Commit 331eef99 authored by Thomas Gambier's avatar Thomas Gambier 🚴🏼

Update Release Candidate

parents 8dd77ebd 870a7e04
...@@ -71,6 +71,12 @@ patches = ...@@ -71,6 +71,12 @@ patches =
<= gcc-common <= gcc-common
version = 8.2.0 version = 8.2.0
md5sum = 4ab282f414676496483b3e1793d07862 md5sum = 4ab282f414676496483b3e1793d07862
patch-binary = ${patch:location}/bin/patch
patch-options = -p1
# glibc-2.31-libsanitizer comes from https://github.com/spack/spack/pull/15403
patches =
${:_profile_base_location_}/glibc-2.31-libsanitizer-1.patch
${:_profile_base_location_}/glibc-2.31-libsanitizer-2.patch
[gcc-minimal] [gcc-minimal]
<= gcc-5.5 <= gcc-5.5
......
From ce9568e9e9cf6094be30e748821421e703754ffc Mon Sep 17 00:00:00 2001
From: Jakub Jelinek <jakub@redhat.com>
Date: Fri, 8 Nov 2019 19:53:18 +0100
Subject: [PATCH] backport: re PR sanitizer/92154 (new glibc breaks arm
bootstrap due to libsanitizer)
Backported from mainline
2019-10-22 Tamar Christina <tamar.christina@arm.com>
PR sanitizer/92154
* sanitizer_common/sanitizer_platform_limits_posix.cc:
Cherry-pick compiler-rt revision r375220.
From-SVN: r277981
---
libsanitizer/ChangeLog | 9 +++++++++
.../sanitizer_common/sanitizer_platform_limits_posix.cc | 6 +++++-
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc b/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
index 6cd4a5bac8b0..06a605ff4670 100644
--- a/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
+++ b/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
@@ -1156,8 +1156,12 @@ CHECK_SIZE_AND_OFFSET(ipc_perm, uid);
CHECK_SIZE_AND_OFFSET(ipc_perm, gid);
CHECK_SIZE_AND_OFFSET(ipc_perm, cuid);
CHECK_SIZE_AND_OFFSET(ipc_perm, cgid);
-#if !defined(__aarch64__) || !SANITIZER_LINUX || __GLIBC_PREREQ (2, 21)
+#if (!defined(__aarch64__) || !SANITIZER_LINUX || __GLIBC_PREREQ (2, 21)) && \
+ !defined(__arm__)
/* On aarch64 glibc 2.20 and earlier provided incorrect mode field. */
+/* On Arm glibc 2.31 and later provide a different mode field, this field is
+ never used by libsanitizer so we can simply ignore this assert for all glibc
+ versions. */
CHECK_SIZE_AND_OFFSET(ipc_perm, mode);
#endif
From 75003cdd23c310ec385344e8040d490e8dd6d2be Mon Sep 17 00:00:00 2001
From: Jakub Jelinek <jakub@redhat.com>
Date: Fri, 20 Dec 2019 17:58:35 +0100
Subject: [PATCH] backport: re PR sanitizer/92154 (new glibc breaks arm
bootstrap due to libsanitizer)
Backported from mainline
2019-11-26 Jakub Jelinek <jakub@redhat.com>
PR sanitizer/92154
* sanitizer_common/sanitizer_platform_limits_posix.h: Cherry-pick
llvm-project revision 947f9692440836dcb8d88b74b69dd379d85974ce.
* sanitizer_common/sanitizer_platform_limits_posix.cc: Likewise.
From-SVN: r279653
---
libsanitizer/ChangeLog | 10 ++++++++++
.../sanitizer_platform_limits_posix.cc | 9 +++------
.../sanitizer_platform_limits_posix.h | 15 +--------------
3 files changed, 14 insertions(+), 20 deletions(-)
diff --git a/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc b/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
index 06a605ff4670..d823a12190c0 100644
--- a/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
+++ b/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
@@ -1156,12 +1156,9 @@ CHECK_SIZE_AND_OFFSET(ipc_perm, uid);
CHECK_SIZE_AND_OFFSET(ipc_perm, gid);
CHECK_SIZE_AND_OFFSET(ipc_perm, cuid);
CHECK_SIZE_AND_OFFSET(ipc_perm, cgid);
-#if (!defined(__aarch64__) || !SANITIZER_LINUX || __GLIBC_PREREQ (2, 21)) && \
- !defined(__arm__)
-/* On aarch64 glibc 2.20 and earlier provided incorrect mode field. */
-/* On Arm glibc 2.31 and later provide a different mode field, this field is
- never used by libsanitizer so we can simply ignore this assert for all glibc
- versions. */
+#if !SANITIZER_LINUX || __GLIBC_PREREQ (2, 31)
+/* glibc 2.30 and earlier provided 16-bit mode field instead of 32-bit
+ on many architectures. */
CHECK_SIZE_AND_OFFSET(ipc_perm, mode);
#endif
diff --git a/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.h b/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.h
index 73af92af1e8f..6a673a7c9959 100644
--- a/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.h
+++ b/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.h
@@ -211,26 +211,13 @@ namespace __sanitizer {
u64 __unused1;
u64 __unused2;
#elif defined(__sparc__)
-#if defined(__arch64__)
unsigned mode;
- unsigned short __pad1;
-#else
- unsigned short __pad1;
- unsigned short mode;
unsigned short __pad2;
-#endif
unsigned short __seq;
unsigned long long __unused1;
unsigned long long __unused2;
-#elif defined(__mips__) || defined(__aarch64__) || defined(__s390x__)
- unsigned int mode;
- unsigned short __seq;
- unsigned short __pad1;
- unsigned long __unused1;
- unsigned long __unused2;
#else
- unsigned short mode;
- unsigned short __pad1;
+ unsigned int mode;
unsigned short __seq;
unsigned short __pad2;
#if defined(__x86_64__) && !defined(_LP64)
[buildout] [buildout]
extends =
../patch/buildout.cfg
parts = parts =
gdbm gdbm
[gdbm] [gdbm]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
version = 1.11 version = 1.18
url = ftp://ftp.gnu.org/gnu/gdbm/gdbm-${:version}.tar.gz url = ftp://ftp.gnu.org/gnu/gdbm/gdbm-${:version}.tar.gz
md5sum = 72c832680cf0999caedbe5b265c8c1bd md5sum = e316f8e4a3e7e4f23955be65d54fec48
patch-options = -p1
patches =
${:_profile_base_location_}/extern_parseopt.patch#30baeaaa0c6a6e6be8cf56a875726619
configure-options = configure-options =
--disable-static --disable-static
--enable-libgdbm-compat --enable-libgdbm-compat
environment =
PATH=${patch:location}/bin:%(PATH)s
# install as parts/gdbm/include/gdbm/*.h etc. because some softwares # install as parts/gdbm/include/gdbm/*.h etc. because some softwares
# (eg. python's dbmmodule.c extension) assume the location like this. # (eg. python's dbmmodule.c extension) assume the location like this.
includedir = @@LOCATION@@/include includedir = @@LOCATION@@/include
make-targets = make-targets =
install includedir=${:includedir}/gdbm && rm -f ${:includedir}/*.h && ln -sf gdbm/gdbm.h ${:includedir}/gdbm.h install includedir=${:includedir}/gdbm && rm -f ${:includedir}/*.h && ln -sf gdbm/gdbm.h ${:includedir}/gdbm.h
# it seems that parallel build sometimes fails for gdbm.
make-options =
-j1
--- a/src/parseopt.c
+++ b/src/parseopt.c
@@ -255,8 +255,8 @@
}
char *parseopt_program_name;
-char *parseopt_program_doc;
-char *parseopt_program_args;
+extern char *parseopt_program_doc;
+extern char *parseopt_program_args;
const char *program_bug_address = "<" PACKAGE_BUGREPORT ">";
void (*parseopt_help_hook) (FILE *stream);
...@@ -64,7 +64,7 @@ environment-extra = ...@@ -64,7 +64,7 @@ environment-extra =
url = https://dl.google.com/go/go1.12.9.src.tar.gz url = https://dl.google.com/go/go1.12.9.src.tar.gz
md5sum = 6132109d4050da349eadc9f7b0304ef4 md5sum = 6132109d4050da349eadc9f7b0304ef4
# go1.11 needs go1.4 to bootstrap # go1.12 needs go1.4 to bootstrap
environment-extra = environment-extra =
GOROOT_BOOTSTRAP=${golang14:location} GOROOT_BOOTSTRAP=${golang14:location}
...@@ -77,6 +77,15 @@ md5sum = 4ad8b04f962be93a32f3021e6f35b3b9 ...@@ -77,6 +77,15 @@ md5sum = 4ad8b04f962be93a32f3021e6f35b3b9
environment-extra = environment-extra =
GOROOT_BOOTSTRAP=${golang14:location} GOROOT_BOOTSTRAP=${golang14:location}
[golang1.14]
<= golang-common
url = https://dl.google.com/go/go1.14.3.src.tar.gz
md5sum = 6b1fb42d219e2ea8925002013c76d4c7
# go1.14 needs go1.4 to bootstrap
environment-extra =
GOROOT_BOOTSTRAP=${golang14:location}
# ---- infrastructure to build Go workspaces / projects ---- # ---- infrastructure to build Go workspaces / projects ----
# gowork is a top-level section representing workspace # gowork is a top-level section representing workspace
......
[buildout]
extends =
../patchelf/buildout.cfg
../zlib/buildout.cfg
parts =
java-jdk
[java-jdk]
recipe = plone.recipe.command
command = echo "Error: unsupported platform" && false
stop-on-error = true
location =
[java-jdk:linux and bits64]
recipe = slapos.recipe.cmmi
shared = true
url = https://download.java.net/java/GA/jdk12.0.2/e482c34c86bd4bf8b56c0b35558996b9/10/GPL/openjdk-12.0.2_linux-x64_bin.tar.gz
md5sum = f5da6f4dec81bdd2a096184ec1d69216
configure-command = :
make-binary = :
pre-install =
mkdir -p @@LOCATION@@
cp -r * @@LOCATION@@
post-install =
for file in @@LOCATION@@/bin/* ; do
echo appending rpath to $file
${patchelf:location}/bin/patchelf --set-rpath ${:rpath} $file
done
rpath = ${zlib:location}/lib:@@LOCATION@@/lib
location = @@LOCATION@@
[buildout]
extends =
../autoconf/buildout.cfg
../automake/buildout.cfg
../pkgconfig/buildout.cfg
parts =
patchelf
[patchelf]
recipe = slapos.recipe.cmmi
shared = true
url = https://github.com/NixOS/patchelf/archive/0.11.tar.gz
md5sum = 6cffb77ee7a95bd314d954a6aeb53a02
pre-configure =
autoreconf -vif
environment =
PATH=${pkgconfig:location}/bin:${autoconf:location}/bin:${automake:location}/bin:%(PATH)s
...@@ -10,8 +10,8 @@ extends = ...@@ -10,8 +10,8 @@ extends =
[rsyslogd] [rsyslogd]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
url = https://www.rsyslog.com/files/download/rsyslog/rsyslog-8.2004.0.tar.gz url = https://www.rsyslog.com/files/download/rsyslog/rsyslog-8.2006.0.tar.gz
md5sum = 375a60ab0f461367f84f07a5dbda6de2 md5sum = 33de768941953ceeca9d1a437b47891b
shared = true shared = true
configure-options = configure-options =
--disable-klog --disable-klog
......
...@@ -13,6 +13,10 @@ extensions = ...@@ -13,6 +13,10 @@ extensions =
extends-cache = extends-cache extends-cache = extends-cache
download-cache = download-cache download-cache = download-cache
[gcc]
# force usage of gcc from slapos
max_version = 0
# Uguu, upstream buildout.cfg must be patched as it works the other way # Uguu, upstream buildout.cfg must be patched as it works the other way
# around from a packager point of view at least, thus at the end static # around from a packager point of view at least, thus at the end static
# path, such as Python HOME directory, are wrong... # path, such as Python HOME directory, are wrong...
......
...@@ -43,7 +43,7 @@ def updateMysql(mysql_upgrade_binary, mysql_binary, mysql_script_file): ...@@ -43,7 +43,7 @@ def updateMysql(mysql_upgrade_binary, mysql_binary, mysql_script_file):
break break
print 'SlapOS initialisation script succesfully applied on database.' print 'SlapOS initialisation script succesfully applied on database.'
return return
sleep = max(sleep+1, 30) sleep = min(sleep+1, 30)
print 'Sleeping for %ss and retrying' % sleep print 'Sleeping for %ss and retrying' % sleep
sys.stdout.flush() sys.stdout.flush()
sys.stderr.flush() sys.stderr.flush()
......
Changes
=======
Here are listed the most important changes, which might affect upgrades.
1.0.XXX XXXX-XX-XX
------------------
* manual customisation of profiles has been dropped, as not used, dropped keys are ``apache_custom_http``, ``apache_custom_https``, ``caddy_custom_http``, ``caddy_custom_https`` from slaves and ``-frontend-authorized-slave-string`` from master
* ``re6st-optimal-test`` has been dropped from slave
* QUIC is dropped, as was not used and has been superseded by HTTP/3, dropped key is ``enable-quic`` from master
* haproxy is used as a gateway to backends:
* ``automatic-internal-backend-client-caucase-csr`` switch for master is introduced to control it CSR signing
* ``proxy-try-duration`` and ``proxy-try-interval`` has been dropped, as Caddy is not used anymore to connect to the backend, and instead ``backend-connect-timeout`` and ``backend-connect-retries`` is used, as it comes from Haproxy
* ``backend-client-caucase-url`` is returned in master and slave, so that backends can use caucase to fetch CA from frontend cluster
* ``request-timeout`` is supported per slave, as now it became possible
* ``authenticate-to-backend`` is added for master and slave, defaulting to False, to have control over cluster default authentication, and make it possible to do it per slave
1.0.149 (2020-05-05)
--------------------
* no changes noted
...@@ -4,7 +4,7 @@ Caddy Frontend ...@@ -4,7 +4,7 @@ Caddy Frontend
Frontend system using Caddy, based on apache-frontend software release, allowing to rewrite and proxy URLs like myinstance.myfrontenddomainname.com to real IP/URL of myinstance. Frontend system using Caddy, based on apache-frontend software release, allowing to rewrite and proxy URLs like myinstance.myfrontenddomainname.com to real IP/URL of myinstance.
Caddy Frontend works using the master instance / slave instance design. It means that a single main instance of Caddy will be used to act as frontend for many slaves. Caddy Frontend works using the master instance / slave instance design. It means that a single main instance of Caddy will be used to act as frontend for many slaves.
Software type Software type
============= =============
...@@ -21,7 +21,7 @@ About frontend replication ...@@ -21,7 +21,7 @@ About frontend replication
Slaves of the root instance are sent as a parameter to requested frontends which will process them. The only difference is that they will then return the would-be published information to the root instance instead of publishing it. The root instance will then do a synthesis and publish the information to its slaves. The replicate instance only use 5 type of parameters for itself and will transmit the rest to requested frontends. Slaves of the root instance are sent as a parameter to requested frontends which will process them. The only difference is that they will then return the would-be published information to the root instance instead of publishing it. The root instance will then do a synthesis and publish the information to its slaves. The replicate instance only use 5 type of parameters for itself and will transmit the rest to requested frontends.
These parameters are : These parameters are:
* ``-frontend-type`` : the type to deploy frontends with. (default to 2) * ``-frontend-type`` : the type to deploy frontends with. (default to 2)
* ``-frontend-quantity`` : The quantity of frontends to request (default to "default") * ``-frontend-quantity`` : The quantity of frontends to request (default to "default")
...@@ -30,7 +30,7 @@ These parameters are : ...@@ -30,7 +30,7 @@ These parameters are :
* ``-frontend-software-release-url``: Software release to be used for frontends, default to the current software release * ``-frontend-software-release-url``: Software release to be used for frontends, default to the current software release
* ``-sla-i-foo`` : where "i" is the number of the concerned frontend (between 1 and "-frontend-quantity") and "foo" a sla parameter. * ``-sla-i-foo`` : where "i" is the number of the concerned frontend (between 1 and "-frontend-quantity") and "foo" a sla parameter.
for example:: For example::
<parameter id="-frontend-quantity">3</parameter> <parameter id="-frontend-quantity">3</parameter>
<parameter id="-frontend-type">custom-personal</parameter> <parameter id="-frontend-type">custom-personal</parameter>
...@@ -170,24 +170,6 @@ This replaces old request parameters: ...@@ -170,24 +170,6 @@ This replaces old request parameters:
(*Note*: They are still supported for backward compatibility, but any value send to the ``key-upload-url`` will supersede information from SlapOS Master.) (*Note*: They are still supported for backward compatibility, but any value send to the ``key-upload-url`` will supersede information from SlapOS Master.)
How to have custom configuration in frontend server - XXX - to be written
=========================================================================
In your instance directory, you, as sysadmin, can directly edit two
configuration files that won't be overwritten by SlapOS to customize your
instance:
* ``$PARTITION_PATH/srv/srv/apache-conf.d/apache_frontend.custom.conf``
* ``$PARTITION_PATH/srv/srv/apache-conf.d/apache_frontend.virtualhost.custom.conf``
The first one is included in the end of the main apache configuration file.
The second one is included in the virtualhost of the main apache configuration file.
SlapOS will just create those two files for you, then completely forget them.
*Note*: make sure that the UNIX user of the instance has read access to those
files if you edit them.
Instance Parameters Instance Parameters
=================== ===================
...@@ -460,6 +442,18 @@ Then specify in the master instance parameters: ...@@ -460,6 +442,18 @@ Then specify in the master instance parameters:
* set ``port`` to ``443`` * set ``port`` to ``443``
* set ``plain_http_port`` to ``80`` * set ``plain_http_port`` to ``80``
Authentication to the backend
=============================
The cluster generates CA served by caucase, available with ``backend-client-caucase-url`` return parameter.
Then, each slave configured with ``authenticate-to-backend`` to true, will use a certificate signed by this CA while accessing https backend.
This allows backends to:
* restrict access only from some frontend clusters
* trust values (like ``X-Forwarded-For``) sent by the frontend
Technical notes Technical notes
=============== ===============
...@@ -472,11 +466,22 @@ Instantiating caddy-frontend results with a cluster in various partitions: ...@@ -472,11 +466,22 @@ Instantiating caddy-frontend results with a cluster in various partitions:
* kedifa (contains kedifa server) * kedifa (contains kedifa server)
* caddy-frontend-N which contains the running processes to serve sites - this partition can be replicated by ``-frontend-quantity`` parameter * caddy-frontend-N which contains the running processes to serve sites - this partition can be replicated by ``-frontend-quantity`` parameter
So it means sites are served in `caddy-frontend-N` partition, and this partition is structured as: It means sites are served in ``caddy-frontend-N`` partition, and this partition is structured as:
* Caddy serving the browser [client-facing-caddy]
* (optional) Apache Traffic Server for caching [ats]
* Haproxy as a way to communicate to the backend [backend-facing-haproxy]
* some other additional tools (6tunnel, monitor, etc)
In case of slaves without cache (``enable_cache = False``) the request will travel as follows::
client-facing-caddy --> backend-facing-haproxy --> backend
In case of slaves using cache (``enable_cache = True``) the request will travel as follows::
* Caddy serving the browser client-facing-caddy --> ats --> backend-facing-haproxy --> backend
* (optional) Apache Traffic Server for caching
* Caddy connected to the backend Usage of Haproxy as a relay to the backend allows much better control of the backend, removes the hassle of checking the backend from Caddy and allows future developments like client SSL certificates to the backend or even health checks.
Kedifa implementation Kedifa implementation
--------------------- ---------------------
...@@ -493,3 +498,32 @@ Support for X-Real-Ip and X-Forwarded-For ...@@ -493,3 +498,32 @@ Support for X-Real-Ip and X-Forwarded-For
----------------------------------------- -----------------------------------------
X-Forwarded-For and X-Real-Ip are transmitted to the backend, but only for IPv4 access to the frontend. In case of IPv6 access, the provided IP will be wrong, because of using 6tunnel. X-Forwarded-For and X-Real-Ip are transmitted to the backend, but only for IPv4 access to the frontend. In case of IPv6 access, the provided IP will be wrong, because of using 6tunnel.
Automatic Internal Caucase CSR
------------------------------
Cluster is composed on many instances, which are landing on separate partitions, so some way is needed to bootstrap trust between the partitions.
There are two ways to achieve it:
* use default, Automatic Internal Caucase CSR used to replace human to sign CSRs against internal CAUCASEs automatic bootstrap, which leads to some issues, described later
* switch to manual bootstrap, which requires human to create and manage user certificate (with caucase-updater) and then sign new frontend nodes appearing in the system
The issues during automatic bootstrap are:
* rouge or hacked SlapOS Master can result with adding rouge frontend nodes to the cluster, which will be trusted, so it will be possible to fetch all certificates and keys from Kedifa or to login to backends
* when new node is added there is short window, when rouge person is able to trick automatic signing, and have it's own node added
In both cases promises will fail on node which is not able to get signed, but in case of Kedifa the damage already happened (certificates and keys are compromised). So in case if cluster administrator wants to stay on the safe side, both automatic bootstraps shall be turned off.
How the automatic signing works
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Having in mind such structure:
* instance with caucase: ``caucase-instance``
* N instances which want to get their CSR signed: ``csr-instance``
In ``caucase-instance`` CAUCASE user is created by automatically signing one user certificate, which allows to sign service certificates.
The ``csr-instance`` creates CSR, extracts the ID of the CSR, exposes it via HTTP and ask caucase on ``caucase-instance`` to sign it. The ``caucase-instance`` checks that exposed CSR id matches the one send to caucase and by using created user to signs it.
...@@ -14,7 +14,7 @@ ...@@ -14,7 +14,7 @@
# not need these here). # not need these here).
[template] [template]
filename = instance.cfg.in filename = instance.cfg.in
md5sum = 20f7a925e686949092823595c79a0523 md5sum = 99f2f6d8818da4a98ca48412453c4f90
[template-common] [template-common]
filename = instance-common.cfg.in filename = instance-common.cfg.in
...@@ -22,15 +22,15 @@ md5sum = c801b7f9f11f0965677c22e6bbe9281b ...@@ -22,15 +22,15 @@ md5sum = c801b7f9f11f0965677c22e6bbe9281b
[template-apache-frontend] [template-apache-frontend]
filename = instance-apache-frontend.cfg.in filename = instance-apache-frontend.cfg.in
md5sum = 1eae89931b305d9b9e34769946203c1c md5sum = 23237969bbd9e974ac674b2052e8d67c
[template-caddy-replicate] [template-caddy-replicate]
filename = instance-apache-replicate.cfg.in filename = instance-apache-replicate.cfg.in
md5sum = 6d7113ebf0c46b0e4c72c128ebb647db md5sum = 19debfbc27c464f451b1eb5bb5ce3c84
[template-slave-list] [template-slave-list]
_update_hash_filename_ = templates/apache-custom-slave-list.cfg.in _update_hash_filename_ = templates/apache-custom-slave-list.cfg.in
md5sum = 9a5919a00a166fb8e902a72707ebc407 md5sum = e142dad44db1a25d46a31661aa2f075f
[template-replicate-publish-slave-information] [template-replicate-publish-slave-information]
_update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in _update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in
...@@ -38,7 +38,7 @@ md5sum = 7e3ee70c447f8203273d78f66ab519c3 ...@@ -38,7 +38,7 @@ md5sum = 7e3ee70c447f8203273d78f66ab519c3
[template-caddy-frontend-configuration] [template-caddy-frontend-configuration]
_update_hash_filename_ = templates/Caddyfile.in _update_hash_filename_ = templates/Caddyfile.in
md5sum = f0faf6d2e6c187df7e25bf717676f9df md5sum = 2503056e35463e045db3329bb8b6fae8
[caddy-backend-url-validator] [caddy-backend-url-validator]
filename = templates/caddy-backend-url-validator.in filename = templates/caddy-backend-url-validator.in
...@@ -50,11 +50,11 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b ...@@ -50,11 +50,11 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b
[template-default-slave-virtualhost] [template-default-slave-virtualhost]
_update_hash_filename_ = templates/default-virtualhost.conf.in _update_hash_filename_ = templates/default-virtualhost.conf.in
md5sum = 8137d3da8658d7b2d8c99c9a283a4e5e md5sum = 266f175dbdfc588af7a86b0b1884fe73
[template-cached-slave-virtualhost] [template-backend-haproxy-configuration]
_update_hash_filename_ = templates/cached-virtualhost.conf.in _update_hash_filename_ = templates/backend-haproxy.cfg.in
md5sum = e839ca3cb308f7fcdfa06c2f1b95e93f md5sum = 68a7758ca8f8b544ba9bc756824be3d3
[template-log-access] [template-log-access]
_update_hash_filename_ = templates/template-log-access.conf.in _update_hash_filename_ = templates/template-log-access.conf.in
...@@ -94,7 +94,7 @@ md5sum = 061cc244558fd3af2b6bacf17cae5555 ...@@ -94,7 +94,7 @@ md5sum = 061cc244558fd3af2b6bacf17cae5555
[template-validate-script] [template-validate-script]
_update_hash_filename_ = templates/validate-script.sh.in _update_hash_filename_ = templates/validate-script.sh.in
md5sum = f26e11574f266c7437c9c89e3c93825a md5sum = 53e5d7ba2827bff003051f74f24ffe4f
[template-configuration-state-script] [template-configuration-state-script]
_update_hash_filename_ = templates/configuration-state-script.sh.in _update_hash_filename_ = templates/configuration-state-script.sh.in
...@@ -115,3 +115,7 @@ md5sum = 38792c2dceae38ab411592ec36fff6a8 ...@@ -115,3 +115,7 @@ md5sum = 38792c2dceae38ab411592ec36fff6a8
[template-kedifa] [template-kedifa]
filename = instance-kedifa.cfg.in filename = instance-kedifa.cfg.in
md5sum = 9d6111a5d6bc07e708116ca331925241 md5sum = 9d6111a5d6bc07e708116ca331925241
[template-rsyslogd-conf]
_update_hash_filename_ = templates/rsyslogd.conf.in
md5sum = 6f0fd930ffb3230b7e8c781f88693d69
...@@ -10,6 +10,8 @@ extends = ...@@ -10,6 +10,8 @@ extends =
../../component/trafficserver/buildout.cfg ../../component/trafficserver/buildout.cfg
../../component/6tunnel/buildout.cfg ../../component/6tunnel/buildout.cfg
../../component/xz-utils/buildout.cfg ../../component/xz-utils/buildout.cfg
../../component/rsyslogd/buildout.cfg
../../component/haproxy/buildout.cfg
../../stack/caucase/buildout.cfg ../../stack/caucase/buildout.cfg
# Monitoring stack (keep on bottom) # Monitoring stack (keep on bottom)
...@@ -94,6 +96,8 @@ bin_directory = ${buildout:bin-directory} ...@@ -94,6 +96,8 @@ bin_directory = ${buildout:bin-directory}
sixtunnel = ${6tunnel:location} sixtunnel = ${6tunnel:location}
caddy = ${caddy:output} caddy = ${caddy:output}
caddy_location = ${caddy:location} caddy_location = ${caddy:location}
haproxy_executable = ${haproxy:location}/sbin/haproxy
rsyslogd_executable = ${rsyslogd:location}/sbin/rsyslogd
curl = ${curl:location} curl = ${curl:location}
dash = ${dash:location} dash = ${dash:location}
gzip = ${gzip:location} gzip = ${gzip:location}
...@@ -108,7 +112,8 @@ kedifa-csr = ${:bin_directory}/kedifa-csr ...@@ -108,7 +112,8 @@ kedifa-csr = ${:bin_directory}/kedifa-csr
xz_location = ${xz-utils:location} xz_location = ${xz-utils:location}
monitor_template = ${monitor-template:output} monitor_template = ${monitor-template:output}
template_cached_slave_virtualhost = ${template-cached-slave-virtualhost:target} template_backend_haproxy_configuration = ${template-backend-haproxy-configuration:target}
template_rsyslogd_conf = ${template-rsyslogd-conf:target}
template_caddy_frontend_configuration = ${template-caddy-frontend-configuration:target} template_caddy_frontend_configuration = ${template-caddy-frontend-configuration:target}
template_graceful_script = ${template-graceful-script:target} template_graceful_script = ${template-graceful-script:target}
template_validate_script = ${template-validate-script:target} template_validate_script = ${template-validate-script:target}
...@@ -184,7 +189,7 @@ mode = 640 ...@@ -184,7 +189,7 @@ mode = 640
[template-default-slave-virtualhost] [template-default-slave-virtualhost]
<=download-template <=download-template
[template-cached-slave-virtualhost] [template-backend-haproxy-configuration]
<=download-template <=download-template
[template-log-access] [template-log-access]
...@@ -222,3 +227,6 @@ mode = 0644 ...@@ -222,3 +227,6 @@ mode = 0644
[template-configuration-state-script] [template-configuration-state-script]
<=download-template <=download-template
[template-rsyslogd-conf]
<=download-template
...@@ -14,6 +14,8 @@ parts = ...@@ -14,6 +14,8 @@ parts =
switch-caddy-softwaretype switch-caddy-softwaretype
caucase-updater caucase-updater
caucase-updater-promise caucase-updater-promise
backend-client-caucase-updater
backend-client-caucase-updater-promise
frontend-caddy-graceful frontend-caddy-graceful
port-redirection port-redirection
promise-frontend-caddy-configuration promise-frontend-caddy-configuration
...@@ -21,8 +23,6 @@ parts = ...@@ -21,8 +23,6 @@ parts =
promise-caddy-frontend-v4-http promise-caddy-frontend-v4-http
promise-caddy-frontend-v6-https promise-caddy-frontend-v6-https
promise-caddy-frontend-v6-http promise-caddy-frontend-v6-http
promise-caddy-frontend-cached
promise-caddy-frontend-ssl-cached
trafficserver-launcher trafficserver-launcher
trafficserver-reload trafficserver-reload
...@@ -43,6 +43,13 @@ parts = ...@@ -43,6 +43,13 @@ parts =
monitor-caddy-server-status-wrapper monitor-caddy-server-status-wrapper
monitor-verify-re6st-connectivity monitor-verify-re6st-connectivity
backend-haproxy
backend-haproxy-graceful
promise-backend-haproxy-http
promise-backend-haproxy-https
promise-backend-haproxy-configuration
logrotate-entry-backend-haproxy
# Create all needed directories # Create all needed directories
[directory] [directory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
...@@ -57,10 +64,12 @@ template = ${buildout:directory}/template/ ...@@ -57,10 +64,12 @@ template = ${buildout:directory}/template/
backup = ${:srv}/backup backup = ${:srv}/backup
log = ${:var}/log log = ${:var}/log
run = ${:var}/run run = ${:var}/run
backend-haproxy-rsyslogd-spool = ${:run}/backend-haproxy-rsyslogd-spool
service = ${:etc}/service service = ${:etc}/service
etc-run = ${:etc}/run etc-run = ${:etc}/run
ca-dir = ${:srv}/ssl ca-dir = ${:srv}/ssl
backend-client-dir = ${:srv}/backend-client
# BBB: SlapOS Master non-zero knowledge BEGIN # BBB: SlapOS Master non-zero knowledge BEGIN
bbb-ssl-dir = ${:srv}/bbb-ssl bbb-ssl-dir = ${:srv}/bbb-ssl
# BBB: SlapOS Master non-zero knowledge END # BBB: SlapOS Master non-zero knowledge END
...@@ -147,7 +156,8 @@ context = ...@@ -147,7 +156,8 @@ context =
[software-release-path] [software-release-path]
template-empty = {{ parameter_dict['template_empty'] }} template-empty = {{ parameter_dict['template_empty'] }}
template-default-slave-virtualhost = {{ parameter_dict['template_default_slave_virtualhost'] }} template-default-slave-virtualhost = {{ parameter_dict['template_default_slave_virtualhost'] }}
template-cached-slave-virtualhost = {{ parameter_dict['template_cached_slave_virtualhost'] }} template-backend-haproxy-configuration = {{ parameter_dict['template_backend_haproxy_configuration'] }}
template-rsyslogd-conf = {{ parameter_dict['template_rsyslogd_conf'] }}
caddy-location = {{ parameter_dict['caddy_location'] }} caddy-location = {{ parameter_dict['caddy_location'] }}
[kedifa-login-config] [kedifa-login-config]
...@@ -203,6 +213,47 @@ kedifa-updater-mapping-file = ${directory:etc}/kedifa_updater_mapping.txt ...@@ -203,6 +213,47 @@ kedifa-updater-mapping-file = ${directory:etc}/kedifa_updater_mapping.txt
kedifa-updater-state-file = ${directory:srv}/kedifa_updater_state.json kedifa-updater-state-file = ${directory:srv}/kedifa_updater_state.json
slave_kedifa_information = {{ dumps(slapparameter_dict['slave-kedifa-information']) }} slave_kedifa_information = {{ dumps(slapparameter_dict['slave-kedifa-information']) }}
[backend-client-login-config]
d = ${directory:backend-client-dir}
template-csr = ${:d}/csr.pem
key = ${:d}/certificate.pem
certificate = ${:key}
ca-certificate = ${:d}/ca.pem
cas-ca-certificate = ${:d}/cas-ca.pem
crl = ${:d}/crl.pem
[backend-client-login-csr]
recipe = plone.recipe.command
organization = {{ slapparameter_dict['cluster-identification'] }}
organizational_unit = {{ instance_parameter['configuration.frontend-name'] }}
command =
{% if slapparameter_dict['backend-client-caucase-url'] %}
if [ ! -f ${:template-csr} ] && [ ! -f ${:key} ] ; then
{{ parameter_dict['openssl'] }} req -new -sha256 \
-newkey rsa:2048 -nodes -keyout ${:key} \
-subj "/O=${:organization}/OU=${:organizational_unit}" \
-out ${:template-csr}
fi
{% endif %}
test -f ${:key} && test -f ${:template-csr}
update-command = ${:command}
template-csr = ${backend-client-login-config:template-csr}
key = ${backend-client-login-config:key}
stop-on-error = True
{{ caucase.updater(
prefix='backend-client-caucase-updater',
buildout_bin_directory=parameter_dict['bin_directory'],
updater_path='${directory:service}/backend-client-login-certificate-caucase-updater',
url=slapparameter_dict['backend-client-caucase-url'],
data_dir='${directory:srv}/backend-client-caucase-updater',
crt_path='${backend-client-login-config:certificate}',
ca_path='${backend-client-login-config:ca-certificate}',
crl_path='${backend-client-login-config:crl}',
key_path='${backend-client-login-csr:key}',
template_csr='${backend-client-login-csr:template-csr}'
)}}
[dynamic-custom-personal-template-slave-list] [dynamic-custom-personal-template-slave-list]
< = jinja2-template-base < = jinja2-template-base
template = {{ parameter_dict['template_slave_list'] }} template = {{ parameter_dict['template_slave_list'] }}
...@@ -218,10 +269,11 @@ caddy_executable = {{ parameter_dict['caddy'] }} ...@@ -218,10 +269,11 @@ caddy_executable = {{ parameter_dict['caddy'] }}
sixtunnel_executable = {{ parameter_dict['sixtunnel'] }}/bin/6tunnel sixtunnel_executable = {{ parameter_dict['sixtunnel'] }}/bin/6tunnel
organization = {{ slapparameter_dict['cluster-identification'] }} organization = {{ slapparameter_dict['cluster-identification'] }}
organizational-unit = {{ instance_parameter['configuration.frontend-name'] }} organizational-unit = {{ instance_parameter['configuration.frontend-name'] }}
backend-client-caucase-url = {{ slapparameter_dict['backend-client-caucase-url'] }}
extra-context = extra-context =
key caddy_configuration_directory caddy-directory:slave-configuration key caddy_configuration_directory caddy-directory:slave-configuration
key caddy_cached_configuration_directory caddy-directory:slave-with-cache-configuration key backend_client_caucase_url :backend-client-caucase-url
key slave_with_cache_configuration_directory caddy-directory:slave-with-cache-configuration import urlparse_module urlparse
key caddy_executable :caddy_executable key caddy_executable :caddy_executable
key http_port configuration:plain_http_port key http_port configuration:plain_http_port
key https_port configuration:port key https_port configuration:port
...@@ -232,7 +284,6 @@ extra-context = ...@@ -232,7 +284,6 @@ extra-context =
key autocert caddy-directory:autocert key autocert caddy-directory:autocert
key master_certificate caddy-configuration:master-certificate key master_certificate caddy-configuration:master-certificate
key caddy_log_directory caddy-directory:slave-log key caddy_log_directory caddy-directory:slave-log
key caddy_log_cache_direct_directory caddy-directory:slave-log-cache-direct
key expose_csr_id_organization :organization key expose_csr_id_organization :organization
key expose_csr_id_organizational_unit :organizational-unit key expose_csr_id_organizational_unit :organizational-unit
key local_ipv4 :local_ipv4 key local_ipv4 :local_ipv4
...@@ -240,7 +291,6 @@ extra-context = ...@@ -240,7 +291,6 @@ extra-context =
key global_ipv6 slap-network-information:global-ipv6 key global_ipv6 slap-network-information:global-ipv6
key empty_template software-release-path:template-empty key empty_template software-release-path:template-empty
key template_default_slave_configuration software-release-path:template-default-slave-virtualhost key template_default_slave_configuration software-release-path:template-default-slave-virtualhost
key template_cached_slave_configuration software-release-path:template-cached-slave-virtualhost
key software_type :software_type key software_type :software_type
key frontend_lazy_graceful_reload frontend-caddy-lazy-graceful:rendered key frontend_lazy_graceful_reload frontend-caddy-lazy-graceful:rendered
key frontend_graceful_reload caddy-configuration:frontend-graceful-command key frontend_graceful_reload caddy-configuration:frontend-graceful-command
...@@ -251,9 +301,6 @@ extra-context = ...@@ -251,9 +301,6 @@ extra-context =
key enable_http2_by_default configuration:enable-http2-by-default key enable_http2_by_default configuration:enable-http2-by-default
key global_disable_http2 configuration:global-disable-http2 key global_disable_http2 configuration:global-disable-http2
key ciphers configuration:ciphers key ciphers configuration:ciphers
key request_timeout configuration:request-timeout
key proxy_try_duration configuration:proxy-try-duration
key proxy_try_interval configuration:proxy-try-interval
key access_log caddy-configuration:access-log key access_log caddy-configuration:access-log
key error_log caddy-configuration:error-log key error_log caddy-configuration:error-log
key sixtunnel_executable :sixtunnel_executable key sixtunnel_executable :sixtunnel_executable
...@@ -263,6 +310,11 @@ extra-context = ...@@ -263,6 +310,11 @@ extra-context =
# BBB: SlapOS Master non-zero knowledge BEGIN # BBB: SlapOS Master non-zero knowledge BEGIN
key apache_certificate apache-certificate:rendered key apache_certificate apache-certificate:rendered
# BBB: SlapOS Master non-zero knowledge END # BBB: SlapOS Master non-zero knowledge END
## backend haproxy
key template_backend_haproxy_configuration software-release-path:template-backend-haproxy-configuration
section backend_haproxy_configuration backend-haproxy-configuration
## full configuration
section configuration configuration
# Deploy Caddy Frontend with Jinja power # Deploy Caddy Frontend with Jinja power
[dynamic-caddy-frontend-template] [dynamic-caddy-frontend-template]
...@@ -277,9 +329,6 @@ extra-context = ...@@ -277,9 +329,6 @@ extra-context =
key master_certificate caddy-configuration:master-certificate key master_certificate caddy-configuration:master-certificate
key access_log caddy-configuration:access-log key access_log caddy-configuration:access-log
key slave_configuration_directory caddy-directory:slave-configuration key slave_configuration_directory caddy-directory:slave-configuration
key cached_port caddy-configuration:cache-through-port
key ssl_cached_port caddy-configuration:ssl-cache-through-port
key slave_with_cache_configuration_directory caddy-directory:slave-with-cache-configuration
section frontend_configuration frontend-configuration section frontend_configuration frontend-configuration
key http_port configuration:plain_http_port key http_port configuration:plain_http_port
key https_port configuration:port key https_port configuration:port
...@@ -332,11 +381,9 @@ command = ln -sf {{ parameter_dict['template_not_found_html'] }} ${caddy-direct ...@@ -332,11 +381,9 @@ command = ln -sf {{ parameter_dict['template_not_found_html'] }} ${caddy-direct
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
document-root = ${directory:srv}/htdocs document-root = ${directory:srv}/htdocs
slave-configuration = ${directory:etc}/caddy-slave-conf.d/ slave-configuration = ${directory:etc}/caddy-slave-conf.d/
slave-with-cache-configuration = ${directory:etc}/caddy-slave-with-cache-conf.d/
cache = ${directory:var}/cache cache = ${directory:var}/cache
mod-ssl = ${:cache}/httpd_mod_ssl mod-ssl = ${:cache}/httpd_mod_ssl
slave-log = ${directory:log}/httpd slave-log = ${directory:log}/httpd
slave-log-cache-direct = ${directory:log}/httpd-cache-direct
autocert = ${directory:srv}/autocert autocert = ${directory:srv}/autocert
master-autocert-dir = ${:autocert}/master-autocert master-autocert-dir = ${:autocert}/master-autocert
custom-ssl-directory = ${:slave-configuration}/ssl custom-ssl-directory = ${:slave-configuration}/ssl
...@@ -351,8 +398,6 @@ not-found-file = ${caddy-directory:document-root}/${not-found-html:filename} ...@@ -351,8 +398,6 @@ not-found-file = ${caddy-directory:document-root}/${not-found-html:filename}
master-certificate = ${caddy-directory:master-autocert-dir}/master.pem master-certificate = ${caddy-directory:master-autocert-dir}/master.pem
# Communication with ATS # Communication with ATS
cache-port = ${trafficserver-variable:input-port} cache-port = ${trafficserver-variable:input-port}
cache-through-port = 26011
ssl-cache-through-port = 26012
# BBB: SlapOS Master non-zero knowledge BEGIN # BBB: SlapOS Master non-zero knowledge BEGIN
[get-self-signed-fallback-access] [get-self-signed-fallback-access]
...@@ -404,9 +449,6 @@ reload-path = ${directory:etc-run}/trafficserver-reload ...@@ -404,9 +449,6 @@ reload-path = ${directory:etc-run}/trafficserver-reload
local-ip = {{ instance_parameter['ipv4-random'] }} local-ip = {{ instance_parameter['ipv4-random'] }}
input-port = 23432 input-port = 23432
hostname = ${configuration:frontend-name} hostname = ${configuration:frontend-name}
remap = map /HTTPS/ http://{{ instance_parameter['ipv4-random'] }}:${caddy-configuration:ssl-cache-through-port}
map / http://{{ instance_parameter['ipv4-random'] }}:${caddy-configuration:cache-through-port}
plugin-config = plugin-config =
ip-allow-config = src_ip=0.0.0.0-255.255.255.255 action=ip_allow ip-allow-config = src_ip=0.0.0.0-255.255.255.255 action=ip_allow
cache-path = ${trafficserver-directory:cache-path} cache-path = ${trafficserver-directory:cache-path}
...@@ -464,11 +506,18 @@ template = {{ parameter_dict['template_trafficserver_logging_config'] }} ...@@ -464,11 +506,18 @@ template = {{ parameter_dict['template_trafficserver_logging_config'] }}
filename = logging.config filename = logging.config
[trafficserver-remap-config] [trafficserver-remap-config]
< = trafficserver-jinja2-template-base <= trafficserver-jinja2-template-base
template = {{ parameter_dict['template_empty'] }} {%- raw %}
template = inline:
map /HTTPS/ http://{{ ipv4 }}:{{ https_port }}
map / http://{{ ipv4 }}:{{ http_port }}
{%- endraw %}
extra-context =
raw ipv4 {{ instance_parameter['ipv4-random'] }}
key https_port backend-haproxy-configuration:https-port
key http_port backend-haproxy-configuration:http-port
filename = remap.config filename = remap.config
context =
key content trafficserver-variable:remap
[trafficserver-plugin-config] [trafficserver-plugin-config]
< = trafficserver-jinja2-template-base < = trafficserver-jinja2-template-base
...@@ -536,7 +585,7 @@ template = {{ parameter_dict['template_configuration_state_script'] }} ...@@ -536,7 +585,7 @@ template = {{ parameter_dict['template_configuration_state_script'] }}
rendered = ${directory:bin}/${:_buildout_section_name_} rendered = ${directory:bin}/${:_buildout_section_name_}
mode = 0700 mode = 0700
path_list = ${caddy-configuration:frontend-configuration} ${frontend-configuration:log-access-configuration} ${caddy-directory:slave-configuration}/*.conf ${caddy-directory:slave-with-cache-configuration}/*.conf ${caddy-directory:master-autocert-dir}/*.key ${caddy-directory:master-autocert-dir}/*.crt ${caddy-directory:master-autocert-dir}/*.pem ${caddy-directory:autocert}/*.pem ${caddy-directory:custom-ssl-directory}/*.proxy_ca_crt ${directory:bbb-ssl-dir}/*.crt path_list = ${caddy-configuration:frontend-configuration} ${frontend-configuration:log-access-configuration} ${caddy-directory:slave-configuration}/*.conf ${caddy-directory:master-autocert-dir}/*.key ${caddy-directory:master-autocert-dir}/*.crt ${caddy-directory:master-autocert-dir}/*.pem ${caddy-directory:autocert}/*.pem ${caddy-directory:custom-ssl-directory}/*.proxy_ca_crt ${directory:bbb-ssl-dir}/*.crt
sha256sum = {{ parameter_dict['sha256sum'] }} sha256sum = {{ parameter_dict['sha256sum'] }}
extra-context = extra-context =
...@@ -568,9 +617,10 @@ template = {{ parameter_dict['template_validate_script'] }} ...@@ -568,9 +617,10 @@ template = {{ parameter_dict['template_validate_script'] }}
rendered = ${directory:bin}/frontend-caddy-validate rendered = ${directory:bin}/frontend-caddy-validate
mode = 0700 mode = 0700
last_state_file = ${directory:run}/caddy_configuration_last_state last_state_file = ${directory:run}/caddy_configuration_last_state
validate_command = ${caddy-wrapper:rendered} -validate
extra-context = extra-context =
key wrapper caddy-wrapper:rendered key validate_command :validate_command
key caddy_configuration_state frontend-caddy-configuration-state-validate:rendered key configuration_state_command frontend-caddy-configuration-state-validate:rendered
key last_state_file :last_state_file key last_state_file :last_state_file
[frontend-caddy-lazy-graceful] [frontend-caddy-lazy-graceful]
...@@ -631,19 +681,142 @@ name = caddy_frontend_ipv6_http.py ...@@ -631,19 +681,142 @@ name = caddy_frontend_ipv6_http.py
config-hostname = {{ instance_parameter['ipv6-random'] }} config-hostname = {{ instance_parameter['ipv6-random'] }}
config-port = ${configuration:plain_http_port} config-port = ${configuration:plain_http_port}
[promise-caddy-frontend-cached] [promise-backend-haproxy-http]
<= monitor-promise-base <= monitor-promise-base
module = check_port_listening module = check_port_listening
name = caddy_cached.py name = backend_haproxy_http.py
config-hostname = {{ instance_parameter['ipv4-random'] }} config-hostname = {{ instance_parameter['ipv4-random'] }}
config-port = ${caddy-configuration:cache-through-port} config-port = ${backend-haproxy-configuration:http-port}
[promise-caddy-frontend-ssl-cached] [promise-backend-haproxy-https]
<= monitor-promise-base <= monitor-promise-base
module = check_port_listening module = check_port_listening
name = caddy_ssl_cached.py name = backend_haproxy_https.py
config-hostname = {{ instance_parameter['ipv4-random'] }} config-hostname = {{ instance_parameter['ipv4-random'] }}
config-port = ${caddy-configuration:ssl-cache-through-port} config-port = ${backend-haproxy-configuration:https-port}
[backend-haproxy-configuration]
file = ${directory:etc}/backend-haproxy.cfg
pid-file = ${directory:run}/backend-haproxy.pid
log-socket = ${backend-haproxy-rsyslogd:log-socket}
graceful-command = ${backend-haproxy-validate:rendered} && kill -USR2 $(cat ${:pid-file})
http-port = ${configuration:backend-haproxy-http-port}
https-port = ${configuration:backend-haproxy-https-port}
# Caucase related configuration
caucase-url = {{ slapparameter_dict['backend-client-caucase-url'] }}
ca-certificate = ${backend-client-login-config:ca-certificate}
certificate = ${backend-client-login-config:certificate}
cas-ca-certificate = ${backend-client-login-config:cas-ca-certificate}
csr = ${backend-client-caucase-updater-csr:csr}
crl = ${backend-client-login-config:crl}
[backend-haproxy]
recipe = slapos.cookbook:wrapper
command-line = {{ parameter_dict['haproxy_executable'] }} -f ${backend-haproxy-configuration:file}
wrapper-path = ${directory:service}/backend-haproxy
hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
[logrotate-entry-backend-haproxy]
<= logrotate-entry-base
name = backend-haproxy
log = ${backend-haproxy-rsyslogd-configuration:log-file}
rotate-num = 30
post = kill -HUP $(cat ${backend-haproxy-rsyslogd-configuration:pid-file})
[backend-haproxy-configuration-state]
<= jinja2-template-base
template = {{ parameter_dict['template_configuration_state_script'] }}
rendered = ${directory:bin}/${:_buildout_section_name_}
mode = 0700
path_list = ${backend-haproxy-configuration:file} ${backend-client-login-config:certificate}
sha256sum = {{ parameter_dict['sha256sum'] }}
extra-context =
key path_list :path_list
key sha256sum :sha256sum
key signature_file :signature_file
[backend-haproxy-configuration-state-graceful]
<= backend-haproxy-configuration-state
signature_file = ${directory:run}/backend_haproxy_graceful_configuration_state_signature
[backend-haproxy-configuration-state-validate]
<= backend-haproxy-configuration-state
signature_file = ${directory:run}/backend_haproxy_validate_configuration_state_signature
[backend-haproxy-graceful]
< = jinja2-template-base
template = {{ parameter_dict['template_graceful_script'] }}
rendered = ${directory:etc-run}/backend-haproxy-safe-graceful
mode = 0700
extra-context =
key graceful_reload_command backend-haproxy-configuration:graceful-command
key caddy_configuration_state backend-haproxy-configuration-state-graceful:rendered
[backend-haproxy-validate]
<= jinja2-template-base
template = {{ parameter_dict['template_validate_script'] }}
rendered = ${directory:bin}/backend-haproxy-validate
mode = 0700
last_state_file = ${directory:run}/backend_haproxy_configuration_last_state
validate_command = {{ parameter_dict['haproxy_executable'] }} -f ${backend-haproxy-configuration:file} -c
extra-context =
key validate_command :validate_command
key configuration_state_command backend-haproxy-configuration-state-validate:rendered
key last_state_file :last_state_file
[backend-haproxy-lazy-graceful]
< = jinja2-template-base
template = {{ parameter_dict['template_caddy_lazy_script_call'] }}
rendered = ${directory:bin}/backend-haproxy-lazy-graceful
mode = 0700
pid-file = ${directory:run}/backend-haproxy-lazy-graceful.pid
wait_time = 60
extra-context =
key pid_file :pid-file
key wait_time :wait_time
key lazy_command backend-haproxy-configuration:graceful-command
[promise-backend-haproxy-configuration]
<= monitor-promise-base
module = validate_frontend_configuration
name = backend-haproxy-configuration.py
config-verification-script = ${promise-backend-haproxy-configuration-helper:rendered}
[promise-backend-haproxy-configuration-helper]
< = jinja2-template-base
template = {{ parameter_dict['template_empty'] }}
rendered = ${directory:bin}/backend-haproxy-read-last-configuration-state
mode = 0700
content =
#!/bin/sh
exit `cat ${backend-haproxy-validate:last_state_file}`
context =
key content :content
[backend-haproxy-rsyslogd-configuration]
<= jinja2-template-base
template = {{ parameter_dict['template_rsyslogd_conf'] }}
rendered = ${directory:etc}/backend-haproxy-rsyslogd.conf
# Note: log-socket shall be backend-haproxy-rsyslogd.sock to refer the part name,
# but it results with socket path limit
log-socket = ${directory:run}/bhlog.sck
log-file = ${directory:log}/backend-haproxy.log
pid-file = ${directory:run}/backend-haproxy-rsyslogd.pid
extra-context =
key socket :log-socket
key log_file :log-file
key spool_directory directory:backend-haproxy-rsyslogd-spool
[backend-haproxy-rsyslogd]
recipe = slapos.cookbook:wrapper
command-line = {{ parameter_dict['rsyslogd_executable'] }} -i ${backend-haproxy-rsyslogd-configuration:pid-file} -n -f ${backend-haproxy-rsyslogd-configuration:rendered}
wrapper-path = ${directory:service}/backend-haproxy-rsyslogd
hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
log-socket = ${backend-haproxy-rsyslogd-configuration:log-socket}
log-file = ${backend-haproxy-rsyslogd-configuration:log-file}
####### #######
# Monitoring sections # Monitoring sections
......
{% if slap_software_type in software_type %} {% if slap_software_type in software_type %}
{% set aibcc_enabled = True %}
{% import "caucase" as caucase with context %} {% import "caucase" as caucase with context %}
{#- SERVER_POLLUTED_KEY_LIST is a list of keys which comes from various SlapOS Master implementations, which mix request and publish keys on each slave information -#} {#- SERVER_POLLUTED_KEY_LIST is a list of keys which comes from various SlapOS Master implementations, which mix request and publish keys on each slave information -#}
{%- set SERVER_POLLUTED_KEY_LIST = ['connection-parameter-hash', 'timestamp', 'slave_title', 'slap_software_type'] -%} {%- set SERVER_POLLUTED_KEY_LIST = ['connection-parameter-hash', 'timestamp', 'slave_title', 'slap_software_type'] -%}
{%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] -%} {%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] -%}
{%- set GOOD_CIPHER_LIST = ['ECDHE-ECDSA-AES256-GCM-SHA384', 'ECDHE-RSA-AES256-GCM-SHA384', 'ECDHE-ECDSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-ECDSA-WITH-CHACHA20-POLY1305', 'ECDHE-RSA-WITH-CHACHA20-POLY1305', 'ECDHE-RSA-AES256-CBC-SHA', 'ECDHE-RSA-AES128-CBC-SHA', 'ECDHE-ECDSA-AES256-CBC-SHA', 'ECDHE-ECDSA-AES128-CBC-SHA', 'RSA-AES256-CBC-SHA', 'RSA-AES128-CBC-SHA', 'ECDHE-RSA-3DES-EDE-CBC-SHA', 'RSA-3DES-EDE-CBC-SHA'] %} {%- set GOOD_CIPHER_LIST = ['ECDHE-ECDSA-AES256-GCM-SHA384', 'ECDHE-RSA-AES256-GCM-SHA384', 'ECDHE-ECDSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-ECDSA-WITH-CHACHA20-POLY1305', 'ECDHE-RSA-WITH-CHACHA20-POLY1305', 'ECDHE-RSA-AES256-CBC-SHA', 'ECDHE-RSA-AES128-CBC-SHA', 'ECDHE-ECDSA-AES256-CBC-SHA', 'ECDHE-ECDSA-AES128-CBC-SHA', 'RSA-AES256-CBC-SHA', 'RSA-AES128-CBC-SHA', 'ECDHE-RSA-3DES-EDE-CBC-SHA', 'RSA-3DES-EDE-CBC-SHA'] %}
{% set aikc_enabled = slapparameter_dict.get('automatic-internal-kedifa-caucase-csr', 'true').lower() in TRUE_VALUES %} {% set aikc_enabled = slapparameter_dict.get('automatic-internal-kedifa-caucase-csr', 'true').lower() in TRUE_VALUES %}
{% set aibcc_enabled = slapparameter_dict.get('automatic-internal-backend-client-caucase-csr', 'true').lower() in TRUE_VALUES %}
{# Ports 8401, 8402 and 8410+1..N are reserved for monitor ports on various partitions #} {# Ports 8401, 8402 and 8410+1..N are reserved for monitor ports on various partitions #}
{% set master_partition_monitor_monitor_httpd_port = 8401 %} {% set master_partition_monitor_monitor_httpd_port = 8401 %}
{% set kedifa_partition_monitor_httpd_port = 8402 %} {% set kedifa_partition_monitor_httpd_port = 8402 %}
{% set frontend_monitor_httpd_base_port = 8410 %} {% set frontend_monitor_httpd_base_port = 8410 %}
{% set caucase_host = '[' ~ instance_parameter['ipv6-random'] ~ ']' %}
{% set caucase_netloc = caucase_host ~ ':' ~ instance_parameter['configuration.caucase_backend_client_port'] %}
{% set caucase_url = 'http://' ~ caucase_netloc %}
[jinja2-template-base] [jinja2-template-base]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
rendered = ${buildout:directory}/${:filename} rendered = ${buildout:directory}/${:filename}
...@@ -64,6 +69,7 @@ context = ...@@ -64,6 +69,7 @@ context =
{% endif %} {% endif %}
{% endfor %} {% endfor %}
{% do config_dict.__setitem__('monitor-httpd-port', frontend_monitor_httpd_base_port + i) %} {% do config_dict.__setitem__('monitor-httpd-port', frontend_monitor_httpd_base_port + i) %}
{% do config_dict.__setitem__('backend-client-caucase-url', caucase_url) %}
{% do frontend_list.append(frontend_name) %} {% do frontend_list.append(frontend_name) %}
{% do frontend_section_list.append(request_section_title) %} {% do frontend_section_list.append(request_section_title) %}
{% do part_list.append(request_section_title) %} {% do part_list.append(request_section_title) %}
...@@ -131,16 +137,16 @@ context = ...@@ -131,16 +137,16 @@ context =
{% endfor %} {% endfor %}
{% do slave.__setitem__('server-alias', ' '.join(slave_server_alias_unclashed)) %} {% do slave.__setitem__('server-alias', ' '.join(slave_server_alias_unclashed)) %}
{% endif %} {% endif %}
{% if slave.get('url') %} {% for url_key in ['url', 'https-url'] %}
{% if subprocess_module.call([caddy_backend_url_validator, '' ~ slave['url']]) == 1 %} {% if url_key in slave %}
{% do slave_error_list.append('slave url %r invalid' % (slave['url'],)) %} {% set url = (slave[url_key] or '').strip() %}
{% endif %} {% if subprocess_module.call([caddy_backend_url_validator, url]) == 1 or not validators.url(url) %}
{% endif %} {% do slave_error_list.append('slave %s %r invalid' % (url_key, url)) %}
{% if slave.get('https-url') %} {% elif url != slave[url_key] %}
{% if subprocess_module.call([caddy_backend_url_validator, '' ~ slave['https-url']]) == 1 %} {% do slave_warning_list.append('slave %s %r has been converted to %r' % (url_key, slave[url_key], url)) %}
{% do slave_error_list.append('slave https-url %r invalid' % (slave['https-url'],)) %} {% endif %}
{% endif %} {% endif %}
{% endif %} {% endfor %}
{% if 'ssl_proxy_ca_crt' in slave %} {% if 'ssl_proxy_ca_crt' in slave %}
{% set ssl_proxy_ca_crt = slave.get('ssl_proxy_ca_crt', '') %} {% set ssl_proxy_ca_crt = slave.get('ssl_proxy_ca_crt', '') %}
{% set check_popen = popen([parameter_dict['openssl'], 'x509', '-noout']) %} {% set check_popen = popen([parameter_dict['openssl'], 'x509', '-noout']) %}
...@@ -213,7 +219,7 @@ software-url = {{ slapparameter_dict.pop(frontend_software_url_key) }} ...@@ -213,7 +219,7 @@ software-url = {{ slapparameter_dict.pop(frontend_software_url_key) }}
software-url = ${slap-connection:software-release-url} software-url = ${slap-connection:software-release-url}
{% endif %} {% endif %}
software-type = {{frontend_type}} software-type = {{frontend_type}}
return = private-ipv4 public-ipv4 slave-instance-information-list monitor-base-url csr_id-url csr_id-certificate return = private-ipv4 public-ipv4 slave-instance-information-list monitor-base-url backend-client-csr_id-url csr_id-url csr_id-certificate
{% for section, frontend_request in request_dict.iteritems() %} {% for section, frontend_request in request_dict.iteritems() %}
{% set state = frontend_request.get('state', '') %} {% set state = frontend_request.get('state', '') %}
...@@ -225,6 +231,7 @@ state = {{ state }} ...@@ -225,6 +231,7 @@ state = {{ state }}
{% endif %} {% endif %}
config-slave-kedifa-information = ${request-kedifa:connection-slave-kedifa-information} config-slave-kedifa-information = ${request-kedifa:connection-slave-kedifa-information}
config-kedifa-caucase-url = ${request-kedifa:connection-caucase-url} config-kedifa-caucase-url = ${request-kedifa:connection-caucase-url}
config-backend-client-caucase-url = {{ caucase_url }}
config-master-key-download-url = ${request-kedifa:connection-master-key-download-url} config-master-key-download-url = ${request-kedifa:connection-master-key-download-url}
config-cluster-identification = {{ cluster_identification }} config-cluster-identification = {{ cluster_identification }}
{# Do not send additional parameters for destroyed nodes #} {# Do not send additional parameters for destroyed nodes #}
...@@ -259,6 +266,7 @@ domain = {{ slapparameter_dict.get('domain') }} ...@@ -259,6 +266,7 @@ domain = {{ slapparameter_dict.get('domain') }}
slave-amount = {{ slave_instance_list | length }} slave-amount = {{ slave_instance_list | length }}
accepted-slave-amount = {{ authorized_slave_list | length }} accepted-slave-amount = {{ authorized_slave_list | length }}
rejected-slave-amount = {{ rejected_slave_dict | length }} rejected-slave-amount = {{ rejected_slave_dict | length }}
backend-client-caucase-url = {{ caucase_url }}
{# sort_keys are important in order to avoid shuffling parameters on each run #} {# sort_keys are important in order to avoid shuffling parameters on each run #}
rejected-slave-dict = {{ dumps(json_module.dumps(rejected_slave_title_dict, sort_keys=True)) }} rejected-slave-dict = {{ dumps(json_module.dumps(rejected_slave_title_dict, sort_keys=True)) }}
rejected-slave-promise-url = ${rejected-slave-promise:config-url} rejected-slave-promise-url = ${rejected-slave-promise:config-url}
...@@ -273,13 +281,24 @@ warning-list = {{ dumps(json_module.dumps(warning_list, sort_keys=True)) }} ...@@ -273,13 +281,24 @@ warning-list = {{ dumps(json_module.dumps(warning_list, sort_keys=True)) }}
{# sort_keys are important in order to avoid shuffling parameters on each run #} {# sort_keys are important in order to avoid shuffling parameters on each run #}
warning-slave-dict = {{ dumps(json_module.dumps(warning_slave_dict, sort_keys=True)) }} warning-slave-dict = {{ dumps(json_module.dumps(warning_slave_dict, sort_keys=True)) }}
{% endif %} {% endif %}
{% if not aikc_enabled or not aibcc_enabled %}
{% for frontend in frontend_list %}
{% set section_part = '${request-' + frontend %}
{{ frontend }}-csr_id-certificate = {{ section_part }}:connection-csr_id-certificate}
{% endfor %}
{% endif %}
{% if not aikc_enabled %} {% if not aikc_enabled %}
kedifa-csr_id-url = ${request-kedifa:connection-csr_id-url} kedifa-csr_id-url = ${request-kedifa:connection-csr_id-url}
kedifa-csr_id-certificate = ${request-kedifa:connection-csr_id-certificate} kedifa-csr_id-certificate = ${request-kedifa:connection-csr_id-certificate}
{% for frontend in frontend_list %} {% for frontend in frontend_list %}
{% set section_part = '${request-' + frontend %} {% set section_part = '${request-' + frontend %}
{{ frontend }}-csr_id-url = {{ section_part }}:connection-csr_id-url} {{ frontend }}-csr_id-url = {{ section_part }}:connection-csr_id-url}
{{ frontend }}-csr_id-certificate = {{ section_part }}:connection-csr_id-certificate} {% endfor %}
{% endif %}
{% if not aibcc_enabled %}
{% for frontend in frontend_list %}
{% set section_part = '${request-' + frontend %}
{{ frontend }}-backend-client-csr_id-url = {{ section_part }}:connection-backend-client-csr_id-url}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
...@@ -371,12 +390,17 @@ kedifa = ${request-kedifa:connection-monitor-base-url} ...@@ -371,12 +390,17 @@ kedifa = ${request-kedifa:connection-monitor-base-url}
{{ frontend }} = {{ '${' + frontend + ':connection-monitor-base-url}' }} {{ frontend }} = {{ '${' + frontend + ':connection-monitor-base-url}' }}
{% endfor %} {% endfor %}
{% if aikc_enabled %}
[directory] [directory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
bin = ${buildout:directory}/bin/ bin = ${buildout:directory}/bin/
srv = ${buildout:directory}/srv/ srv = ${buildout:directory}/srv/
backup = ${:srv}/backup
# CAUCASE directories
caucased = ${:srv}/caucased
backup-caucased = ${:backup}/caucased
{% if aikc_enabled %}
[directory]
aikc = ${:srv}/aikc aikc = ${:srv}/aikc
[aikc-config] [aikc-config]
...@@ -505,7 +529,140 @@ command = ...@@ -505,7 +529,140 @@ command =
${aikc-{{ csr }}-wrapper:rendered} ${aikc-{{ csr }}-wrapper:rendered}
update-command = ${:command} update-command = ${:command}
{% endfor %} {% endfor %}
{% endif %} {% endif %} {# if aikc_enabled #}
{% if aibcc_enabled %}
[directory]
aibcc = ${:srv}/aibcc
[aibcc-config]
caucase-url = {{ caucase_url }}
csr = ${directory:aibcc}/csr.pem
key = ${directory:aibcc}/key.pem
ca-certificate = ${directory:aibcc}/cas-ca-certificate.pem
crl = ${directory:aibcc}/crl.pem
user-ca-certificate = ${directory:aibcc}/user-ca-certificate.pem
user-crl = ${directory:aibcc}/user-crl.pem
user-created = ${directory:aibcc}/user-created
csr_id = ${directory:aibcc}/csr_id
[aibcc-user-csr]
recipe = plone.recipe.command
organization = {{ cluster_identification }}
organizational_unit = Automatic Sign Backend Client Caucase CSR
command =
if [ ! -f ${:csr} ] && [ ! -f ${:key} ] ; then
{{ parameter_dict['openssl'] }} req -new -sha256 \
-newkey rsa:2048 -nodes -keyout ${:key} \
-subj "/O=${:organization}/OU=${:organizational_unit}" \
-out ${:csr}
fi
update-command = ${:command}
csr = ${aibcc-config:csr}
key = ${aibcc-config:key}
stop-on-error = True
[aibcc-caucase-wrapper]
{# jinja2 instead of wrapper is used with context to remove py'u' #}
recipe = slapos.recipe.template:jinja2
context =
key caucase_url aibcc-config:caucase-url
template = inline:#!{{ parameter_dict['dash'] }}/bin/dash
exec {{ parameter_dict['bin_directory'] }}/caucase \
{# raw block to use context #}
{% raw %}
--ca-url {{ caucase_url }} \
{% endraw %}
--ca-crt ${aibcc-config:ca-certificate} \
--user-ca-crt ${aibcc-config:user-ca-certificate} \
--user-crl ${aibcc-config:user-crl} \
--crl ${aibcc-config:crl} \
"$@"
rendered = ${directory:bin}/aibcc-caucase-wrapper
mode = 0700
{% do part_list.append('aibcc-create-user') %}
[aibcc-create-user]
recipe = plone.recipe.command
# the caucase for this part is provided in this profile, so we can't fail
# as otherwise caucase will never be started...
stop-on-error = False
update-command = ${:command}
command =
if ! [ -f ${aibcc-config:user-created} ] ; then
${aibcc-caucase-wrapper:rendered} --mode user --send-csr ${aibcc-user-csr:csr} > ${aibcc-config:csr_id} || exit 1
cut -d ' ' -f 1 ${aibcc-config:csr_id} || exit 1
csr_id=`cut -d ' ' -f 1 ${aibcc-config:csr_id}`
sleep 1
${aibcc-caucase-wrapper:rendered} --mode user --get-crt $csr_id ${aibcc-config:key} || exit 1
touch ${aibcc-config:user-created}
fi
{% do part_list.append('aibcc-user-caucase-updater') %}
{% do part_list.append('aibcc-user-caucase-updater-promise') %}
{{ caucase.updater(
prefix='aibcc-user-caucase-updater',
buildout_bin_directory=parameter_dict['bin_directory'],
updater_path='${directory:service}/aibcc-user-caucase-updater',
url='${aibcc-config:caucase-url}',
data_dir='${directory:srv}/caucase-updater',
crt_path='${aibcc-config:key}',
ca_path='${aibcc-config:user-ca-certificate}',
crl_path='${aibcc-config:user-crl}',
key_path='${aibcc-config:key}',
mode='user',
)}}
[aibcc-check-certificate]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:bin}/aibcc-check-certificate
template = inline:
import sys
import ssl
import urlparse
certificate = sys.argv[2]
parsed = urlparse.urlparse(sys.argv[1])
got_certificate = ssl.get_server_certificate((parsed.hostname, parsed.port))
sys.exit(0) if certificate.strip() == got_certificate.strip() else sys.exit(1)
{% for csr in frontend_list %}
[aibcc-{{ csr }}-wrapper]
{# jinja2 instead of wrapper is used with context to remove py'u' #}
recipe = slapos.recipe.template:jinja2
context =
key csr_id_url request-{{ csr }}:connection-backend-client-csr_id-url
key csr_id_certificate request-{{ csr }}:connection-csr_id-certificate
template = inline:#!{{ parameter_dict['dash'] }}/bin/dash
test -f ${directory:aibcc}/{{ csr }}-done && exit 0
${buildout:executable} ${aibcc-check-certificate:rendered} \
{# raw block to use context #}
{% raw %}
{{ csr_id_url }} \
"""{{ csr_id_certificate }}"""
{% endraw %}
if [ $? = 0 ]; then
csr_id=`{{ parameter_dict['curl'] }}/bin/curl -s -k -g \
{% raw %}
{{ csr_id_url }} \
{% endraw %}
` || exit 1
${aibcc-caucase-wrapper:rendered} --user-key ${aibcc-config:key} --sign-csr $csr_id && touch ${directory:aibcc}/{{ csr }}-done
fi
rendered = ${directory:bin}/aibcc-{{ csr }}-wrapper
mode = 0700
{% do part_list.append('aibcc-%s' % (csr,)) %}
[aibcc-{{ csr }}]
recipe = plone.recipe.command
stop-on-error = True
command =
${aibcc-{{ csr }}-wrapper:rendered}
update-command = ${:command}
{% endfor %}
{% endif %} {# if aibcc_enabled #}
[rejected-slave-json] [rejected-slave-json]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
...@@ -599,6 +756,20 @@ config-filename = ${rejected-slave-json:rendered} ...@@ -599,6 +756,20 @@ config-filename = ${rejected-slave-json:rendered}
config-state = empty config-state = empty
config-url = ${rejected-slave-publish:url} config-url = ${rejected-slave-publish:url}
[caucased-backend-client]
hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
{{ caucase.caucased(
prefix='caucased-backend-client',
buildout_bin_directory=parameter_dict['bin_directory'],
caucased_path='${directory:service}/caucased-backend-client',
backup_dir='${directory:backup-caucased}',
data_dir='${directory:caucased}',
netloc=caucase_netloc,
service_auto_approve_count=0,
user_auto_approve_count=1,
key_len=2048,
)}}
[buildout] [buildout]
extends = extends =
{{ common_profile }} {{ common_profile }}
...@@ -610,6 +781,8 @@ parts = ...@@ -610,6 +781,8 @@ parts =
request-kedifa request-kedifa
rejected-slave-promise rejected-slave-promise
promise-rejected-slave-publish-ip-port promise-rejected-slave-publish-ip-port
caucased-backend-client
caucased-backend-client-promise
{% for part in part_list %} {% for part in part_list %}
{{ ' %s' % part }} {{ ' %s' % part }}
{% endfor %} {% endfor %}
......
...@@ -66,16 +66,16 @@ ...@@ -66,16 +66,16 @@
"title": "Test Verification URL", "title": "Test Verification URL",
"type": "string" "type": "string"
}, },
"proxy-try-duration": { "backend-connect-timeout": {
"default": 5, "default": 5,
"description": "A time during which Caddy will try to establish connection with a backend. Setting it to 0 will result with immediate return of 502 EOF error to the browser, even if it would be possible to (re)connect to the backend during few moments. More info in https://caddyserver.com/docs/proxy try_durtion.", "description": "Time in seconds for establishing connection to the backend.",
"title": "Duration in seconds of trying a backend", "title": "Timeout for backend connection (seconds)",
"type": "integer" "type": "integer"
}, },
"proxy-try-interval": { "backend-connect-retries": {
"default": 250, "default": 3,
"description": "How often Caddy will try to establish connection with a backend during proxy-try-duration. More info in https://caddyserver.com/docs/proxy try_interval", "description": "Amount of retries to connect to the backend. The amount of backend-connect-timeout*backend-connect-retries seconds will be spent to connect to the backend.",
"title": "Interval in milliseconds of tries during proxy-try-duration", "title": "Amount of retries to connect to the backend.",
"type": "integer" "type": "integer"
}, },
"automatic-internal-kedifa-caucase-csr": { "automatic-internal-kedifa-caucase-csr": {
...@@ -88,6 +88,16 @@ ...@@ -88,6 +88,16 @@
"title": "Automatic Internal KeDiFa's Caucase CSR", "title": "Automatic Internal KeDiFa's Caucase CSR",
"type": "string" "type": "string"
}, },
"automatic-internal-backend-client-caucase-csr": {
"default": "true",
"description": "Automatically signs CSRs sent to Backend Client's caucase, based on csr_id and matching certificate.",
"enum": [
"true",
"false"
],
"title": "Automatic Internal Backend Client's Caucase CSR",
"type": "string"
},
"ciphers": { "ciphers": {
"description": "List of ciphers. Empty defaults to Caddy list of ciphers. See https://caddyserver.com/docs/tls for more information.", "description": "List of ciphers. Empty defaults to Caddy list of ciphers. See https://caddyserver.com/docs/tls for more information.",
"title": "Ordered space separated list of ciphers", "title": "Ordered space separated list of ciphers",
...@@ -98,6 +108,16 @@ ...@@ -98,6 +108,16 @@
"description": "Timeout for HTTP requests.", "description": "Timeout for HTTP requests.",
"title": "HTTP Request timeout in seconds", "title": "HTTP Request timeout in seconds",
"type": "integer" "type": "integer"
},
"authenticate-to-backend": {
"default": "false",
"description": "If set to true the frontend certificate will be used as authentication certificate to the backend. Note: backend might have to know the frontend CA, available with 'backend-client-caucase-url'.",
"enum": [
"false",
"true"
],
"title": "Authenticate to backend",
"type": "string"
} }
}, },
"title": "Input Parameters", "title": "Input Parameters",
......
...@@ -73,6 +73,10 @@ ...@@ -73,6 +73,10 @@
"warning-list": { "warning-list": {
"description": "List of warning found during the request.", "description": "List of warning found during the request.",
"type": "array" "type": "array"
},
"backend-client-caucase-url": {
"description": "URL to caucase used by authentication to the backend.",
"type": "string"
} }
}, },
"type": "object" "type": "object"
......
...@@ -195,10 +195,34 @@ ...@@ -195,10 +195,34 @@
"title": "type:zope virtualhostroot-https-port", "title": "type:zope virtualhostroot-https-port",
"type": "integer" "type": "integer"
}, },
"backend-connect-timeout": {
"description": "Time in seconds for establishing connection to the backend.",
"title": "Timeout for backend connection (seconds)",
"type": "integer"
},
"backend-connect-retries": {
"description": "Amount of retries to connect to the backend. The amount of backend-connect-timeout*backend-connect-retries seconds will be spent to connect to the backend.",
"title": "Amount of retries to connect to the backend.",
"type": "integer"
},
"request-timeout": {
"description": "Timeout for HTTP requests.",
"title": "HTTP Request timeout in seconds",
"type": "integer"
},
"ciphers": { "ciphers": {
"description": "List of ciphers. Empty defaults to cluster list of ciphers, which by default are Caddy list of ciphers. See https://caddyserver.com/docs/tls for more information.", "description": "List of ciphers. Empty defaults to cluster list of ciphers, which by default are Caddy list of ciphers. See https://caddyserver.com/docs/tls for more information.",
"title": "Ordered space separated list of ciphers", "title": "Ordered space separated list of ciphers",
"type": "string" "type": "string"
},
"authenticate-to-backend": {
"description": "If set to true the frontend certificate will be used as authentication certificate to the backend. Note: backend might have to know the frontend CA, available with 'backend-client-caucase-url'.",
"enum": [
"false",
"true"
],
"title": "Authenticate to backend",
"type": "string"
} }
}, },
"title": "Input Parameters", "title": "Input Parameters",
......
...@@ -49,6 +49,10 @@ ...@@ -49,6 +49,10 @@
"kedifa-caucase-url": { "kedifa-caucase-url": {
"description": "URL to caucase used by KeDiFa", "description": "URL to caucase used by KeDiFa",
"type": "string" "type": "string"
},
"backend-client-caucase-url": {
"description": "URL to caucase used by authentication to the backend.",
"type": "string"
} }
}, },
"type": "object" "type": "object"
......
...@@ -103,6 +103,7 @@ configuration.nginx_port = 9443 ...@@ -103,6 +103,7 @@ configuration.nginx_port = 9443
configuration.kedifa_port = 7879 configuration.kedifa_port = 7879
# Warning: Caucase takes also cacuase_port+1 # Warning: Caucase takes also cacuase_port+1
configuration.caucase_port = 8890 configuration.caucase_port = 8890
configuration.caucase_backend_client_port = 8990
configuration.apache-key = configuration.apache-key =
configuration.apache-certificate = configuration.apache-certificate =
configuration.open-port = 80 443 configuration.open-port = 80 443
...@@ -117,5 +118,8 @@ configuration.ciphers = ...@@ -117,5 +118,8 @@ configuration.ciphers =
configuration.request-timeout = 600 configuration.request-timeout = 600
configuration.mpm-graceful-shutdown-timeout = 5 configuration.mpm-graceful-shutdown-timeout = 5
configuration.frontend-name = configuration.frontend-name =
configuration.proxy-try-duration = 5 configuration.backend-connect-timeout = 5
configuration.proxy-try-interval = 250 configuration.backend-connect-retries = 3
configuration.backend-haproxy-http-port = 21080
configuration.backend-haproxy-https-port = 21443
configuration.authenticate-to-backend = False
...@@ -2,10 +2,8 @@ ...@@ -2,10 +2,8 @@
import {{frontend_configuration.get('log-access-configuration')}} import {{frontend_configuration.get('log-access-configuration')}}
import {{ slave_configuration_directory }}/*.conf import {{ slave_configuration_directory }}/*.conf
import {{ slave_with_cache_configuration_directory }}/*.conf
{% for port in [https_port] %} :{{ https_port }} {
:{{ port }} {
tls {{ master_certificate }} {{ master_certificate }} tls {{ master_certificate }} {{ master_certificate }}
bind {{ local_ipv4 }} bind {{ local_ipv4 }}
status 404 / status 404 /
...@@ -17,10 +15,8 @@ import {{ slave_with_cache_configuration_directory }}/*.conf ...@@ -17,10 +15,8 @@ import {{ slave_with_cache_configuration_directory }}/*.conf
* {{ not_found_file }} * {{ not_found_file }}
} }
} }
{%- endfor %}
{% for port in [http_port, cached_port, ssl_cached_port] %} :{{ http_port }} {
:{{ port }} {
bind {{ local_ipv4 }} bind {{ local_ipv4 }}
status 404 / status 404 /
log / {{ access_log }} "{remote} - {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" { log / {{ access_log }} "{remote} - {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" {
...@@ -31,7 +27,6 @@ import {{ slave_with_cache_configuration_directory }}/*.conf ...@@ -31,7 +27,6 @@ import {{ slave_with_cache_configuration_directory }}/*.conf
* {{ not_found_file }} * {{ not_found_file }}
} }
} }
{%- endfor %}
# Access to server-status Caddy-style # Access to server-status Caddy-style
https://[{{ global_ipv6 }}]:{{ https_port }}/server-status, https://{{ local_ipv4 }}:{{ https_port }}/server-status { https://[{{ global_ipv6 }}]:{{ https_port }}/server-status, https://{{ local_ipv4 }}:{{ https_port }}/server-status {
......
{%- if software_type == slap_software_type %} {%- if software_type == slap_software_type %}
{%- set kedifa_updater_mapping = [] %} {%- set kedifa_updater_mapping = [] %}
{%- set cached_server_dict = {} %} {%- set cached_server_dict = {} %}
{%- set backend_slave_list = [] %}
{%- set part_list = [] %} {%- set part_list = [] %}
{%- set cache_port = caddy_configuration.get('cache-port') %} {%- set cache_port = caddy_configuration.get('cache-port') %}
{%- set cached_port = caddy_configuration.get('cache-through-port') %}
{%- set ssl_cached_port = caddy_configuration.get('ssl-cache-through-port') %}
{%- set cache_access = "http://%s:%s" % (local_ipv4, cache_port) %} {%- set cache_access = "http://%s:%s" % (local_ipv4, cache_port) %}
{%- set ssl_cache_access = "http://%s:%s/HTTPS" % (local_ipv4, cache_port) %} {%- set ssl_cache_access = "http://%s:%s/HTTPS" % (local_ipv4, cache_port) %}
{%- set backend_haproxy_http_url = 'http://%s:%s' % (local_ipv4, backend_haproxy_configuration['http-port']) %}
{%- set backend_haproxy_https_url = 'http://%s:%s' % (local_ipv4, backend_haproxy_configuration['https-port']) %}
{%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] %} {%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] %}
{%- set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': local_ipv4, 'http_port': http_port, 'https_port': https_port} %} {%- set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': local_ipv4, 'http_port': http_port, 'https_port': https_port} %}
{%- set slave_log_dict = {} %} {%- set slave_log_dict = {} %}
...@@ -43,11 +44,16 @@ create = true ...@@ -43,11 +44,16 @@ create = true
[slave-log-directory-dict] [slave-log-directory-dict]
[slave-password] [slave-password]
# empty section if no cached slaves are available
[slave-log-cache-direct-directory-dict]
{#- Loop thought slave list to set up slaves #} {#- Loop thought slave list to set up slaves #}
{%- set DEFAULT_PORT = {'http': 80, 'https': 443, '': None} %}
{%- for slave_instance in slave_instance_list %} {%- for slave_instance in slave_instance_list %}
{#- prepare backend parameters #}
{%- for key, prefix in [('url', 'http_backend'), ('https-url', 'https_backend')] %}
{%- set parsed = urlparse_module.urlparse(slave_instance.get(key, '').strip()) %}
{%- set info_dict = {'scheme': parsed.scheme, 'hostname': parsed.hostname, 'port': parsed.port or DEFAULT_PORT[parsed.scheme], 'path': parsed.path, 'fragment': parsed.fragment} %}
{%- do slave_instance.__setitem__(prefix, info_dict) %}
{%- endfor %}
{%- do slave_instance.__setitem__('ssl_proxy_verify', ('' ~ slave_instance.get('ssl-proxy-verify', '')).lower() in TRUE_VALUES) %}
{#- Manage ciphers #} {#- Manage ciphers #}
{%- set slave_ciphers = slave_instance.get('ciphers', '').strip().split() %} {%- set slave_ciphers = slave_instance.get('ciphers', '').strip().split() %}
{%- if slave_ciphers %} {%- if slave_ciphers %}
...@@ -56,10 +62,34 @@ create = true ...@@ -56,10 +62,34 @@ create = true
{%- set slave_cipher_list = ciphers.strip() %} {%- set slave_cipher_list = ciphers.strip() %}
{%- endif %} {%- endif %}
{%- do slave_instance.__setitem__('cipher_list', slave_cipher_list) %} {%- do slave_instance.__setitem__('cipher_list', slave_cipher_list) %}
{#- Manage common instance parameters #}
{%- set slave_type = slave_instance.get('type', '') %} {%- set slave_type = slave_instance.get('type', '') %}
{%- set enable_cache = (('' ~ slave_instance.get('enable_cache', '')).lower() in TRUE_VALUES and slave_type != 'redirect') %} {%- set enable_cache = (('' ~ slave_instance.get('enable_cache', '')).lower() in TRUE_VALUES and slave_type != 'redirect') %}
{%- set slave_reference = slave_instance.get('slave_reference') %} {%- set slave_reference = slave_instance.get('slave_reference') %}
{%- set slave_kedifa = slave_kedifa_information.get(slave_reference) %} {%- set slave_kedifa = slave_kedifa_information.get(slave_reference) %}
{#- Setup backend URLs for front facing Caddy #}
{%- if slave_type == 'redirect' %}
{%- do slave_instance.__setitem__('backend-http-url', slave_instance.get('url', '').rstrip('/')) %}
{%- if slave_instance.get('https-url') %}
{%- do slave_instance.__setitem__('backend-https-url', slave_instance.get['https-url'].rstrip('/')) %}
{%- endif %}
{%- elif enable_cache %}
{%- if 'domain' in slave_instance %}
{%- if not slave_instance.get('custom_domain') %}
{%- do slave_instance.__setitem__('custom_domain', slave_instance.get('domain')) %}
{%- endif %}
{%- endif %}
{%- do slave_instance.__setitem__('backend-http-url', cache_access) %}
{%- if slave_instance.get('https-url') %}
{%- do slave_instance.__setitem__('backend-https-url', ssl_cache_access) %}
{%- endif %}
{%- do cached_server_dict.__setitem__(slave_reference, slave_configuration_section_name) %}
{%- else %}
{%- do slave_instance.__setitem__('backend-http-url', backend_haproxy_http_url) %}
{%- if slave_instance.get('https-url') %}
{%- do slave_instance.__setitem__('backend-https-url', backend_haproxy_https_url) %}
{%- endif %}
{%- endif %}
{%- if slave_kedifa %} {%- if slave_kedifa %}
{%- set key_download_url = slave_kedifa.get('key-download-url') %} {%- set key_download_url = slave_kedifa.get('key-download-url') %}
{%- else %} {%- else %}
...@@ -70,57 +100,39 @@ create = true ...@@ -70,57 +100,39 @@ create = true
{%- set slave_publish_dict = {} %} {%- set slave_publish_dict = {} %}
{%- set slave_configuration_section_name = 'slave-instance-%s-configuration' % slave_reference %} {%- set slave_configuration_section_name = 'slave-instance-%s-configuration' % slave_reference %}
{%- set slave_logrotate_section = slave_reference + "-logs" %} {%- set slave_logrotate_section = slave_reference + "-logs" %}
{%- set slave_logrotate_cache_direct_section = slave_reference + "-cache-direct-logs" %}
{%- set slave_password_section = slave_reference + "-password" %} {%- set slave_password_section = slave_reference + "-password" %}
{%- set slave_ln_section = slave_reference + "-ln" %} {%- set slave_ln_section = slave_reference + "-ln" %}
{#- extend parts #} {#- extend parts #}
{%- do part_list.extend([slave_ln_section]) %} {%- do part_list.extend([slave_ln_section]) %}
{%- do part_list.extend([slave_logrotate_section, slave_section_title]) %} {%- do part_list.extend([slave_logrotate_section, slave_section_title]) %}
{%- set slave_log_folder = '${logrotate-directory:logrotate-backup}/' + slave_reference + "-logs" %} {%- set slave_log_folder = '${logrotate-directory:logrotate-backup}/' + slave_reference + "-logs" %}
{%- if enable_cache %}
{%- set slave_log_cache_direct_folder = '${logrotate-directory:logrotate-backup}/' + slave_logrotate_cache_direct_section %}
{%- do part_list.extend([slave_logrotate_cache_direct_section]) %}
{%- endif %}
{#- Pass HTTP2 switch #} {#- Pass HTTP2 switch #}
{%- do slave_instance.__setitem__('enable_http2_by_default', enable_http2_by_default) %} {%- do slave_instance.__setitem__('enable_http2_by_default', enable_http2_by_default) %}
{%- do slave_instance.__setitem__('global_disable_http2', global_disable_http2) %} {%- do slave_instance.__setitem__('global_disable_http2', global_disable_http2) %}
{#- Pass proxy_try_duration and proxy_try_interval #} {#- Pass backend timeout values #}
{%- do slave_instance.__setitem__('proxy_try_duration', proxy_try_duration) %} {%- for key in ['backend-connect-timeout', 'backend-connect-retries', 'request-timeout', 'authenticate-to-backend'] %}
{%- do slave_instance.__setitem__('proxy_try_interval', proxy_try_interval) %} {%- if slave_instance.get(key, '') == '' %}
{%- do slave_instance.__setitem__(key, configuration[key]) %}
{%- endif %}
{%- endfor %}
{%- do slave_instance.__setitem__('authenticate-to-backend', ('' ~ slave_instance.get('authenticate-to-backend', '')).lower() in TRUE_VALUES) %}
{#- Set Up log files #} {#- Set Up log files #}
{%- do slave_parameter_dict.__setitem__('access_log', '/'.join([caddy_log_directory, '%s_access_log' % slave_reference])) %} {%- do slave_parameter_dict.__setitem__('access_log', '/'.join([caddy_log_directory, '%s_access_log' % slave_reference])) %}
{%- do slave_parameter_dict.__setitem__('error_log', '/'.join([caddy_log_directory, '%s_error_log' % slave_reference])) %} {%- do slave_parameter_dict.__setitem__('error_log', '/'.join([caddy_log_directory, '%s_error_log' % slave_reference])) %}
{%- do slave_instance.__setitem__('access_log', slave_parameter_dict.get('access_log')) %} {%- do slave_instance.__setitem__('access_log', slave_parameter_dict.get('access_log')) %}
{%- do slave_instance.__setitem__('error_log', slave_parameter_dict.get('error_log')) %} {%- do slave_instance.__setitem__('error_log', slave_parameter_dict.get('error_log')) %}
{%- if enable_cache %}
{%- do slave_parameter_dict.__setitem__('access_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_access_log' % slave_reference])) %}
{%- do slave_parameter_dict.__setitem__('error_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_error_log' % slave_reference])) %}
{%- do slave_instance.__setitem__('access_log_cache_direct', slave_parameter_dict.get('access_log_cache_direct')) %}
{%- do slave_instance.__setitem__('error_log_cache_direct', slave_parameter_dict.get('error_log_cache_direct')) %}
{%- endif %}
{#- Add slave log directory to the slave log access dict #} {#- Add slave log directory to the slave log access dict #}
{%- do slave_log_dict.__setitem__(slave_reference, slave_log_folder) %} {%- do slave_log_dict.__setitem__(slave_reference, slave_log_folder) %}
{%- set slave_log_access_url = 'https://' + slave_reference.lower() + ':${'+ slave_password_section +':passwd}@[' + frontend_configuration.get('caddy-ipv6') + ']:' + frontend_configuration.get('caddy-https-port') + '/' + slave_reference.lower() + '/' %} {%- set slave_log_access_url = 'https://' + slave_reference.lower() + ':${'+ slave_password_section +':passwd}@[' + frontend_configuration.get('caddy-ipv6') + ']:' + frontend_configuration.get('caddy-https-port') + '/' + slave_reference.lower() + '/' %}
{%- do slave_publish_dict.__setitem__('log-access', slave_log_access_url) %} {%- do slave_publish_dict.__setitem__('log-access', slave_log_access_url) %}
{%- do slave_publish_dict.__setitem__('slave-reference', slave_reference) %} {%- do slave_publish_dict.__setitem__('slave-reference', slave_reference) %}
{%- do slave_publish_dict.__setitem__('public-ipv4', public_ipv4) %} {%- do slave_publish_dict.__setitem__('public-ipv4', public_ipv4) %}
{%- do slave_publish_dict.__setitem__('backend-client-caucase-url', backend_client_caucase_url) %}
{#- Set slave domain if none was defined #} {#- Set slave domain if none was defined #}
{%- if slave_instance.get('custom_domain', None) == None %} {%- if slave_instance.get('custom_domain', None) == None %}
{%- set domain_prefix = slave_instance.get('slave_reference').replace("-", "").replace("_", "").lower() %} {%- set domain_prefix = slave_instance.get('slave_reference').replace("-", "").replace("_", "").lower() %}
{%- do slave_instance.__setitem__('custom_domain', "%s.%s" % (domain_prefix, slapparameter_dict.get('domain'))) %} {%- do slave_instance.__setitem__('custom_domain', "%s.%s" % (domain_prefix, slapparameter_dict.get('domain'))) %}
{%- endif %} {%- endif %}
{%- if enable_cache and 'url' in slave_instance %}
{%- if 'domain' in slave_instance %}
{%- if not slave_instance.get('custom_domain') %}
{%- do slave_instance.__setitem__('custom_domain', slave_instance.get('domain')) %}
{%- endif %}
{%- endif %}
{%- do slave_instance.__setitem__('backend_url', slave_instance.get('url')) %}
{%- do slave_instance.__setitem__('https_backend_url', slave_instance.get('https-url', slave_instance.get('url'))) %}
{%- do slave_instance.__setitem__('url', cache_access) %}
{%- do slave_instance.__setitem__('https-url', ssl_cache_access) %}
{%- do cached_server_dict.__setitem__(slave_reference, slave_configuration_section_name) %}
{%- endif %}
{%- do slave_publish_dict.__setitem__('domain', slave_instance.get('custom_domain')) %} {%- do slave_publish_dict.__setitem__('domain', slave_instance.get('custom_domain')) %}
{%- do slave_publish_dict.__setitem__('url', "http://%s" % slave_instance.get('custom_domain')) %} {%- do slave_publish_dict.__setitem__('url', "http://%s" % slave_instance.get('custom_domain')) %}
{%- do slave_publish_dict.__setitem__('site_url', "http://%s" % slave_instance.get('custom_domain')) %} {%- do slave_publish_dict.__setitem__('site_url', "http://%s" % slave_instance.get('custom_domain')) %}
...@@ -129,11 +141,6 @@ create = true ...@@ -129,11 +141,6 @@ create = true
[slave-log-directory-dict] [slave-log-directory-dict]
{{slave_reference}} = {{ slave_log_folder }} {{slave_reference}} = {{ slave_log_folder }}
{%- if enable_cache %}
[slave-log-cache-direct-directory-dict]
{{slave_reference}}_cache_direct = {{ slave_log_cache_direct_folder }}
{%- endif %}
[slave-password] [slave-password]
{{ slave_reference }} = {{ '${' + slave_password_section + ':passwd}' }} {{ slave_reference }} = {{ '${' + slave_password_section + ':passwd}' }}
...@@ -143,14 +150,6 @@ create = true ...@@ -143,14 +150,6 @@ create = true
name = ${:_buildout_section_name_} name = ${:_buildout_section_name_}
log = {{slave_parameter_dict.get('access_log')}} {{slave_parameter_dict.get('error_log')}} log = {{slave_parameter_dict.get('access_log')}} {{slave_parameter_dict.get('error_log')}}
backup = {{ slave_log_folder }} backup = {{ slave_log_folder }}
{%- if enable_cache %}
[{{slave_logrotate_cache_direct_section}}]
<= logrotate-entry-base
name = ${:_buildout_section_name_}
log = {{slave_parameter_dict.get('access_log_cache_direct')}} {{slave_parameter_dict.get('error_log_cache_direct')}}
backup = {{ slave_log_cache_direct_folder }}
{%- endif %}
{#- integrate current logs inside #} {#- integrate current logs inside #}
...@@ -221,9 +220,6 @@ certificate = {{ certificate }} ...@@ -221,9 +220,6 @@ certificate = {{ certificate }}
https_port = {{ dumps('' ~ https_port) }} https_port = {{ dumps('' ~ https_port) }}
http_port = {{ dumps('' ~ http_port) }} http_port = {{ dumps('' ~ http_port) }}
local_ipv4 = {{ dumps('' ~ local_ipv4) }} local_ipv4 = {{ dumps('' ~ local_ipv4) }}
cached_port = {{ dumps('' ~ cached_port) }}
ssl_cached_port = {{ ('' ~ ssl_cached_port) }}
request_timeout = {{ ('' ~ request_timeout) }}
{%- for key, value in slave_instance.iteritems() %} {%- for key, value in slave_instance.iteritems() %}
{%- if value is not none %} {%- if value is not none %}
{{ key }} = {{ dumps('' ~ value) }} {{ key }} = {{ dumps('' ~ value) }}
...@@ -282,6 +278,9 @@ recipe = slapos.cookbook:publish ...@@ -282,6 +278,9 @@ recipe = slapos.cookbook:publish
{%- else %} {%- else %}
{%- do slave_instance_information_list.append(slave_publish_dict) %} {%- do slave_instance_information_list.append(slave_publish_dict) %}
{%- endif %} {%- endif %}
{%- if slave_type != 'redirect' %}
{%- do backend_slave_list.append(slave_instance) %}
{%- endif %}
{%- endfor %} {# Slave iteration ends for slave_instance in slave_instance_list #} {%- endfor %} {# Slave iteration ends for slave_instance in slave_instance_list #}
[slave-log-directories] [slave-log-directories]
...@@ -290,28 +289,9 @@ recipe = slapos.cookbook:mkdirectory ...@@ -290,28 +289,9 @@ recipe = slapos.cookbook:mkdirectory
{%- do part_list.append('slave-log-directories') %} {%- do part_list.append('slave-log-directories') %}
[slave-log-cache-direct-directories]
<= slave-log-cache-direct-directory-dict
recipe = slapos.cookbook:mkdirectory
{%- do part_list.append('slave-log-cache-direct-directories') %}
{%- do part_list.append('caddy-log-access') %} {%- do part_list.append('caddy-log-access') %}
{#- ############################################## #} {#- ############################################## #}
{#- ## Prepare virtualhost for slaves using cache #} {#- ## Prepare virtualhost for slaves using cache #}
{%- for slave_reference, slave_configuration_section_name in cached_server_dict.iteritems() %}
{%- set cached_slave_configuration_section_title = '%s-cached-virtualhost' % slave_reference %}
{%- do part_list.append(cached_slave_configuration_section_title) %}
[{{ cached_slave_configuration_section_title }}]
< = jinja2-template-base
template = {{ template_cached_slave_configuration }}
filename = {{ '%s.conf' % slave_reference }}
rendered = {{ caddy_cached_configuration_directory }}/${:filename}
extensions = jinja2.ext.do
extra-context =
section slave_parameter {{ slave_configuration_section_name }}
{{ '\n' }}
{%- endfor %}
{#- Define IPv6 to IPV4 tunneling #} {#- Define IPv6 to IPV4 tunneling #}
[tunnel-6to4-base] [tunnel-6to4-base]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
...@@ -331,16 +311,6 @@ ipv6-port = {{ http_port }} ...@@ -331,16 +311,6 @@ ipv6-port = {{ http_port }}
ipv4-port = {{ https_port }} ipv4-port = {{ https_port }}
ipv6-port = {{ https_port }} ipv6-port = {{ https_port }}
[tunnel-6to4-base-cached_port]
<= tunnel-6to4-base
ipv4-port = {{ cached_port }}
ipv6-port = {{ cached_port }}
[tunnel-6to4-base-ssl_cached_port]
<= tunnel-6to4-base
ipv4-port = {{ ssl_cached_port }}
ipv6-port = {{ ssl_cached_port }}
{#- Define log access #} {#- Define log access #}
[caddy-log-access-parameters] [caddy-log-access-parameters]
...@@ -376,6 +346,7 @@ slave-instance-information-list = {{ json_module.dumps(slave_instance_informatio ...@@ -376,6 +346,7 @@ slave-instance-information-list = {{ json_module.dumps(slave_instance_informatio
{%- endif %} {%- endif %}
monitor-base-url = {{ monitor_base_url }} monitor-base-url = {{ monitor_base_url }}
csr_id-url = https://[${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port}/csr_id.txt csr_id-url = https://[${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port}/csr_id.txt
backend-client-csr_id-url = https://[${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port}/backend-haproxy-csr_id.txt
csr_id-certificate = ${get-csr_id-certificate:certificate} csr_id-certificate = ${get-csr_id-certificate:certificate}
[kedifa-updater] [kedifa-updater]
...@@ -414,6 +385,47 @@ rendered = ${:file} ...@@ -414,6 +385,47 @@ rendered = ${:file}
template = inline: # This file contain directives to serve directories with log files for shared instances, but no shared instances are defined yet. template = inline: # This file contain directives to serve directories with log files for shared instances, but no shared instances are defined yet.
rendered = {{frontend_configuration.get('log-access-configuration')}} rendered = {{frontend_configuration.get('log-access-configuration')}}
##<Backend haproxy>
[backend-haproxy-configuration]
< = jinja2-template-base
template = {{ template_backend_haproxy_configuration }}
rendered = ${backend-haproxy-config:file}
backend_slave_list = {{ dumps(sorted(backend_slave_list)) }}
extra-context =
key backend_slave_list :backend_slave_list
section configuration backend-haproxy-config
[backend-haproxy-config]
file = {{ backend_haproxy_configuration['file'] }}
pid-file = {{ backend_haproxy_configuration['pid-file'] }}
log-socket = {{ backend_haproxy_configuration['log-socket'] }}
local-ipv4 = {{ dumps('' ~ local_ipv4) }}
http-port = {{ ('' ~ backend_haproxy_configuration['http-port']) }}
https-port = {{ ('' ~ backend_haproxy_configuration['https-port']) }}
request-timeout = {{ dumps('' ~ configuration['request-timeout']) }}
backend-connect-timeout = {{ dumps('' ~ configuration['backend-connect-timeout']) }}
backend-connect-retries = {{ dumps('' ~ configuration['backend-connect-retries']) }}
certificate = {{ dumps('' ~ backend_haproxy_configuration['certificate']) }}
[store-backend-haproxy-csr_id]
recipe = plone.recipe.command
csr_id_path = {{ directory['csr_id'] }}/backend-haproxy-csr_id.txt
csr_work_path = {{ directory['tmp'] }}/${:_buildout_section_name_}
stop-on-error = False
update-command = ${:command}
command =
{{ bin_directory }}/caucase \
--ca-url {{ backend_haproxy_configuration['caucase-url'] }} \
--ca-crt {{ backend_haproxy_configuration['cas-ca-certificate'] }} \
--crl {{ backend_haproxy_configuration['crl'] }} \
--mode service \
--send-csr {{ backend_haproxy_configuration['csr'] }} > ${:csr_work_path} && \
cut -d ' ' -f 1 ${:csr_work_path} > ${:csr_id_path}
##<Backend haproxy>
[buildout] [buildout]
extends = extends =
{{ common_profile }} {{ common_profile }}
...@@ -423,6 +435,7 @@ extends = ...@@ -423,6 +435,7 @@ extends =
parts += parts +=
kedifa-updater kedifa-updater
kedifa-updater-run kedifa-updater-run
backend-haproxy-configuration
{%- for part in part_list %} {%- for part in part_list %}
{{ ' %s' % part }} {{ ' %s' % part }}
{%- endfor %} {%- endfor %}
...@@ -432,8 +445,6 @@ parts += ...@@ -432,8 +445,6 @@ parts +=
publish-caddy-information publish-caddy-information
tunnel-6to4-base-http_port tunnel-6to4-base-http_port
tunnel-6to4-base-https_port tunnel-6to4-base-https_port
tunnel-6to4-base-cached_port
tunnel-6to4-base-ssl_cached_port
expose-csr_id expose-csr_id
promise-expose-csr_id-ip-port promise-expose-csr_id-ip-port
...@@ -496,7 +507,9 @@ config-hostname = ${expose-csr_id-configuration:ip} ...@@ -496,7 +507,9 @@ config-hostname = ${expose-csr_id-configuration:ip}
config-port = ${expose-csr_id-configuration:port} config-port = ${expose-csr_id-configuration:port}
[expose-csr_id] [expose-csr_id]
depends = ${store-csr_id:command} depends =
${store-csr_id:command}
${store-backend-haproxy-csr_id:command}
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
command-line = {{ caddy_executable }} command-line = {{ caddy_executable }}
-conf ${expose-csr_id-template:rendered} -conf ${expose-csr_id-template:rendered}
......
global
pidfile {{ configuration['pid-file'] }}
# master-worker is compatible with foreground with process management
master-worker
log {{ configuration['log-socket'] }} local0
defaults
log global
mode http
option httplog
timeout queue 60s
timeout server {{ configuration['request-timeout'] }}s
timeout client {{ configuration['request-timeout'] }}s
timeout connect {{ configuration['backend-connect-timeout'] }}s
retries {{ configuration['backend-connect-retries'] }}
{%- macro frontend_entry(slave_instance, scheme) %}
{%- set host_list = (slave_instance.get('server-alias') or '').split() %}
{%- if slave_instance.get('custom_domain') not in host_list %}
{%- do host_list.append(slave_instance.get('custom_domain')) %}
{%- endif %}
{%- for host in host_list %}
{%- if host.startswith('*.') %}
{#- hdr_sub has to be used, as anyway something.example.com shall match *.example.com[:port], with optional port #}
acl is_{{ slave_instance['slave_reference'] }} hdr_sub(host) -i {{ host[2:] }}
{%- else %}
acl is_{{ slave_instance['slave_reference'] }} hdr_dom(host) -i {{ host }}
{%- endif %}
{%- endfor %}
use_backend {{ slave_instance['slave_reference'] }}-{{ scheme }} if is_{{ slave_instance['slave_reference'] }}
{%- endmacro %}
frontend http-backend
bind {{ configuration['local-ipv4'] }}:{{ configuration['http-port'] }}
{%- for slave_instance in backend_slave_list %}
{{ frontend_entry(slave_instance, 'http') }}
{%- endfor %}
frontend https-backend
bind {{ configuration['local-ipv4'] }}:{{ configuration['https-port'] }}
{%- for slave_instance in backend_slave_list %}
{{ frontend_entry(slave_instance, 'https') }}
{%- endfor %}
{%- for slave_instance in backend_slave_list %}
{%- for (scheme, prefix) in [('http', 'http_backend'), ('https', 'https_backend')] %}
{%- set info_dict = slave_instance[prefix] %}
{%- if info_dict['scheme'] == 'https' %}
{%- set ssl = [] %}
{%- if slave_instance['authenticate-to-backend'] %}
{%- set ssl = ['crt %s' % (configuration['certificate'],)] %}
{%- endif %}
{%- do ssl.append('ssl verify') %}
{%- set path_to_ssl_proxy_ca_crt = slave_instance.get('path_to_ssl_proxy_ca_crt') %}
{%- if slave_instance['ssl_proxy_verify'] %}
{%- if path_to_ssl_proxy_ca_crt %}
{%- do ssl.append('required ca-file %s' % (path_to_ssl_proxy_ca_crt,)) %}
{%- else %}
{#- Backend SSL shall be verified, but not CA provided, disallow connection #}
{#- Simply dropping hostname from the dict will result with ignoring it... #}
{%- do info_dict.__setitem__('hostname', '') %}
{%- endif %}
{%- else %}
{%- do ssl.append('none') %}
{%- endif %}
{%- set ssl = ' '.join(ssl) %}
{%- else %}
{%- set ssl = '' %}
{%- endif %}
backend {{ slave_instance['slave_reference'] }}-{{ scheme }}
{%- set hostname = info_dict['hostname'] %}
{%- set port = info_dict['port'] %}
{%- set path = info_dict['path'].rstrip('/') %}
{%- if hostname and port %}
timeout server {{ slave_instance['request-timeout'] }}s
timeout connect {{ slave_instance['backend-connect-timeout'] }}s
retries {{ slave_instance['backend-connect-retries'] }}
server backend {{ hostname }}:{{ port }} {{ ssl }}
{%- if path %}
http-request set-path {{ path }}%[path]
{%- endif %}
{%- endif %}
{%- endfor %}
{%- endfor %}
{%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] %}
{%- set server_alias_list = slave_parameter.get('server-alias', '').split() %}
{%- set ssl_proxy_verify = ('' ~ slave_parameter.get('ssl-proxy-verify', '')).lower() in TRUE_VALUES %}
{%- set host_list = [] %}
{%- for host in [slave_parameter.get('custom_domain')] + server_alias_list %}
{%- if host not in host_list %}
{%- do host_list.append(host) %}
{%- endif %}
{%- endfor %}
{%- set http_backend_host_list = [] %}
{%- set https_backend_host_list = [] %}
{%- for host in host_list %}
{%- do http_backend_host_list.append('http://%s:%s' % (host, slave_parameter['cached_port'])) %}
{%- do https_backend_host_list.append('http://%s:%s' % (host, slave_parameter['ssl_cached_port'])) %}
{%- endfor %}
# SSL-disabled backends
{{ http_backend_host_list|join(', ') }} {
bind {{ slave_parameter['local_ipv4'] }}
# Rewrite part
proxy / {{ slave_parameter.get('backend_url', '') }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
header_upstream Host {host}
{# header_upstream -X-Forwarded-For - caddy behaviour while removing and setting header is unstable, so for now original header has to be kept, even if in that case it comes from after ATS caddy itself #}
header_upstream X-Forwarded-For {>X-Forwarded-For-Real}
header_upstream -X-Forwarded-For-Real
timeout {{ slave_parameter['request_timeout'] }}s
{%- if ssl_proxy_verify %}
{%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %}
ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }}
{%- endif %}
{%- else %}
insecure_skip_verify
{%- endif %}
}
log / {{ slave_parameter.get('access_log_cache_direct') }} "{remote} - {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" {
rotate_size 0
}
errors {{ slave_parameter.get('error_log_cache_direct') }} {
rotate_size 0
}
}
# SSL-enabled backends
{{ https_backend_host_list|join(', ') }} {
bind {{ slave_parameter['local_ipv4'] }}
proxy / {{ slave_parameter.get('https_backend_url', '') }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
header_upstream Host {host}
{# header_upstream -X-Forwarded-For - caddy behaviour while removing and setting header is unstable, so for now original header has to be kept, even if in that case it comes from after ATS caddy itself #}
header_upstream X-Forwarded-For {>X-Forwarded-For-Real}
header_upstream -X-Forwarded-For-Real
timeout {{ slave_parameter['request_timeout'] }}s
{%- if ssl_proxy_verify %}
{%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %}
ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }}
{%- endif %}
{%- else %}
insecure_skip_verify
{%- endif %}
}
log / {{ slave_parameter.get('access_log_cache_direct') }} "{remote} - {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" {
rotate_size 0
}
errors {{ slave_parameter.get('error_log_cache_direct') }} {
rotate_size 0
}
}
...@@ -9,7 +9,6 @@ ...@@ -9,7 +9,6 @@
{%- endif %} {#- if prefer_gzip #} {%- endif %} {#- if prefer_gzip #}
{%- set server_alias_list = slave_parameter.get('server-alias', '').split() %} {%- set server_alias_list = slave_parameter.get('server-alias', '').split() %}
{%- set enable_h2 = slave_parameter['global_disable_http2'].lower() not in TRUE_VALUES and slave_parameter.get('enable-http2', slave_parameter['enable_http2_by_default']).lower() in TRUE_VALUES %} {%- set enable_h2 = slave_parameter['global_disable_http2'].lower() not in TRUE_VALUES and slave_parameter.get('enable-http2', slave_parameter['enable_http2_by_default']).lower() in TRUE_VALUES %}
{%- set ssl_proxy_verify = slave_parameter.get('ssl-proxy-verify', '').lower() in TRUE_VALUES %}
{%- set disabled_cookie_list = slave_parameter.get('disabled-cookie-list', '').split() %} {%- set disabled_cookie_list = slave_parameter.get('disabled-cookie-list', '').split() %}
{%- set https_only = slave_parameter.get('https-only', 'true').lower() in TRUE_VALUES %} {%- set https_only = slave_parameter.get('https-only', 'true').lower() in TRUE_VALUES %}
{%- set slave_type = slave_parameter.get('type', '') %} {%- set slave_type = slave_parameter.get('type', '') %}
...@@ -41,31 +40,18 @@ ...@@ -41,31 +40,18 @@
{%- endif %} {%- endif %}
{%- macro proxy_header() %} {%- macro proxy_header() %}
try_duration {{ slave_parameter['proxy_try_duration'] }}s timeout {{ slave_parameter['request-timeout'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
timeout {{ slave_parameter['request_timeout'] }}s
{%- if ssl_proxy_verify %}
{%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %}
ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }}
{%- endif %} {#- if 'path_to_ssl_proxy_ca_crt' in slave_parameter #}
{%- else %} {#- if ssl_proxy_verify #}
insecure_skip_verify
{%- endif %} {#- if ssl_proxy_verify #}
# force reset of X-Forwarded-For # force reset of X-Forwarded-For
header_upstream X-Forwarded-For {remote} header_upstream X-Forwarded-For {remote}
{%- if enable_cache %}
# provide a header for other components
header_upstream X-Forwarded-For-Real {remote}
{%- endif %}
{%- endmacro %} {# proxy_header #} {%- endmacro %} {# proxy_header #}
{%- for tls in [True, False] %} {%- for tls in [True, False] %}
{%- if tls %} {%- if tls %}
{%- set backend_url = slave_parameter.get('https-url', slave_parameter.get('url', '')).rstrip('/') %} {%- set backend_url = slave_parameter.get('backend-https-url', slave_parameter.get('backend-http-url')) %}
# SSL enabled hosts # SSL enabled hosts
{{ https_host_list|join(', ') }} { {{ https_host_list|join(', ') }} {
{%- else %} {%- else %}
{%- set backend_url = slave_parameter.get('url', '').rstrip('/') %} {%- set backend_url = slave_parameter['backend-http-url'] %}
# SSL-disabled hosts # SSL-disabled hosts
{{ http_host_list|join(', ') }} { {{ http_host_list|join(', ') }} {
{%- endif %} {%- endif %}
...@@ -178,11 +164,13 @@ ...@@ -178,11 +164,13 @@
{%- endif %} {%- endif %}
} {# rewrite #} } {# rewrite #}
{%- endif %} {#- if prefer_gzip #} {%- endif %} {#- if prefer_gzip #}
{%- elif slave_type == 'redirect' and backend_url %} {#- if slave_type == 'zope' and backend_url #} {%- elif slave_type == 'redirect' %}
{%- if backend_url %}
# Redirect configuration # Redirect configuration
redir 302 { redir 302 {
/ {{ backend_url }}{rewrite_uri} / {{ backend_url }}{rewrite_uri}
} {# redir #} }
{%- endif %}
{%- elif slave_type == 'notebook' %} {%- elif slave_type == 'notebook' %}
proxy / {{ backend_url }} { proxy / {{ backend_url }} {
{{ proxy_header() }} {{ proxy_header() }}
...@@ -204,6 +192,8 @@ ...@@ -204,6 +192,8 @@
{{ proxy_header() }} {{ proxy_header() }}
{%- if websocket_transparent %} {%- if websocket_transparent %}
transparent transparent
{%- else %}
header_upstream Host {host}
{%- endif %} {%- endif %}
} }
{%- for websocket_path in websocket_path_list %} {%- for websocket_path in websocket_path_list %}
...@@ -212,6 +202,8 @@ ...@@ -212,6 +202,8 @@
websocket websocket
{%- if websocket_transparent %} {%- if websocket_transparent %}
transparent transparent
{%- else %}
header_upstream Host {host}
{%- endif %} {%- endif %}
} }
{%- endfor %} {%- endfor %}
...@@ -221,6 +213,8 @@ ...@@ -221,6 +213,8 @@
websocket websocket
{%- if websocket_transparent %} {%- if websocket_transparent %}
transparent transparent
{%- else %}
header_upstream Host {host}
{%- endif %} {%- endif %}
} }
{%- endif %} {%- endif %}
......
module(
load="imuxsock"
SysSock.Name="{{ socket }}")
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$FileCreateMode 0600
$DirCreateMode 0700
$Umask 0022
$WorkDirectory {{ spool_directory }}
*.* {{ log_file }}
...@@ -10,10 +10,10 @@ if [ -f $LAST_STATE_FILE ] ; then ...@@ -10,10 +10,10 @@ if [ -f $LAST_STATE_FILE ] ; then
old_found=$(find $LAST_STATE_FILE -mmin +120 | wc -l) old_found=$(find $LAST_STATE_FILE -mmin +120 | wc -l)
fi fi
if [ "$old_found" -eq 1 ] || {{ caddy_configuration_state }} ; then if [ "$old_found" -eq 1 ] || {{ configuration_state_command }} ; then
# do not catch errors during validation # do not catch errors during validation
set +e set +e
{{ wrapper }} -validate {{ validate_command }}
echo $? > $LAST_STATE_FILE echo $? > $LAST_STATE_FILE
set -e set -e
fi fi
......
This source diff could not be displayed because it is too large. You can view the blob instead.
...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log ...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_dummy-cached_access_log
T-2/var/log/httpd-cache-direct/_dummy-cached_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_dummy-cached_access_log T-2/var/log/httpd/_dummy-cached_access_log
T-2/var/log/httpd/_dummy-cached_error_log T-2/var/log/httpd/_dummy-cached_error_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-free-disk-space.py T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py T-0/etc/plugin/monitor-http-frontend.py
...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
T-0:aibcc-user-caucase-updater-on-watch RUNNING
T-0:aikc-user-caucase-updater-on-watch RUNNING T-0:aikc-user-caucase-updater-on-watch RUNNING
T-0:bootstrap-monitor EXITED T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log ...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_dummy-cached_access_log
T-2/var/log/httpd-cache-direct/_dummy-cached_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_dummy-cached_access_log T-2/var/log/httpd/_dummy-cached_access_log
T-2/var/log/httpd/_dummy-cached_error_log T-2/var/log/httpd/_dummy-cached_error_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-free-disk-space.py T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py T-0/etc/plugin/monitor-http-frontend.py
...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
T-0:aibcc-user-caucase-updater-on-watch RUNNING
T-0:aikc-user-caucase-updater-on-watch RUNNING T-0:aikc-user-caucase-updater-on-watch RUNNING
T-0:bootstrap-monitor EXITED T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log ...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_dummy-cached_access_log
T-2/var/log/httpd-cache-direct/_dummy-cached_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_dummy-cached_access_log T-2/var/log/httpd/_dummy-cached_access_log
T-2/var/log/httpd/_dummy-cached_error_log T-2/var/log/httpd/_dummy-cached_error_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-free-disk-space.py T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py T-0/etc/plugin/monitor-http-frontend.py
...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
T-0:aibcc-user-caucase-updater-on-watch RUNNING
T-0:aikc-user-caucase-updater-on-watch RUNNING T-0:aikc-user-caucase-updater-on-watch RUNNING
T-0:bootstrap-monitor EXITED T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log ...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_dummy-cached_access_log
T-2/var/log/httpd-cache-direct/_dummy-cached_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_dummy-cached_access_log T-2/var/log/httpd/_dummy-cached_access_log
T-2/var/log/httpd/_dummy-cached_error_log T-2/var/log/httpd/_dummy-cached_error_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-free-disk-space.py T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py T-0/etc/plugin/monitor-http-frontend.py
...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
T-0:aibcc-user-caucase-updater-on-watch RUNNING
T-0:aikc-user-caucase-updater-on-watch RUNNING T-0:aikc-user-caucase-updater-on-watch RUNNING
T-0:bootstrap-monitor EXITED T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -5,6 +5,7 @@ T-1/var/log/expose-csr_id.log ...@@ -5,6 +5,7 @@ T-1/var/log/expose-csr_id.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-free-disk-space.py T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py T-0/etc/plugin/monitor-http-frontend.py
...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
T-0:aibcc-user-caucase-updater-on-watch RUNNING
T-0:aikc-user-caucase-updater-on-watch RUNNING T-0:aikc-user-caucase-updater-on-watch RUNNING
T-0:bootstrap-monitor EXITED T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -5,6 +5,7 @@ T-1/var/log/expose-csr_id.log ...@@ -5,6 +5,7 @@ T-1/var/log/expose-csr_id.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-free-disk-space.py T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py T-0/etc/plugin/monitor-http-frontend.py
...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
T-0:aibcc-user-caucase-updater-on-watch RUNNING
T-0:aikc-user-caucase-updater-on-watch RUNNING T-0:aikc-user-caucase-updater-on-watch RUNNING
T-0:bootstrap-monitor EXITED T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log ...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_default_access_log
T-2/var/log/httpd-cache-direct/_default_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_default_access_log T-2/var/log/httpd/_default_access_log
T-2/var/log/httpd/_default_error_log T-2/var/log/httpd/_default_error_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-free-disk-space.py T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py T-0/etc/plugin/monitor-http-frontend.py
...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
T-0:aibcc-user-caucase-updater-on-watch RUNNING
T-0:aikc-user-caucase-updater-on-watch RUNNING T-0:aikc-user-caucase-updater-on-watch RUNNING
T-0:bootstrap-monitor EXITED T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -5,27 +5,18 @@ T-1/var/log/expose-csr_id.log ...@@ -5,27 +5,18 @@ T-1/var/log/expose-csr_id.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-no-cache-request_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-no-cache-request_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-via-header_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-via-header_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify-unverified_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify-unverified_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt_error_log
T-2/var/log/httpd-cache-direct/_enable_cache_access_log
T-2/var/log/httpd-cache-direct/_enable_cache_custom_domain_access_log
T-2/var/log/httpd-cache-direct/_enable_cache_custom_domain_error_log
T-2/var/log/httpd-cache-direct/_enable_cache_error_log
T-2/var/log/httpd-cache-direct/_enable_cache_server_alias_access_log
T-2/var/log/httpd-cache-direct/_enable_cache_server_alias_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_Url_access_log T-2/var/log/httpd/_Url_access_log
T-2/var/log/httpd/_Url_error_log T-2/var/log/httpd/_Url_error_log
T-2/var/log/httpd/_auth-to-backend-backend-ignore_access_log
T-2/var/log/httpd/_auth-to-backend-backend-ignore_error_log
T-2/var/log/httpd/_auth-to-backend-not-configured_access_log
T-2/var/log/httpd/_auth-to-backend-not-configured_error_log
T-2/var/log/httpd/_auth-to-backend_access_log
T-2/var/log/httpd/_auth-to-backend_error_log
T-2/var/log/httpd/_ciphers_access_log T-2/var/log/httpd/_ciphers_access_log
T-2/var/log/httpd/_ciphers_error_log T-2/var/log/httpd/_ciphers_error_log
T-2/var/log/httpd/_custom_domain_access_log T-2/var/log/httpd/_custom_domain_access_log
...@@ -74,6 +65,8 @@ T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_access_log ...@@ -74,6 +65,8 @@ T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_access_log
T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_error_log T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_error_log
T-2/var/log/httpd/_server-alias-duplicated_access_log T-2/var/log/httpd/_server-alias-duplicated_access_log
T-2/var/log/httpd/_server-alias-duplicated_error_log T-2/var/log/httpd/_server-alias-duplicated_error_log
T-2/var/log/httpd/_server-alias-empty_access_log
T-2/var/log/httpd/_server-alias-empty_error_log
T-2/var/log/httpd/_server-alias-wildcard_access_log T-2/var/log/httpd/_server-alias-wildcard_access_log
T-2/var/log/httpd/_server-alias-wildcard_error_log T-2/var/log/httpd/_server-alias-wildcard_error_log
T-2/var/log/httpd/_server-alias_access_log T-2/var/log/httpd/_server-alias_access_log
...@@ -94,6 +87,8 @@ T-2/var/log/httpd/_ssl_ca_crt_only_access_log ...@@ -94,6 +87,8 @@ T-2/var/log/httpd/_ssl_ca_crt_only_access_log
T-2/var/log/httpd/_ssl_ca_crt_only_error_log T-2/var/log/httpd/_ssl_ca_crt_only_error_log
T-2/var/log/httpd/_type-notebook_access_log T-2/var/log/httpd/_type-notebook_access_log
T-2/var/log/httpd/_type-notebook_error_log T-2/var/log/httpd/_type-notebook_error_log
T-2/var/log/httpd/_type-redirect-custom_domain_access_log
T-2/var/log/httpd/_type-redirect-custom_domain_error_log
T-2/var/log/httpd/_type-redirect_access_log T-2/var/log/httpd/_type-redirect_access_log
T-2/var/log/httpd/_type-redirect_error_log T-2/var/log/httpd/_type-redirect_error_log
T-2/var/log/httpd/_type-websocket-websocket-path-list-websocket-transparent-false_access_log T-2/var/log/httpd/_type-websocket-websocket-path-list-websocket-transparent-false_access_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-free-disk-space.py T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py T-0/etc/plugin/monitor-http-frontend.py
...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-_monitor-ipv4-test-ipv4-packet-list-test.py T-2/etc/plugin/check-_monitor-ipv4-test-ipv4-packet-list-test.py
T-2/etc/plugin/check-_monitor-ipv6-test-ipv6-packet-list-test.py T-2/etc/plugin/check-_monitor-ipv6-test-ipv6-packet-list-test.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
T-0:aibcc-user-caucase-updater-on-watch RUNNING
T-0:aikc-user-caucase-updater-on-watch RUNNING T-0:aikc-user-caucase-updater-on-watch RUNNING
T-0:bootstrap-monitor EXITED T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -5,12 +5,9 @@ T-1/var/log/expose-csr_id.log ...@@ -5,12 +5,9 @@ T-1/var/log/expose-csr_id.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_default_ciphers_access_log
T-2/var/log/httpd-cache-direct/_default_ciphers_error_log
T-2/var/log/httpd-cache-direct/_own_ciphers_access_log
T-2/var/log/httpd-cache-direct/_own_ciphers_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_default_ciphers_access_log T-2/var/log/httpd/_default_ciphers_access_log
T-2/var/log/httpd/_default_ciphers_error_log T-2/var/log/httpd/_default_ciphers_error_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-free-disk-space.py T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py T-0/etc/plugin/monitor-http-frontend.py
...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
T-0:aibcc-user-caucase-updater-on-watch RUNNING
T-0:aikc-user-caucase-updater-on-watch RUNNING T-0:aikc-user-caucase-updater-on-watch RUNNING
T-0:bootstrap-monitor EXITED T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -5,27 +5,18 @@ T-1/var/log/expose-csr_id.log ...@@ -5,27 +5,18 @@ T-1/var/log/expose-csr_id.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-no-cache-request_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-no-cache-request_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-via-header_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-via-header_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify-unverified_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify-unverified_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt_error_log
T-2/var/log/httpd-cache-direct/_enable_cache_access_log
T-2/var/log/httpd-cache-direct/_enable_cache_custom_domain_access_log
T-2/var/log/httpd-cache-direct/_enable_cache_custom_domain_error_log
T-2/var/log/httpd-cache-direct/_enable_cache_error_log
T-2/var/log/httpd-cache-direct/_enable_cache_server_alias_access_log
T-2/var/log/httpd-cache-direct/_enable_cache_server_alias_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_Url_access_log T-2/var/log/httpd/_Url_access_log
T-2/var/log/httpd/_Url_error_log T-2/var/log/httpd/_Url_error_log
T-2/var/log/httpd/_auth-to-backend-backend-ignore_access_log
T-2/var/log/httpd/_auth-to-backend-backend-ignore_error_log
T-2/var/log/httpd/_auth-to-backend-not-configured_access_log
T-2/var/log/httpd/_auth-to-backend-not-configured_error_log
T-2/var/log/httpd/_auth-to-backend_access_log
T-2/var/log/httpd/_auth-to-backend_error_log
T-2/var/log/httpd/_ciphers_access_log T-2/var/log/httpd/_ciphers_access_log
T-2/var/log/httpd/_ciphers_error_log T-2/var/log/httpd/_ciphers_error_log
T-2/var/log/httpd/_custom_domain_access_log T-2/var/log/httpd/_custom_domain_access_log
...@@ -74,6 +65,8 @@ T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_access_log ...@@ -74,6 +65,8 @@ T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_access_log
T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_error_log T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_error_log
T-2/var/log/httpd/_server-alias-duplicated_access_log T-2/var/log/httpd/_server-alias-duplicated_access_log
T-2/var/log/httpd/_server-alias-duplicated_error_log T-2/var/log/httpd/_server-alias-duplicated_error_log
T-2/var/log/httpd/_server-alias-empty_access_log
T-2/var/log/httpd/_server-alias-empty_error_log
T-2/var/log/httpd/_server-alias-wildcard_access_log T-2/var/log/httpd/_server-alias-wildcard_access_log
T-2/var/log/httpd/_server-alias-wildcard_error_log T-2/var/log/httpd/_server-alias-wildcard_error_log
T-2/var/log/httpd/_server-alias_access_log T-2/var/log/httpd/_server-alias_access_log
...@@ -94,6 +87,8 @@ T-2/var/log/httpd/_ssl_ca_crt_only_access_log ...@@ -94,6 +87,8 @@ T-2/var/log/httpd/_ssl_ca_crt_only_access_log
T-2/var/log/httpd/_ssl_ca_crt_only_error_log T-2/var/log/httpd/_ssl_ca_crt_only_error_log
T-2/var/log/httpd/_type-notebook_access_log T-2/var/log/httpd/_type-notebook_access_log
T-2/var/log/httpd/_type-notebook_error_log T-2/var/log/httpd/_type-notebook_error_log
T-2/var/log/httpd/_type-redirect-custom_domain_access_log
T-2/var/log/httpd/_type-redirect-custom_domain_error_log
T-2/var/log/httpd/_type-redirect_access_log T-2/var/log/httpd/_type-redirect_access_log
T-2/var/log/httpd/_type-redirect_error_log T-2/var/log/httpd/_type-redirect_error_log
T-2/var/log/httpd/_type-websocket-websocket-path-list-websocket-transparent-false_access_log T-2/var/log/httpd/_type-websocket-websocket-path-list-websocket-transparent-false_access_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-free-disk-space.py T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py T-0/etc/plugin/monitor-http-frontend.py
...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-_monitor-ipv4-test-ipv4-packet-list-test.py T-2/etc/plugin/check-_monitor-ipv4-test-ipv4-packet-list-test.py
T-2/etc/plugin/check-_monitor-ipv6-test-ipv6-packet-list-test.py T-2/etc/plugin/check-_monitor-ipv6-test-ipv6-packet-list-test.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
T-0:aibcc-user-caucase-updater-on-watch RUNNING
T-0:aikc-user-caucase-updater-on-watch RUNNING T-0:aikc-user-caucase-updater-on-watch RUNNING
T-0:bootstrap-monitor EXITED T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log ...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_ssl_from_master_access_log
T-2/var/log/httpd-cache-direct/_ssl_from_master_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_access_log T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_access_log
T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_error_log T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_error_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-free-disk-space.py T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py T-0/etc/plugin/monitor-http-frontend.py
...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
T-0:aibcc-user-caucase-updater-on-watch RUNNING
T-0:aikc-user-caucase-updater-on-watch RUNNING T-0:aikc-user-caucase-updater-on-watch RUNNING
T-0:bootstrap-monitor EXITED T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log ...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_ssl_from_master_kedifa_overrides_master_certificate_access_log
T-2/var/log/httpd-cache-direct/_ssl_from_master_kedifa_overrides_master_certificate_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_access_log T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_access_log
T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_error_log T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_error_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-free-disk-space.py T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py T-0/etc/plugin/monitor-http-frontend.py
...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
T-0:aibcc-user-caucase-updater-on-watch RUNNING
T-0:aikc-user-caucase-updater-on-watch RUNNING T-0:aikc-user-caucase-updater-on-watch RUNNING
T-0:bootstrap-monitor EXITED T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log ...@@ -5,10 +5,9 @@ T-1/var/log/expose-csr_id.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_ssl_from_master_access_log
T-2/var/log/httpd-cache-direct/_ssl_from_master_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_ssl_from_master_access_log T-2/var/log/httpd/_ssl_from_master_access_log
T-2/var/log/httpd/_ssl_from_master_error_log T-2/var/log/httpd/_ssl_from_master_error_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-free-disk-space.py T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py T-0/etc/plugin/monitor-http-frontend.py
...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +19,15 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
T-0:aibcc-user-caucase-updater-on-watch RUNNING
T-0:aikc-user-caucase-updater-on-watch RUNNING T-0:aikc-user-caucase-updater-on-watch RUNNING
T-0:bootstrap-monitor EXITED T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +19,10 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -17,8 +17,8 @@ part = python3 ...@@ -17,8 +17,8 @@ part = python3
[metabase.jar] [metabase.jar]
recipe = slapos.recipe.build:download recipe = slapos.recipe.build:download
url = https://downloads.metabase.com/v0.35.3/metabase.jar url = https://downloads.metabase.com/v0.36.0/metabase.jar
md5sum = 73c98cdf5cecde80463ef868e77d3b0e md5sum = 0a5e780dcf7d9ffe73f1ed789f863a57
[instance-profile] [instance-profile]
recipe = slapos.recipe.template recipe = slapos.recipe.template
......
...@@ -15,11 +15,11 @@ ...@@ -15,11 +15,11 @@
[instance] [instance]
filename = instance.cfg.in filename = instance.cfg.in
md5sum = 42d21dc3f5d3e57e142eea8e016195f0 md5sum = d8ad39bc93c492026a93c28b33a5dc3a
[yarn.lock] [yarn.lock]
filename = yarn.lock filename = yarn.lock
md5sum = ae1b596804715acd3512f1e8e6cbae3b md5sum = 89d0a4d0c3ae90b9c5c0923b57766f0f
[python-language-server-requirements.txt] [python-language-server-requirements.txt]
filename = python-language-server-requirements.txt filename = python-language-server-requirements.txt
......
# Code generated by gowork-snapshot; DO NOT EDIT.
# list of go git repositories to fetch
[gowork.goinstall]
depends_gitfetch =
${go_github.com_9fans_go:recipe}
${go_github.com_acroca_go-symbols:recipe}
${go_github.com_alecthomas_gometalinter:recipe}
${go_github.com_alecthomas_units:recipe}
${go_github.com_beorn7_perks:recipe}
${go_github.com_cosiner_argv:recipe}
${go_github.com_cweill_gotests:recipe}
${go_github.com_davidrjenni_reftools:recipe}
${go_github.com_derekparker_delve:recipe}
${go_github.com_fatih_camelcase:recipe}
${go_github.com_fatih_gomodifytags:recipe}
${go_github.com_fatih_structtag:recipe}
${go_github.com_flynn_go-shlex:recipe}
${go_github.com_gogo_protobuf:recipe}
${go_github.com_golang_lint:recipe}
${go_github.com_golang_protobuf:recipe}
${go_github.com_google_shlex:recipe}
${go_github.com_google_uuid:recipe}
${go_github.com_hashicorp_golang-lru:recipe}
${go_github.com_haya14busa_goplay:recipe}
${go_github.com_josharian_impl:recipe}
${go_github.com_karrick_godirwalk:recipe}
${go_github.com_kisielk_gotool:recipe}
${go_github.com_mattn_go-isatty:recipe}
${go_github.com_mattn_go-runewidth:recipe}
${go_github.com_matttproud_golang_protobuf_extensions:recipe}
${go_github.com_mholt_caddy:recipe}
${go_github.com_neelance_parallel:recipe}
${go_github.com_nicksnyder_go-i18n:recipe}
${go_github.com_nsf_gocode:recipe}
${go_github.com_opentracing_basictracer-go:recipe}
${go_github.com_opentracing_opentracing-go:recipe}
${go_github.com_pelletier_go-toml:recipe}
${go_github.com_peterh_liner:recipe}
${go_github.com_pkg_errors:recipe}
${go_github.com_pmezard_go-difflib:recipe}
${go_github.com_prometheus_client_golang:recipe}
${go_github.com_prometheus_client_model:recipe}
${go_github.com_prometheus_common:recipe}
${go_github.com_prometheus_procfs:recipe}
${go_github.com_ramya-rao-a_go-outline:recipe}
${go_github.com_rogpeppe_godef:recipe}
${go_github.com_sirupsen_logrus:recipe}
${go_github.com_skratchdot_open-golang:recipe}
${go_github.com_slimsag_godocmd:recipe}
${go_github.com_sourcegraph_ctxvfs:recipe}
${go_github.com_sourcegraph_go-langserver:recipe}
${go_github.com_sourcegraph_go-lsp:recipe}
${go_github.com_sourcegraph_jsonrpc2:recipe}
${go_github.com_spf13_cobra:recipe}
${go_github.com_spf13_pflag:recipe}
${go_github.com_sqs_goreturns:recipe}
${go_github.com_tylerb_gotype-live:recipe}
${go_github.com_uudashr_gopkgs:recipe}
${go_github.com_zmb3_gogetdoc:recipe}
${go_golang.org_x_arch:recipe}
${go_golang.org_x_crypto:recipe}
${go_golang.org_x_lint:recipe}
${go_golang.org_x_net:recipe}
${go_golang.org_x_sys:recipe}
${go_golang.org_x_tools:recipe}
${go_gopkg.in_alecthomas_kingpin.v3-unstable:recipe}
${go_gopkg.in_yaml.v2:recipe}
${go_honnef.co_go_tools:recipe}
${go_sourcegraph.com_sqs_goreturns:recipe}
[go_github.com_9fans_go]
<= go-git-package
go.importpath = github.com/9fans/go
repository = https://github.com/9fans/go
revision = 5d4fa602e1
[go_github.com_acroca_go-symbols]
<= go-git-package
go.importpath = github.com/acroca/go-symbols
repository = https://github.com/acroca/go-symbols
revision = 953befd75e
[go_github.com_alecthomas_gometalinter]
<= go-git-package
go.importpath = github.com/alecthomas/gometalinter
repository = https://github.com/alecthomas/gometalinter
revision = 8edca99e8a
[go_github.com_alecthomas_units]
<= go-git-package
go.importpath = github.com/alecthomas/units
repository = https://github.com/alecthomas/units
revision = 2efee857e7
[go_github.com_beorn7_perks]
<= go-git-package
go.importpath = github.com/beorn7/perks
repository = https://github.com/beorn7/perks
revision = 3a771d9929
[go_github.com_cosiner_argv]
<= go-git-package
go.importpath = github.com/cosiner/argv
repository = https://github.com/cosiner/argv
revision = 13bacc38a0
[go_github.com_cweill_gotests]
<= go-git-package
go.importpath = github.com/cweill/gotests
repository = https://github.com/cweill/gotests
revision = c51312f508
[go_github.com_davidrjenni_reftools]
<= go-git-package
go.importpath = github.com/davidrjenni/reftools
repository = https://github.com/davidrjenni/reftools
revision = 654d0ba4f9
[go_github.com_derekparker_delve]
<= go-git-package
go.importpath = github.com/derekparker/delve
repository = https://github.com/derekparker/delve
revision = ea3428550d
[go_github.com_fatih_camelcase]
<= go-git-package
go.importpath = github.com/fatih/camelcase
repository = https://github.com/fatih/camelcase
revision = 9db1b65eb3
[go_github.com_fatih_gomodifytags]
<= go-git-package
go.importpath = github.com/fatih/gomodifytags
repository = https://github.com/fatih/gomodifytags
revision = 141225bf62
[go_github.com_fatih_structtag]
<= go-git-package
go.importpath = github.com/fatih/structtag
repository = https://github.com/fatih/structtag
revision = 76ae1d6d21
[go_github.com_flynn_go-shlex]
<= go-git-package
go.importpath = github.com/flynn/go-shlex
repository = https://github.com/flynn/go-shlex
revision = 3f9db97f85
[go_github.com_gogo_protobuf]
<= go-git-package
go.importpath = github.com/gogo/protobuf
repository = https://github.com/gogo/protobuf
revision = 6f222ca738
[go_github.com_golang_lint]
<= go-git-package
go.importpath = github.com/golang/lint
repository = https://github.com/golang/lint
revision = 1baf3a9d7d
[go_github.com_golang_protobuf]
<= go-git-package
go.importpath = github.com/golang/protobuf
repository = https://github.com/golang/protobuf
revision = 5e0eda4b6d
[go_github.com_google_shlex]
<= go-git-package
go.importpath = github.com/google/shlex
repository = https://github.com/google/shlex
revision = 6f45313302
[go_github.com_google_uuid]
<= go-git-package
go.importpath = github.com/google/uuid
repository = https://github.com/google/uuid
revision = 9b3b1e0f5f
[go_github.com_hashicorp_golang-lru]
<= go-git-package
go.importpath = github.com/hashicorp/golang-lru
repository = https://github.com/hashicorp/golang-lru
revision = 20f1fb78b0
[go_github.com_haya14busa_goplay]
<= go-git-package
go.importpath = github.com/haya14busa/goplay
repository = https://github.com/haya14busa/goplay
revision = v1.0.0-0-gf2d63a841a
[go_github.com_josharian_impl]
<= go-git-package
go.importpath = github.com/josharian/impl
repository = https://github.com/josharian/impl
revision = 3d0f908298
[go_github.com_karrick_godirwalk]
<= go-git-package
go.importpath = github.com/karrick/godirwalk
repository = https://github.com/karrick/godirwalk
revision = v1.7.5-0-g2de2192f9e
[go_github.com_kisielk_gotool]
<= go-git-package
go.importpath = github.com/kisielk/gotool
repository = https://github.com/kisielk/gotool
revision = 80517062f5
[go_github.com_mattn_go-isatty]
<= go-git-package
go.importpath = github.com/mattn/go-isatty
repository = https://github.com/mattn/go-isatty
revision = 3fb116b820
[go_github.com_mattn_go-runewidth]
<= go-git-package
go.importpath = github.com/mattn/go-runewidth
repository = https://github.com/mattn/go-runewidth
revision = b20a3daf6a
[go_github.com_matttproud_golang_protobuf_extensions]
<= go-git-package
go.importpath = github.com/matttproud/golang_protobuf_extensions
repository = https://github.com/matttproud/golang_protobuf_extensions
revision = v1.0.0-2-gc12348ce28
[go_github.com_mholt_caddy]
<= go-git-package
go.importpath = github.com/mholt/caddy
repository = https://lab.nexedi.com/nexedi/caddy.git
revision = v0.11.0-3-g12438f6cff
[go_github.com_neelance_parallel]
<= go-git-package
go.importpath = github.com/neelance/parallel
repository = https://github.com/neelance/parallel
revision = 4de9ce63d1
[go_github.com_nicksnyder_go-i18n]
<= go-git-package
go.importpath = github.com/nicksnyder/go-i18n
repository = https://github.com/nicksnyder/go-i18n
revision = fc57a7d765
[go_github.com_nsf_gocode]
<= go-git-package
go.importpath = github.com/nsf/gocode
repository = https://github.com/nsf/gocode
revision = 7b1d4e18cd
[go_github.com_opentracing_basictracer-go]
<= go-git-package
go.importpath = github.com/opentracing/basictracer-go
repository = https://github.com/opentracing/basictracer-go
revision = 98b91394c2
[go_github.com_opentracing_opentracing-go]
<= go-git-package
go.importpath = github.com/opentracing/opentracing-go
repository = https://github.com/opentracing/opentracing-go
revision = be550b025b
[go_github.com_pelletier_go-toml]
<= go-git-package
go.importpath = github.com/pelletier/go-toml
repository = https://github.com/pelletier/go-toml
revision = v0.2.0-212-g81a861c69d
[go_github.com_peterh_liner]
<= go-git-package
go.importpath = github.com/peterh/liner
repository = https://github.com/peterh/liner
revision = v1.1.0-0-g5a0dfa99e2
[go_github.com_pkg_errors]
<= go-git-package
go.importpath = github.com/pkg/errors
repository = https://github.com/pkg/errors
revision = v0.8.0-17-g059132a15d
[go_github.com_pmezard_go-difflib]
<= go-git-package
go.importpath = github.com/pmezard/go-difflib
repository = https://github.com/pmezard/go-difflib
revision = v1.0.0-0-g792786c740
[go_github.com_prometheus_client_golang]
<= go-git-package
go.importpath = github.com/prometheus/client_golang
repository = https://github.com/prometheus/client_golang
revision = v0.9.0-6-g16f375c74d
[go_github.com_prometheus_client_model]
<= go-git-package
go.importpath = github.com/prometheus/client_model
repository = https://github.com/prometheus/client_model
revision = model-0.0.2-18-g5c3871d899
[go_github.com_prometheus_common]
<= go-git-package
go.importpath = github.com/prometheus/common
repository = https://github.com/prometheus/common
revision = 7e9e6cabbd
[go_github.com_prometheus_procfs]
<= go-git-package
go.importpath = github.com/prometheus/procfs
repository = https://github.com/prometheus/procfs
revision = 185b428841
[go_github.com_ramya-rao-a_go-outline]
<= go-git-package
go.importpath = github.com/ramya-rao-a/go-outline
repository = https://github.com/ramya-rao-a/go-outline
revision = 9e9d089bb6
[go_github.com_rogpeppe_godef]
<= go-git-package
go.importpath = github.com/rogpeppe/godef
repository = https://github.com/rogpeppe/godef
revision = v1.0.0-0-g7b4626be9f
[go_github.com_sirupsen_logrus]
<= go-git-package
go.importpath = github.com/sirupsen/logrus
repository = https://github.com/sirupsen/logrus
revision = 4fabf2fffc
[go_github.com_skratchdot_open-golang]
<= go-git-package
go.importpath = github.com/skratchdot/open-golang
repository = https://github.com/skratchdot/open-golang
revision = 75fb7ed420
[go_github.com_slimsag_godocmd]
<= go-git-package
go.importpath = github.com/slimsag/godocmd
repository = https://github.com/slimsag/godocmd
revision = a1005ad29f
[go_github.com_sourcegraph_ctxvfs]
<= go-git-package
go.importpath = github.com/sourcegraph/ctxvfs
repository = https://github.com/sourcegraph/ctxvfs
revision = 2b65f1b1ea
[go_github.com_sourcegraph_go-langserver]
<= go-git-package
go.importpath = github.com/sourcegraph/go-langserver
repository = https://github.com/sourcegraph/go-langserver
revision = 2b83206020
[go_github.com_sourcegraph_go-lsp]
<= go-git-package
go.importpath = github.com/sourcegraph/go-lsp
repository = https://github.com/sourcegraph/go-lsp
revision = 4631ffd93a
[go_github.com_sourcegraph_jsonrpc2]
<= go-git-package
go.importpath = github.com/sourcegraph/jsonrpc2
repository = https://github.com/sourcegraph/jsonrpc2
revision = 549eb959f0
[go_github.com_spf13_cobra]
<= go-git-package
go.importpath = github.com/spf13/cobra
repository = https://github.com/spf13/cobra
revision = fe5e611709
[go_github.com_spf13_pflag]
<= go-git-package
go.importpath = github.com/spf13/pflag
repository = https://github.com/spf13/pflag
revision = 082b515c94
[go_github.com_sqs_goreturns]
<= go-git-package
go.importpath = github.com/sqs/goreturns
repository = https://github.com/sqs/goreturns
revision = 83e02874ec
[go_github.com_tylerb_gotype-live]
<= go-git-package
go.importpath = github.com/tylerb/gotype-live
repository = https://github.com/tylerb/gotype-live
revision = 440f9c77a4
[go_github.com_uudashr_gopkgs]
<= go-git-package
go.importpath = github.com/uudashr/gopkgs
repository = https://github.com/uudashr/gopkgs
revision = 84fe2e5def
[go_github.com_zmb3_gogetdoc]
<= go-git-package
go.importpath = github.com/zmb3/gogetdoc
repository = https://github.com/zmb3/gogetdoc
revision = 0d07153ccc
[go_golang.org_x_arch]
<= go-git-package
go.importpath = golang.org/x/arch
repository = https://go.googlesource.com/arch
revision = b19384d3c1
[go_golang.org_x_crypto]
<= go-git-package
go.importpath = golang.org/x/crypto
repository = https://go.googlesource.com/crypto
revision = 85e1b3f913
[go_golang.org_x_lint]
<= go-git-package
go.importpath = golang.org/x/lint
repository = https://go.googlesource.com/lint
revision = 1baf3a9d7d
[go_golang.org_x_net]
<= go-git-package
go.importpath = golang.org/x/net
repository = https://go.googlesource.com/net
revision = 9b4f9f5ad5
[go_golang.org_x_sys]
<= go-git-package
go.importpath = golang.org/x/sys
repository = https://go.googlesource.com/sys
revision = d989b31c87
[go_golang.org_x_tools]
<= go-git-package
go.importpath = golang.org/x/tools
repository = https://go.googlesource.com/tools
revision = a2dc47679d
[go_gopkg.in_alecthomas_kingpin.v3-unstable]
<= go-git-package
go.importpath = gopkg.in/alecthomas/kingpin.v3-unstable
repository = https://gopkg.in/alecthomas/kingpin.v3-unstable
revision = df19058c87
[go_gopkg.in_yaml.v2]
<= go-git-package
go.importpath = gopkg.in/yaml.v2
repository = https://gopkg.in/yaml.v2
revision = v2.1.1-17-g5420a8b674
[go_honnef.co_go_tools]
<= go-git-package
go.importpath = honnef.co/go/tools
repository = https://github.com/dominikh/go-tools
revision = e3ad64cb4e
[go_sourcegraph.com_sqs_goreturns]
<= go-git-package
go.importpath = sourcegraph.com/sqs/goreturns
repository = https://github.com/sqs/goreturns
revision = 83e02874ec
...@@ -121,7 +121,7 @@ recipe = slapos.cookbook:userinfo ...@@ -121,7 +121,7 @@ recipe = slapos.cookbook:userinfo
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
wrapper-path = $${directory:services}/$${:_buildout_section_name_} wrapper-path = $${directory:services}/$${:_buildout_section_name_}
command-line = command-line =
env LC_ALL=C.UTF-8 TMP=$${directory:tmp} THEIA_WEBVIEW_EXTERNAL_ENDPOINT='{{hostname}}' THEIA_SHELL=$${theia-shell:wrapper-path} ${theia-wrapper:rendered} --hostname=$${:hostname} --port=$${:port} $${directory:project} env LC_ALL=C.UTF-8 TMP=$${directory:tmp} THEIA_WEBVIEW_EXTERNAL_ENDPOINT='{{hostname}}' THEIA_SHELL=$${theia-shell:rendered} ${theia-wrapper:rendered} --hostname=$${:hostname} --port=$${:port} $${directory:project}
ip = $${instance-parameter:ipv4-random} ip = $${instance-parameter:ipv4-random}
hostname = $${:ip} hostname = $${:ip}
...@@ -132,12 +132,18 @@ hash-existing-files = ...@@ -132,12 +132,18 @@ hash-existing-files =
${theia-wrapper:rendered} ${theia-wrapper:rendered}
[theia-shell] [theia-shell]
recipe = slapos.cookbook:wrapper recipe = slapos.recipe.template:jinja2
wrapper-path = $${directory:bin}/$${:_buildout_section_name_} rendered = $${directory:bin}/$${:_buildout_section_name_}
# reset GIT_EXEC_PATH to workaround https://github.com/eclipse-theia/theia/issues/7555 mode = 0700
# activate slapos configuration template = inline:
command-line = #!${python:location}/bin/python
${bash:location}/bin/bash -c ". $${slapos-standalone-activate:rendered} && exec env GIT_EXEC_PATH= ${bash:location}/bin/bash" import sys
import os
args = sys.argv[1:]
# when running interactively, activate slapos configuration and reset GIT_EXEC_PATH to workaround https://github.com/eclipse-theia/theia/issues/7555
if not args: args = ["-c", ". $${slapos-standalone-activate:rendered} && exec env GIT_EXEC_PATH= ${bash:location}/bin/bash", ]
os.execv('${bash:location}/bin/bash', ['${bash:location}/bin/bash'] + args)
[slapos-standalone-activate] [slapos-standalone-activate]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
...@@ -147,7 +153,16 @@ mode = 0700 ...@@ -147,7 +153,16 @@ mode = 0700
template = template =
inline:#!/bin/sh inline:#!/bin/sh
export PATH=${buildout:bin-directory}:$PATH export PATH=${buildout:bin-directory}:$PATH
${slapos-standalone:script-path} $${directory:slapos} $${:ipv4} $${:ipv6} $${:port} ${slapos-standalone:script-path} \
$${directory:slapos} \
$${:ipv4} \
$${:ipv6} \
$${:port} \
$${slap-connection:server-url} \
$${slap-connection:computer-id} \
$${slap-connection:partition-id} \
--key='$${slap-connection:key-file}' \
--cert='$${slap-connection:cert-file}'
export SLAPOS_CONFIGURATION=$${directory:slapos}/etc/slapos.cfg export SLAPOS_CONFIGURATION=$${directory:slapos}/etc/slapos.cfg
export SLAPOS_CLIENT_CONFIGURATION=$SLAPOS_CONFIGURATION export SLAPOS_CLIENT_CONFIGURATION=$SLAPOS_CONFIGURATION
......
...@@ -10,15 +10,11 @@ extends = ...@@ -10,15 +10,11 @@ extends =
../../component/vim/buildout.cfg ../../component/vim/buildout.cfg
../../component/curl/buildout.cfg ../../component/curl/buildout.cfg
../../component/coreutils/buildout.cfg ../../component/coreutils/buildout.cfg
../../component/java-jdk/buildout.cfg
../../stack/slapos.cfg ../../stack/slapos.cfg
../../stack/monitor/buildout.cfg ../../stack/monitor/buildout.cfg
./gowork.cfg ../../component/defaults.cfg
./buildout.hash.cfg ./buildout.hash.cfg
# this gowork.cfg includes the one from caddy, because they share the only gowork
# workspace (not intentionnaly, as far as I see there's only one gowork per SR)
# it is included after caddy, otherwise only caddy is installed. The problem of this
# approach is that caddy's version will be the one pinned here, so we have to update
# here as well.
parts = parts =
theia-wrapper theia-wrapper
...@@ -28,6 +24,11 @@ parts = ...@@ -28,6 +24,11 @@ parts =
# default for slapos-standalone # default for slapos-standalone
shared-part-list = shared-part-list =
# We keep the gcc part in sync with the one from erp5 software, so that when we install
# erp5 inside theia's slapos parts can be shared.
[gcc]
max_version = 0
[nodejs] [nodejs]
<= nodejs-10.19.0 <= nodejs-10.19.0
...@@ -64,14 +65,33 @@ initialization = ...@@ -64,14 +65,33 @@ initialization =
parser.add_argument('ipv4') parser.add_argument('ipv4')
parser.add_argument('ipv6') parser.add_argument('ipv6')
parser.add_argument('server_port', type=int) parser.add_argument('server_port', type=int)
forwarded_arguments = parser.add_argument_group('forwarded')
forwarded_arguments.add_argument('master_url')
forwarded_arguments.add_argument('computer')
forwarded_arguments.add_argument('partition')
# cert and key are optional
forwarded_arguments.add_argument('--cert')
forwarded_arguments.add_argument('--key')
args = parser.parse_args() args = parser.parse_args()
shared_part_list = [x.strip() for x in '''${buildout:shared-part-list}'''.splitlines() if x.strip()] shared_part_list = [x.strip() for x in '''${buildout:shared-part-list}'''.splitlines() if x.strip()]
partition_forward_configuration = (
slapos.slap.standalone.PartitionForwardAsPartitionConfiguration(
master_url=args.master_url,
computer=args.computer,
partition=args.partition,
cert=args.cert,
key=args.key,
software_release_list=(
'http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg',
),
),
)
standalone = slapos.slap.standalone.StandaloneSlapOS( standalone = slapos.slap.standalone.StandaloneSlapOS(
args.base_directory, args.base_directory,
args.ipv4, args.ipv4,
args.server_port, args.server_port,
shared_part_list=shared_part_list shared_part_list=shared_part_list,
partition_forward_configuration=partition_forward_configuration,
) )
standalone.start() standalone.start()
partition_count = 20 partition_count = 20
...@@ -139,7 +159,8 @@ mode = 0644 ...@@ -139,7 +159,8 @@ mode = 0644
[package.json] [package.json]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
# this comes from https://github.com/theia-ide/theia-apps/blob/2991e3a433f031b22bc80e274f80620d1e6898e5/theia-full-docker/latest.package.json # this comes from https://github.com/theia-ide/theia-apps/blob/3391dd07cba7ddc5cc833420349a27beb66a5433/theia-full-docker/latest.package.json
# but with a more recent version of vscode-java-redhat, where https://github.com/redhat-developer/vscode-java/issues/1301 was fixed
template = template =
inline:{ inline:{
"private": true, "private": true,
...@@ -163,17 +184,20 @@ template = ...@@ -163,17 +184,20 @@ template =
"**/node_modules/**": true "**/node_modules/**": true
}, },
"editor.multiCursorModifier": "ctrlCmd", "editor.multiCursorModifier": "ctrlCmd",
"plantuml.webservice": "//plantuml.host.vifib.net/svg/", "editor.tabSize": 2,
"plantuml.monochrome": false, "plantuml.monochrome": false,
"editor.tabSize": 2 "plantuml.webservice": "//plantuml.host.vifib.net/svg/",
"gitlens.remotes": [{ "domain": "lab.nexedi.com", "type": "GitLab" }],
"java.home": "${java-jdk:location}"
} }
} }
} }
}, },
"dependencies": { "dependencies": {
"@theia/callhierarchy": "latest", "@theia/callhierarchy": "latest",
"@theia/console": "latest",
"@theia/core": "latest", "@theia/core": "latest",
"@theia/cpp": "latest", "@theia/cpp-debug": "latest",
"@theia/debug": "latest", "@theia/debug": "latest",
"@theia/editor": "latest", "@theia/editor": "latest",
"@theia/editor-preview": "latest", "@theia/editor-preview": "latest",
...@@ -200,9 +224,11 @@ template = ...@@ -200,9 +224,11 @@ template =
"@theia/preview": "latest", "@theia/preview": "latest",
"@theia/process": "latest", "@theia/process": "latest",
"@theia/rust": "latest", "@theia/rust": "latest",
"@theia/scm": "latest",
"@theia/search-in-workspace": "latest", "@theia/search-in-workspace": "latest",
"@theia/task": "latest", "@theia/task": "latest",
"@theia/terminal": "latest", "@theia/terminal": "latest",
"@theia/typehierarchy": "latest",
"@theia/userstorage": "latest", "@theia/userstorage": "latest",
"@theia/variable-resolver": "latest", "@theia/variable-resolver": "latest",
"@theia/vsx-registry": "latest", "@theia/vsx-registry": "latest",
...@@ -211,8 +237,9 @@ template = ...@@ -211,8 +237,9 @@ template =
"resolutions": { "resolutions": {
"vscode-json-languageserver": "1.2.2", "vscode-json-languageserver": "1.2.2",
"vscode-languageserver-protocol": "3.15.0-next.9", "vscode-languageserver-protocol": "3.15.0-next.9",
"vscode-languageserver-types": "3.15.0-next.4", "vscode-languageserver-types": "3.15.0-next.5",
"**/vscode-json-languageserver/**/vscode-languageserver": "6.0.0-next.1" "**/vscode-json-languageserver/**/vscode-languageserver": "6.0.0-next.1",
"**/moment": "2.24.0"
}, },
"devDependencies": { "devDependencies": {
"@theia/cli": "latest" "@theia/cli": "latest"
...@@ -285,7 +312,7 @@ template = ...@@ -285,7 +312,7 @@ template =
"vscode-go": "https://github.com/microsoft/vscode-go/releases/download/0.12.0/Go-0.12.0.vsix", "vscode-go": "https://github.com/microsoft/vscode-go/releases/download/0.12.0/Go-0.12.0.vsix",
"vscode-java-debug": "https://github.com/microsoft/vscode-java-debug/releases/download/0.24.0/vscjava.vscode-java-debug-0.24.0.vsix", "vscode-java-debug": "https://github.com/microsoft/vscode-java-debug/releases/download/0.24.0/vscjava.vscode-java-debug-0.24.0.vsix",
"vscode-java-dependency-viewer": "https://github.com/microsoft/vscode-java-dependency/releases/download/0.6.0/vscode-java-dependency-0.6.0.vsix", "vscode-java-dependency-viewer": "https://github.com/microsoft/vscode-java-dependency/releases/download/0.6.0/vscode-java-dependency-0.6.0.vsix",
"vscode-java-redhat": "https://github.com/redhat-developer/vscode-java/releases/download/v0.54.2/redhat.java-0.54.2.vsix", "vscode-java-redhat": "https://github.com/redhat-developer/vscode-java/releases/download/v0.61.0/redhat.java-0.61.0.vsix",
"vscode-java-test": "https://github.com/microsoft/vscode-java-test/releases/download/0.22.0/vscjava.vscode-java-test-0.22.0.vsix", "vscode-java-test": "https://github.com/microsoft/vscode-java-test/releases/download/0.22.0/vscjava.vscode-java-test-0.22.0.vsix",
"vscode-python": "https://github.com/microsoft/vscode-python/releases/download/2020.1.58038/ms-python-release.vsix", "vscode-python": "https://github.com/microsoft/vscode-python/releases/download/2020.1.58038/ms-python-release.vsix",
"vscode-ruby": "https://github.com/rubyide/vscode-ruby/releases/download/v0.25.0/ruby-0.25.0.vsix", "vscode-ruby": "https://github.com/rubyide/vscode-ruby/releases/download/v0.25.0/ruby-0.25.0.vsix",
...@@ -297,29 +324,15 @@ mode = 0644 ...@@ -297,29 +324,15 @@ mode = 0644
[gowork] [gowork]
# Install go-language-server in workspace golang = ${golang1.14:location}
# Note that this is the same workspace as caddy.
# install list comes from https://github.com/theia-ide/go-language-server/blob/d259749c8f263c4d845055833b03b1d2dbefa5b3/README.md#prerequisites [gowork.goinstall]
install += command =
github.com/ramya-rao-a/go-outline bash -c ". ${gowork:env.sh} && GO111MODULE=on go get golang.org/x/tools/gopls@v0.4.3"
github.com/acroca/go-symbols
github.com/nsf/gocode
github.com/rogpeppe/godef
golang.org/x/tools/cmd/godoc
github.com/zmb3/gogetdoc
golang.org/x/lint/golint
github.com/fatih/gomodifytags
github.com/uudashr/gopkgs/cmd/gopkgs
golang.org/x/tools/cmd/gorename
sourcegraph.com/sqs/goreturns
github.com/cweill/gotests/...
golang.org/x/tools/cmd/guru
github.com/josharian/impl
github.com/haya14busa/goplay/cmd/goplay
github.com/davidrjenni/reftools/cmd/fillstruct
[cli-utilities] [cli-utilities]
PATH = ${nodejs:location}/bin/:${bash:location}/bin/:${fish-shell:location}/bin/:${tig:location}/bin/:${vim:location}/bin/:${tmux:location}/bin/:${git:location}/bin/:${curl:location}/bin PATH = ${nodejs:location}/bin/:${bash:location}/bin/:${fish-shell:location}/bin/:${tig:location}/bin/:${vim:location}/bin/:${tmux:location}/bin/:${git:location}/bin/:${curl:location}/bin:${python2.7:location}/bin/
[theia-wrapper] [theia-wrapper]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
...@@ -329,7 +342,7 @@ template = ...@@ -329,7 +342,7 @@ template =
inline: inline:
#!/bin/bash #!/bin/bash
. ${gowork:env.sh} . ${gowork:env.sh}
export PATH=${python-language-server:location}/bin/:${cli-utilities:PATH}:$PATH export PATH=${python-language-server:location}/bin/:${java-jdk:location}/bin/:${cli-utilities:PATH}:$PATH
export THEIA_DEFAULT_PLUGINS="local-dir:${theia:THEIA_DEFAULT_PLUGINS}" export THEIA_DEFAULT_PLUGINS="local-dir:${theia:THEIA_DEFAULT_PLUGINS}"
# reset PS1 from gowork # reset PS1 from gowork
export PS1='$ ' export PS1='$ '
......
...@@ -29,6 +29,7 @@ from __future__ import unicode_literals ...@@ -29,6 +29,7 @@ from __future__ import unicode_literals
import os import os
import textwrap import textwrap
import logging import logging
import subprocess
import tempfile import tempfile
import time import time
from six.moves.urllib.parse import urlparse, urljoin from six.moves.urllib.parse import urlparse, urljoin
...@@ -89,6 +90,15 @@ class TestTheia(SlapOSInstanceTestCase): ...@@ -89,6 +90,15 @@ class TestTheia(SlapOSInstanceTestCase):
# use a large enough terminal so that slapos proxy show table fit in the screen # use a large enough terminal so that slapos proxy show table fit in the screen
process.setwinsize(5000, 5000) process.setwinsize(5000, 5000)
# log process output for debugging
logger = logging.getLogger('theia-shell')
class DebugLogFile:
def write(self, msg):
logger.info("output from theia-shell: %s", msg)
def flush(self):
pass
process.logfile = DebugLogFile()
process.expect_exact('Standalone SlapOS: Formatting 20 partitions') process.expect_exact('Standalone SlapOS: Formatting 20 partitions')
process.expect_exact('Standalone SlapOS for computer `local` activated') process.expect_exact('Standalone SlapOS for computer `local` activated')
...@@ -122,3 +132,13 @@ class TestTheia(SlapOSInstanceTestCase): ...@@ -122,3 +132,13 @@ class TestTheia(SlapOSInstanceTestCase):
process.terminate() process.terminate()
process.wait() process.wait()
def test_theia_shell_execute_tasks(self):
# shell needs to understand -c "comamnd" arguments for theia tasks feature
test_file = '{}/test file'.format(self.computer_partition_root_path)
subprocess.check_call([
'{}/bin/theia-shell'.format(self.computer_partition_root_path),
'-c',
'touch "{}"'.format(test_file)
])
self.assertTrue(os.path.exists(test_file))
This source diff could not be displayed because it is too large. You can view the blob instead.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment