type = {{ frontend_dict.get('software-type', 'RootSoftwareInstance') }}
software-url = {{ dumps(frontend_dict['software-url']) }}
software-type = {{ dumps(frontend_dict.get('software-type', 'RootSoftwareInstance')) }}
sla = instance_guid
sla-instance_guid = {{ frontend_dict['instance-guid'] }}
sla-instance_guid = {{ dumps(frontend_dict['instance-guid']) }}
slave = true
{% set config_dict = {
'type': 'zope',
......@@ -206,7 +206,7 @@ recipe = slapos.cookbook:publish.serialised
deadlock-debugger-password = ${deadlock-debugger-password:passwd}
inituser-password = ${inituser-password:passwd}
{% for name, value in publish_dict.items() -%}
{{ name }} = {{ value }}
{{ name }} = {{ dumps(value) }}
{% endfor -%}
[buildout]
......
......@@ -98,7 +98,7 @@ data-directory = ${directory:mariadb-data}
pid-file = ${directory:run}/mariadb.pid
error-log = ${directory:log}/mariadb_error.log
slow-query-log = ${directory:log}/mariadb_slowquery.log
long-query-time = {{ slapparameter_dict.get('long-query-time', 1) }}
long-query-time = {{ dumps(slapparameter_dict.get('long-query-time', 1)) }}
innodb-buffer-pool-size = {{ dumps(slapparameter_dict.get('innodb-buffer-pool-size', 0)) }}
innodb-log-file-size = {{ dumps(slapparameter_dict.get('innodb-log-file-size', 0)) }}
innodb-log-buffer-size = {{ dumps(slapparameter_dict.get('innodb-log-buffer-size', 0)) }}
......@@ -106,7 +106,7 @@ relaxed-writes = {{ dumps(slapparameter_dict.get('relaxed-writes', False)) }}
{% if incremental_backup_retention_days > -1 -%}
binlog-path = ${directory:mariadb-backup-incremental}/binlog
# XXX: binlog rotation happens along with other log's rotation
binlog-expire-days = {{ incremental_backup_retention_days }}
binlog-expire-days = {{ dumps(incremental_backup_retention_days) }}
{% else %}
binlog-path =
{%- endif %}
......@@ -150,7 +150,7 @@ mysql-base-directory = {{ parameter_dict['mariadb-location'] }}
[mariadb-instance]
# Options
user = user
parallel-test-database-amount = {{ slapparameter_dict.get('test-database-amount', 30) }}
parallel-test-database-amount = {{ dumps(slapparameter_dict.get('test-database-amount', 30)) }}
database = erp5
test-user = erp5_test
test-database = erp5_test
......
......@@ -129,7 +129,7 @@ known-tid-storage-identifier-dict = {{ dumps(known_tid_storage_identifier_dict)
configuration-path = ${directory:etc}/tidstorage.py
ip = {{ tidstorage_ip }}
port = {{ tidstorage_port }}
timestamp-file-path = {{ tidstorage_dict.get('tidstorage-timestamp-path', '%(backup)s/repozo_tidstorage_timestamp.log' % {'backup': default_tidstorage_timestamp_path}) }}
timestamp-file-path = {{ dumps(tidstorage_dict.get('tidstorage-timestamp-path', '%(backup)s/repozo_tidstorage_timestamp.log' % {'backup': default_tidstorage_timestamp_path})) }}
logfile-name = ${directory:log}/tidstorage.log
pidfile-name = ${directory:run}/tidstorage.pid
status-file = ${directory:tidstorage}/tidstorage.tid
......@@ -166,7 +166,7 @@ path = ${directory:promises}/tidstorage
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = tidstorage
time = {{ tidstorage_dict.get('periodicity', 'daily') }}
time = {{ dumps(tidstorage_dict.get('periodicity', 'daily')) }}
command = ${tidstorage:repozo-wrapper}
[{{ section("logrotate-tidstorage") }}]
......
......@@ -20,9 +20,9 @@ partition. No more (undefined result), no less (IndexError).
recipe = slapos.cookbook:erp5.test
certificate-authority-path = ${test-certificate-authority:ca-dir}
mysql-url-list = {{ dumps(slapparameter_dict['mysql-test-url-list']) }}
kumofs-url = {{ slapparameter_dict['kumofs-url'] }}
memcached-url = {{ slapparameter_dict['memcached-url'] }}
cloudooo-url = {{ slapparameter_dict['cloudooo-url'] }}
kumofs-url = {{ dumps(slapparameter_dict['kumofs-url']) }}
memcached-url = {{ dumps(slapparameter_dict['memcached-url']) }}
cloudooo-url = {{ dumps(slapparameter_dict['cloudooo-url']) }}
test-instance-path = ${directory:unit-test-path}
prepend-path = ${buildout:bin-directory}
run-unit-test = ${buildout:bin-directory}/runUnitTest
......@@ -131,8 +131,8 @@ ipv6 = {{ storage_server.split(']:')[0][1:] }}
< = zeo-tunnel-base
base-name = tidstorage-tunnel
ipv4-port = {{ next_port }}
ipv6 = {{ slapparameter_dict.get('tidstorage-ip') }}
ipv6-port = {{ slapparameter_dict.get('tidstorage-port') }}
ipv6 = {{ dumps(slapparameter_dict.get('tidstorage-ip')) }}
ipv6-port = {{ dumps(slapparameter_dict.get('tidstorage-port')) }}
{% do slapparameter_dict.__setitem__('tidstorage-ip', ipv4) -%}
{% do slapparameter_dict.__setitem__('tidstorage-port', next_port) -%}
{% set next_port = next_port + 1 -%}
......@@ -155,8 +155,8 @@ ipv6 = {{ ipv6 }}
{% if slapparameter_dict.get('tidstorage-ip') -%}
[tidstorage]
ipv4 = {{ slapparameter_dict['tidstorage-ip'] }}
ipv4-port = {{ slapparameter_dict['tidstorage-port'] }}
ipv4 = {{ dumps(slapparameter_dict['tidstorage-ip']) }}
ipv4-port = {{ dumps(slapparameter_dict['tidstorage-port']) }}
{% else -%}
[tidstorage]
ipv4 =
......@@ -165,10 +165,10 @@ ipv4-port =
[zope-base]
recipe = slapos.cookbook:generic.zope.zeo.client
user = {{ slapparameter_dict['inituser-login'] }}
password = {{ slapparameter_dict['inituser-password'] }}
user = {{ dumps(slapparameter_dict['inituser-login']) }}
password = {{ dumps(slapparameter_dict['inituser-password']) }}
ip = {{ ipv4 }}
timezone = {{ slapparameter_dict['timezone'] }}
timezone = {{ dumps(slapparameter_dict['timezone']) }}
tidstorage-ip = ${tidstorage:ipv4}
tidstorage-port = ${tidstorage:ipv4-port}
instance-etc = ${directory:instance-etc}
......@@ -198,7 +198,7 @@ context =
key instance directory:instance
key instance_products directory:instance-products
raw deadlock_path /manage_debug_threads
raw deadlock_debugger_password {{ slapparameter_dict['deadlock-debugger-password'] }}
raw deadlock_debugger_password {{ dumps(slapparameter_dict['deadlock-debugger-password']) }}
key tidstorage_ip tidstorage:ipv4
key tidstorage_port tidstorage:ipv4-port
key promise_path erp5-promise:promise-path
......@@ -294,12 +294,12 @@ zope-address-list = {{ dumps(publish_list) }}
[erp5-promise]
recipe = slapos.cookbook:erp5.promise
promise-path = ${directory:etc}/erp5promise.cfg
kumofs-url = {{ slapparameter_dict['kumofs-url'] }}
memcached-url = {{ slapparameter_dict['memcached-url'] }}
cloudooo-url = {{ slapparameter_dict['cloudooo-url'] }}
smtp-url = {{ slapparameter_dict['smtp-url'] }}
bt5 = {{ slapparameter_dict['bt5'] }}
bt5-repository-url = {{ slapparameter_dict['bt5-repository-url'] }}
kumofs-url = {{ dumps(slapparameter_dict['kumofs-url']) }}
memcached-url = {{ dumps(slapparameter_dict['memcached-url']) }}
cloudooo-url = {{ dumps(slapparameter_dict['cloudooo-url']) }}
smtp-url = {{ dumps(slapparameter_dict['smtp-url']) }}
bt5 = {{ dumps(slapparameter_dict['bt5']) }}
bt5-repository-url = {{ dumps(slapparameter_dict['bt5-repository-url']) }}
[buildout]
eggs-directory = {{ eggs_directory }}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment