Commit 782d86b2 authored by Rafael Monnerat's avatar Rafael Monnerat

Update Release Candidate

parents b541c85e 307d0801
...@@ -21,4 +21,4 @@ environment = ...@@ -21,4 +21,4 @@ environment =
patch-binary = ${patch:location}/bin/patch patch-binary = ${patch:location}/bin/patch
patch-options = -p1 patch-options = -p1
patches = patches =
https://sources.debian.org/data/main/f/file/1:5.37-6/debian/patches/cherry-pick.FILE5_37-67-g46a8443f.limit-the-number-of-elements-in-a-vector-found-by-oss-fuzz.patch#fb6f7d32ce89573bf4b4b302c812e394 ${:_profile_base_location_}/cherry-pick.FILE5_37-67-g46a8443f.limit-the-number-of-elements-in-a-vector-found-by-oss-fuzz.patch#fb6f7d32ce89573bf4b4b302c812e394
Subject: Limit the number of elements in a vector (found by oss-fuzz)
Origin: FILE5_37-67-g46a8443f <https://github.com/file/file/commit/FILE5_37-67-g46a8443f>
Upstream-Author: Christos Zoulas <christos@zoulas.com>
Date: Mon Aug 26 14:31:39 2019 +0000
--- a/src/cdf.c
+++ b/src/cdf.c
@@ -1013,8 +1013,9 @@
goto out;
}
nelements = CDF_GETUINT32(q, 1);
- if (nelements == 0) {
- DPRINTF(("CDF_VECTOR with nelements == 0\n"));
+ if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) {
+ DPRINTF(("CDF_VECTOR with nelements == %"
+ SIZE_T_FORMAT "u\n", nelements));
goto out;
}
slen = 2;
@@ -1056,8 +1057,6 @@
goto out;
inp += nelem;
}
- DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n",
- nelements));
for (j = 0; j < nelements && i < sh.sh_properties;
j++, i++)
{
--- a/src/cdf.h
+++ b/src/cdf.h
@@ -48,6 +48,7 @@
typedef int32_t cdf_secid_t;
#define CDF_LOOP_LIMIT 10000
+#define CDF_ELEMENT_LIMIT 100000
#define CDF_SECID_NULL 0
#define CDF_SECID_FREE -1
...@@ -29,8 +29,8 @@ parts = ...@@ -29,8 +29,8 @@ parts =
[mariadb] [mariadb]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
url = https://downloads.mariadb.org/f/mariadb-${:version}/source/mariadb-${:version}.tar.gz/from/http%3A//fr.mirror.babylon.network/mariadb/?serve url = https://downloads.mariadb.org/f/mariadb-${:version}/source/mariadb-${:version}.tar.gz/from/http%3A//fr.mirror.babylon.network/mariadb/?serve
version = 10.3.22 version = 10.4.12
md5sum = f712a5e6fde038d0c9c6d2a2cd88b84e md5sum = 97d7c0f508c04a31c138fdb24e95dbc4
location = ${buildout:parts-directory}/${:_buildout_section_name_} location = ${buildout:parts-directory}/${:_buildout_section_name_}
pre-configure = pre-configure =
set -e '\bSET(PLUGIN_AUTH_PAM YES)' cmake/build_configurations/mysql_release.cmake set -e '\bSET(PLUGIN_AUTH_PAM YES)' cmake/build_configurations/mysql_release.cmake
...@@ -76,9 +76,10 @@ environment = ...@@ -76,9 +76,10 @@ environment =
CMAKE_INCLUDE_PATH=${bzip2:location}/include:${libaio:location}/include:${libaio:location}/include:${libxml2:location}/include:${ncurses:location}/include:${openssl:location}/include:${readline5:location}/include:${xz-utils:location}/include:${zlib:location}/include:${unixodbc:location}/include:${lz4:location}/include:${snappy:location}/include:${zstd:location}/include CMAKE_INCLUDE_PATH=${bzip2:location}/include:${libaio:location}/include:${libaio:location}/include:${libxml2:location}/include:${ncurses:location}/include:${openssl:location}/include:${readline5:location}/include:${xz-utils:location}/include:${zlib:location}/include:${unixodbc:location}/include:${lz4:location}/include:${snappy:location}/include:${zstd:location}/include
CMAKE_LIBRARY_PATH=${:CMAKE_LIBRARY_PATH} CMAKE_LIBRARY_PATH=${:CMAKE_LIBRARY_PATH}
LDFLAGS=-L${bzip2:location}/lib -L${jemalloc:location}/lib -L${libaio:location}/lib -L${xz-utils:location}/lib -L${zlib:location}/lib -L${unixodbc:location}/lib -L${lz4:location}/lib -L${snappy:location}/lib -L${zstd:location}/lib LDFLAGS=-L${bzip2:location}/lib -L${jemalloc:location}/lib -L${libaio:location}/lib -L${xz-utils:location}/lib -L${zlib:location}/lib -L${unixodbc:location}/lib -L${lz4:location}/lib -L${snappy:location}/lib -L${zstd:location}/lib
post-install = post-install = set -e
mkdir -p ${:location}/include/wsrep && set -- wsrep-lib/wsrep-API/*/wsrep_api.h
cp -p wsrep/wsrep_api.h ${:location}/include/wsrep install -DpT $1 ${:location}/$1
cp -a wsrep-lib/include ${:location}/wsrep-lib
[mroonga-mariadb] [mroonga-mariadb]
# mroonga - a storage engine for MySQL. It provides fast fulltext search feature to all MySQL users. # mroonga - a storage engine for MySQL. It provides fast fulltext search feature to all MySQL users.
...@@ -89,15 +90,10 @@ md5sum = d0af673f1bad3b9ccf33870bb2344a25 ...@@ -89,15 +90,10 @@ md5sum = d0af673f1bad3b9ccf33870bb2344a25
pre-configure = set -e pre-configure = set -e
rm -rf fake_mariadb_source rm -rf fake_mariadb_source
mkdir -p fake_mariadb_source mkdir -p fake_mariadb_source
test -d ${mariadb:location}/include/mysql/server/private && ( cd fake_mariadb_source
mkdir -p fake_mariadb_source/sql ln -s ${mariadb:location}/wsrep-lib
cp -a ${mariadb:location}/include/mysql/server/private/* fake_mariadb_source/sql cp -a ${mariadb:location}/include/mysql/server include
cp -a ${mariadb:location}/include/mysql/server/*.h fake_mariadb_source/sql mv include/private sql
cp -a ${mariadb:location}/include/mysql/server/mysql fake_mariadb_source/sql
) || ln -s ${mariadb:location}/include/mysql/private fake_mariadb_source/sql
cp -ar ${mariadb:location}/include fake_mariadb_source/include
! test -f fake_mariadb_source/include/mysql/mariadb_stmt.h ||
sed -i -E -e '/^enum enum_(cursor|indicator)_type$/,/};/d' fake_mariadb_source/include/mysql/mariadb_stmt.h
configure-options = configure-options =
--with-mysql-source=fake_mariadb_source --with-mysql-source=fake_mariadb_source
--with-mysql-config=${mariadb:location}/bin/mysql_config --with-mysql-config=${mariadb:location}/bin/mysql_config
...@@ -106,8 +102,6 @@ configure-options = ...@@ -106,8 +102,6 @@ configure-options =
patch-options = -p1 patch-options = -p1
patches = patches =
${:_profile_base_location_}/mroonga_boolean.patch#c818568fe35ca6a4298f18e575d962a0 ${:_profile_base_location_}/mroonga_boolean.patch#c818568fe35ca6a4298f18e575d962a0
pre-build =
sed -i -e "s,${mariadb:location}/include,$(pwd)/fake_mariadb_source/include,g" Makefile */Makefile
environment = environment =
PATH=${binutils:location}/bin:${groonga:location}/bin:${patch:location}/bin:${pkgconfig:location}/bin:%(PATH)s PATH=${binutils:location}/bin:${groonga:location}/bin:${patch:location}/bin:${pkgconfig:location}/bin:%(PATH)s
CPPFLAGS=-I${groonga:location}/include/groonga CPPFLAGS=-I${groonga:location}/include/groonga
......
...@@ -124,11 +124,6 @@ setup(name=name, ...@@ -124,11 +124,6 @@ setup(name=name,
'ipv6toipv4 = slapos.recipe.6tunnel:SixToFour', 'ipv6toipv4 = slapos.recipe.6tunnel:SixToFour',
'jsondump = slapos.recipe.jsondump:Recipe', 'jsondump = slapos.recipe.jsondump:Recipe',
'kvm.frontend = slapos.recipe.kvm_frontend:Recipe', 'kvm.frontend = slapos.recipe.kvm_frontend:Recipe',
'lamp = slapos.recipe.lamp:Request',
'lamp.generic = slapos.recipe.lampgeneric:Recipe',
'lamp.request = slapos.recipe.lamp:Request',
'lamp.simple = slapos.recipe.lamp:Simple',
'lamp.static = slapos.recipe.lamp:Static',
'libcloud = slapos.recipe.libcloud:Recipe', 'libcloud = slapos.recipe.libcloud:Recipe',
'libcloudrequest = slapos.recipe.libcloudrequest:Recipe', 'libcloudrequest = slapos.recipe.libcloudrequest:Recipe',
'logrotate = slapos.recipe.logrotate:Recipe', 'logrotate = slapos.recipe.logrotate:Recipe',
...@@ -136,7 +131,6 @@ setup(name=name, ...@@ -136,7 +131,6 @@ setup(name=name,
'mkdirectory = slapos.recipe.mkdirectory:Recipe', 'mkdirectory = slapos.recipe.mkdirectory:Recipe',
'mioga.instantiate = slapos.recipe.mioga.instantiate:Recipe', 'mioga.instantiate = slapos.recipe.mioga.instantiate:Recipe',
'mydumper = slapos.recipe.mydumper:Recipe', 'mydumper = slapos.recipe.mydumper:Recipe',
'mysql = slapos.recipe.mysql:Recipe',
'nbdserver = slapos.recipe.nbdserver:Recipe', 'nbdserver = slapos.recipe.nbdserver:Recipe',
'neoppod.cluster = slapos.recipe.neoppod:Cluster', 'neoppod.cluster = slapos.recipe.neoppod:Cluster',
'neoppod.admin = slapos.recipe.neoppod:Admin', 'neoppod.admin = slapos.recipe.neoppod:Admin',
...@@ -196,7 +190,6 @@ setup(name=name, ...@@ -196,7 +190,6 @@ setup(name=name,
'userinfo = slapos.recipe.userinfo:Recipe', 'userinfo = slapos.recipe.userinfo:Recipe',
'webchecker = slapos.recipe.web_checker:Recipe', 'webchecker = slapos.recipe.web_checker:Recipe',
'wrapper = slapos.recipe.wrapper:Recipe', 'wrapper = slapos.recipe.wrapper:Recipe',
'xwiki = slapos.recipe.xwiki:Recipe',
'zabbixagent = slapos.recipe.zabbixagent:Recipe', 'zabbixagent = slapos.recipe.zabbixagent:Recipe',
'zimbra.kvm = slapos.recipe.zimbra_kvm:Recipe', 'zimbra.kvm = slapos.recipe.zimbra_kvm:Recipe',
'zeo = slapos.recipe.zeo:Recipe', 'zeo = slapos.recipe.zeo:Recipe',
......
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import BaseSlapRecipe
import os
import shutil
import pkg_resources
import zc.buildout
import sys
import zc.recipe.egg
from six.moves.urllib.parse import urlparse
# Warning : this recipe is deprecated and has been replaced by apachephp.
class BaseRecipe(BaseSlapRecipe):
def getTemplateFilename(self, template_name):
return pkg_resources.resource_filename(__name__,
'template/%s' % template_name)
def installMysqlServer(self, ip=None, port=None):
if ip is None:
ip = self.getLocalIPv4Address()
if port is None:
port = '3306'
mysql_conf = dict(
ip=ip,
data_directory=os.path.join(self.data_root_directory,
'mysql'),
tcp_port=port,
pid_file=os.path.join(self.run_directory, 'mysqld.pid'),
socket=os.path.join(self.run_directory, 'mysqld.sock'),
error_log=os.path.join(self.log_directory, 'mysqld.log'),
slow_query_log=os.path.join(self.log_directory,
'mysql-slow.log'),
database='appdb',
user='appuser',
password=self.generatePassword(),
)
self._createDirectory(mysql_conf['data_directory'])
mysql_conf_path = self.createConfigurationFile("my.cnf",
self.substituteTemplate(pkg_resources.resource_filename(__name__,
'template/my.cnf.in'), mysql_conf))
mysql_script = pkg_resources.resource_string(__name__,
'template/mysqlinit.sql.in') % mysql_conf
self.path_list.extend(zc.buildout.easy_install.scripts([('mysql_update',
__name__ + '.mysql', 'updateMysql')], self.ws,
sys.executable, self.wrapper_directory, arguments=[dict(
mysql_script=mysql_script,
mysql_binary=self.options['mysql_binary'].strip(),
mysql_upgrade_binary=self.options['mysql_upgrade_binary'].strip(),
socket=mysql_conf['socket'],
)]))
self.path_list.extend(zc.buildout.easy_install.scripts([('mysqld',
__name__ + '.mysql', 'runMysql')], self.ws,
sys.executable, self.wrapper_directory, arguments=[dict(
mysql_install_binary=self.options['mysql_install_binary'].strip(),
mysqld_binary=self.options['mysqld_binary'].strip(),
data_directory=mysql_conf['data_directory'].strip(),
mysql_binary=self.options['mysql_binary'].strip(),
socket=mysql_conf['socket'].strip(),
configuration_file=mysql_conf_path,
)]))
self.path_list.extend([mysql_conf_path])
return dict(
mysql_host=mysql_conf['ip'],
mysql_port=mysql_conf['tcp_port'],
mysql_user=mysql_conf['user'],
mysql_password=mysql_conf['password'],
mysql_database=mysql_conf['database'],
)
def createHtdocs(self, source, document_root):
source = self.options['source'].strip()
document_root = self.createDataDirectory('htdocs')
for p in os.listdir(document_root):
path = os.path.join(document_root, p)
if os.path.isdir(path):
shutil.rmtree(path)
else:
os.unlink(path)
for p in os.listdir(source):
path = os.path.join(source, p)
if os.path.isdir(path):
shutil.copytree(path, os.path.join(document_root, p))
else:
shutil.copy2(path, os.path.join(document_root, p))
def installApache(self, document_root, ip=None, port=None):
if ip is None:
ip=self.getGlobalIPv6Address()
if port is None:
port = '9080'
apache_config = dict(
pid_file=os.path.join(self.run_directory, 'httpd.pid'),
lock_file=os.path.join(self.run_directory, 'httpd.lock'),
ip=ip,
port=port,
error_log=os.path.join(self.log_directory, 'httpd-error.log'),
access_log=os.path.join(self.log_directory, 'httpd-access.log'),
document_root=document_root,
php_ini_dir=self.etc_directory
)
config_file = self.createConfigurationFile('httpd.conf',
self.substituteTemplate(pkg_resources.resource_filename(__name__,
'template/apache.in'), apache_config))
self.path_list.append(config_file)
php_ini = pkg_resources.resource_filename(__name__, 'template/php.ini.in')
if self.options.has_key('php_ini'):
php_ini = os.path.join(self.options['php_ini'], 'php.ini.in')
self.path_list.append(self.createConfigurationFile('php.ini',
self.substituteTemplate(php_ini, dict(tmp_directory=self.tmp_directory))))
self.path_list.extend(zc.buildout.easy_install.scripts([(
'httpd',
__name__ + '.apache', 'runApache')], self.ws,
sys.executable, self.wrapper_directory, arguments=[
dict(
required_path_list=[],
binary=self.options['httpd_binary'],
config=config_file
)
]))
return 'http://[%s]:%s' % (ip, port)
def createConfiguration(self, template, document_root, destination, d):
directory = os.path.dirname(destination)
file = os.path.basename(destination)
path = document_root
if directory:
path = os.path.join(document_root, directory)
if not os.path.exists(path):
os.makedirs(path)
destination = os.path.join(path, file)
open(destination, 'w').write(open(template, 'r').read() % d)
def configureInstallation(self, document_root, url, mysql_conf):
"""Start process which can launch python scripts, move or remove files or
directories when installing software.
"""
if not self.options.has_key('delete') and not self.options.has_key('rename') and not\
self.options.has_key('chmod') and not self.options.has_key('script'):
return ""
delete = []
chmod = []
data = []
rename = []
rename_list = ""
argument = [self.options['lampconfigure_directory'].strip(),
"-H", mysql_conf['mysql_host'], "-P", mysql_conf['mysql_port'],
"-p", mysql_conf['mysql_password'], "-u", mysql_conf['mysql_user']]
if not self.options.has_key('file_token'):
argument = argument + ["-d", mysql_conf['mysql_database'],
"--table", self.options['table_name'].strip(), "--cond",
self.options['constraint'].strip()]
else:
argument = argument + ["-f", self.options['file_token'].strip()]
argument += ["-t", document_root]
if self.options.has_key('delete'):
delete = ["delete"]
for fname in self.options['delete'].split(','):
delete.append(fname.strip())
if self.options.has_key('rename'):
for fname in self.options['rename'].split(','):
if fname.find("=>") < 0:
old_name = fname
fname = []
fname.append(old_name)
fname.append(old_name + '-' + mysql_conf['mysql_user'])
else:
fname = fname.split("=>")
cmd = ["rename"]
if self.options.has_key('rename_chmod'):
cmd += ["--chmod", self.options['rename_chmod'].strip()]
rename.append(cmd + [fname[0].strip(), fname[1].strip()])
rename_list += fname[0] + " to " + fname[1] + " "
if self.options.has_key('chmod'):
chmod = ["chmod", self.options['mode'].strip()]
for fname in self.options['chmod'].split(','):
chmod.append(fname.strip())
if self.options.has_key('script') and \
self.options['script'].strip().endswith(".py"):
data = ["run", self.options['script'].strip(), "-v", mysql_conf['mysql_database'], url, document_root]
self.path_list.extend(zc.buildout.easy_install.scripts(
[('configureInstall', __name__ + '.runner', 'executeRunner')], self.ws,
sys.executable, self.wrapper_directory, arguments=[argument, delete, rename,
chmod, data]))
return rename_list
class Static(BaseRecipe):
def _install(self):
self.path_list = []
self.requirements, self.ws = self.egg.working_set()
document_root = self.createDataDirectory('htdocs')
self.createHtdocs(self.options['source'].strip(), document_root)
url = self.installApache(document_root)
self.setConnectionDict(dict(url = url))
return self.path_list
class Simple(BaseRecipe):
def _install(self):
self.path_list = []
self.requirements, self.ws = self.egg.working_set()
document_root = self.createDataDirectory('htdocs')
self.createHtdocs(self.options['source'].strip(), document_root)
mysql_conf = self.installMysqlServer()
url = self.installApache(document_root)
renamed = self.configureInstallation(document_root, url, mysql_conf)
connectionDict = dict(
url=url,
**mysql_conf
)
if not renamed == "":
connectionDict['rename'] = renamed
self.setConnectionDict(connectionDict)
if self.options.has_key('template') and self.options.has_key('configuration'):
self.createConfiguration(self.options['template'], document_root,
self.options['configuration'], mysql_conf)
return self.path_list
class Request(BaseRecipe):
def _install(self):
self.path_list = []
self.requirements, self.ws = self.egg.working_set()
software_type = self.parameter_dict['slap_software_type']
document_root = self.createDataDirectory('htdocs')
self.createHtdocs(self.options['source'].strip(), document_root)
if software_type == 'Backuped':
davstorage = self.request(self.options['davstorage-software-url'],
software_type, 'Backup Server').getConnectionParameter('url')
parameters = {'remote_backup': davstorage}
elif software_type == 'PersonnalBackup':
parameters = {'remote_backup': self.parameter_dict['remote_backup']}
else:
parameters = {}
mysql = self.request(self.options['mariadb-software-url'],
software_type, 'MariaDB Server', partition_parameter_kw=parameters
).getConnectionParameter('url')
mysql_parsed = urlparse(mysql)
mysql_host, mysql_port = mysql_parsed.hostname, mysql_parsed.port
if mysql_parsed.scheme == 'mysqls': # Listen over stunnel
mysql_host, mysql_port = self.installStunnelClient(mysql_host,
mysql_port)
mysql_conf = dict(mysql_database=mysql_parsed.path.strip('/'),
mysql_user=mysql_parsed.username,
mysql_password=mysql_parsed.password,
mysql_host='%s:%s' % (mysql_host,mysql_port))
url = self.installApache(document_root)
self.setConnectionDict(dict(
url=url,
))
self.createConfiguration(self.options['template'], document_root,
self.options['configuration'], mysql_conf)
return self.path_list
def installStunnelClient(self, remote_host, remote_port):
local_host = self.getLocalIPv4Address()
local_port = 8888
stunnel_conf_path = self.createConfigurationFile('stunnel.conf',
self.substituteTemplate(
self.getTemplateFilename('stunnel.conf.in'), {
'log': os.path.join(self.log_directory, 'stunnel.log'),
'pid_file': os.path.join(self.run_directory, 'stunnel.pid'),
'remote_host': remote_host, 'remote_port': remote_port,
'local_host': local_host, 'local_port': local_port,
}))
wrapper = zc.buildout.easy_install.scripts([('stunnel',
'slapos.recipe.librecipe.execute', 'generic_exec')], self.ws,
sys.executable, self.wrapper_directory, arguments='%r, %r'
% (self.options['stunnel_binary'].strip(), stunnel_conf_path)
)[0]
self.path_list.append(wrapper)
return (local_host, local_port,)
import os
import sys
import time
def runApache(args):
sleep = 60
conf = args[0]
while True:
ready = True
for f in conf.get('required_path_list', []):
if not os.path.exists(f):
print 'File %r does not exists, sleeping for %s' % (f, sleep)
ready = False
if ready:
break
time.sleep(sleep)
apache_wrapper_list = [conf['binary'], '-f', conf['config'], '-DFOREGROUND']
apache_wrapper_list.extend(sys.argv[1:])
sys.stdout.flush()
sys.stderr.flush()
os.execl(apache_wrapper_list[0], *apache_wrapper_list)
import os
import subprocess
import time
import sys
def runMysql(args):
sleep = 60
conf = args[0]
mysqld_wrapper_list = [conf['mysqld_binary'], '--defaults-file=%s' %
conf['configuration_file']]
# we trust mysql_install that if mysql directory is available mysql was
# correctly initalised
if not os.path.isdir(os.path.join(conf['data_directory'], 'mysql')):
while True:
# XXX: Protect with proper root password
popen = subprocess.Popen([conf['mysql_install_binary'],
'--skip-name-resolve', '--no-defaults', '--datadir=%s' %
conf['data_directory']],
stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
result = popen.communicate()[0]
if popen.returncode is None or popen.returncode != 0:
print "Failed to initialise server.\nThe error was: %s" % result
print "Waiting for %ss and retrying" % sleep
time.sleep(sleep)
else:
print "Mysql properly initialised"
break
else:
print "MySQL already initialised"
print "Starting %r" % mysqld_wrapper_list[0]
sys.stdout.flush()
sys.stderr.flush()
os.execl(mysqld_wrapper_list[0], *mysqld_wrapper_list)
def updateMysql(args):
conf = args[0]
sleep = 30
is_succeed = False
while True:
if not is_succeed:
mysql_upgrade_list = [conf['mysql_upgrade_binary'], '--no-defaults', '--user=root', '--socket=%s' % conf['socket']]
mysql_upgrade = subprocess.Popen(mysql_upgrade_list, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
result = mysql_upgrade.communicate()[0]
if mysql_upgrade.returncode is None:
mysql_upgrade.kill()
if mysql_upgrade.returncode != 0 and not 'is already upgraded' in result:
print "Command %r failed with result:\n%s" % (mysql_upgrade_list, result)
print 'Sleeping for %ss and retrying' % sleep
else:
if mysql_upgrade.returncode == 0:
print "MySQL database upgraded with result:\n%s" % result
else:
print "No need to upgrade MySQL database"
mysql_script = conf.get('mysql_script')
if mysql_script:
mysql_list = [conf['mysql_binary'].strip(), '--no-defaults', '-B', '--user=root', '--socket=%s' % conf['socket']]
mysql = subprocess.Popen(mysql_list, stdin=subprocess.PIPE,
stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
result = mysql.communicate(conf['mysql_script'])[0]
if mysql.returncode is None:
mysql.kill()
if mysql.returncode != 0:
print 'Command %r failed with:\n%s' % (mysql_list, result)
print 'Sleeping for %ss and retrying' % sleep
else:
is_succeed = True
print 'SlapOS initialisation script succesfully applied on database.'
sys.stdout.flush()
sys.stderr.flush()
time.sleep(sleep)
import sys
import subprocess
def executeRunner(args):
"""Start the instance configure. this may run a python script, move or/and rename
file or directory when dondition is filled. the condition may be when file exist or when an entry
exist into database.
"""
arguments, delete, rename, chmod, data = args
if delete != []:
print "Calling lampconfigure with 'delete' arguments"
result = subprocess.Popen(arguments + delete)
result.wait()
if rename != []:
for parameters in rename:
print "Calling lampconfigure with 'rename' arguments"
result = subprocess.Popen(arguments + parameters)
result.wait()
if chmod != []:
print "Calling lampconfigure with 'chmod' arguments"
result = subprocess.Popen(arguments + chmod)
result.wait()
if data != []:
print "Calling lampconfigure with 'run' arguments"
result = subprocess.Popen(arguments + data)
result.wait()
return
# Apache static configuration
# Automatically generated
# Basic server configuration
PidFile "%(pid_file)s"
Listen %(ip)s:%(port)s
PHPINIDir %(php_ini_dir)s
ServerAdmin someone@email
DefaultType text/plain
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/x-httpd-php .php .phtml .php5 .php4
AddType application/x-httpd-php-source .phps
# Log configuration
ErrorLog "%(error_log)s"
LogLevel warn
LogFormat "%%h %%{REMOTE_USER}i %%l %%u %%t \"%%r\" %%>s %%b \"%%{Referer}i\" \"%%{User-Agent}i\"" combined
LogFormat "%%h %%{REMOTE_USER}i %%l %%u %%t \"%%r\" %%>s %%b" common
CustomLog "%(access_log)s" common
# Directory protection
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory %(document_root)s>
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
DocumentRoot %(document_root)s
DirectoryIndex index.html index.php
# List of modules
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule headers_module modules/mod_headers.so
LoadModule dir_module modules/mod_dir.so
LoadModule php5_module modules/libphp5.so
LoadModule alias_module modules/mod_alias.so
LoadModule env_module modules/mod_env.so
LoadModule autoindex_module modules/mod_autoindex.so
# ERP5 buildout my.cnf template based on my-huge.cnf shipped with mysql
# The MySQL server
[mysqld]
# ERP5 by default requires InnoDB storage. MySQL by default fallbacks to using
# different engine, like MyISAM. Such behaviour generates problems only, when
# tables requested as InnoDB are silently created with MyISAM engine.
#
# Loud fail is really required in such case.
sql-mode="NO_ENGINE_SUBSTITUTION"
skip-show-database
port = %(tcp_port)s
bind-address = %(ip)s
socket = %(socket)s
datadir = %(data_directory)s
pid-file = %(pid_file)s
log-error = %(error_log)s
slow_query_log
slow_query_log_file = %(slow_query_log)s
long_query_time = 5
max_allowed_packet = 128M
query_cache_size = 32M
plugin-load = ha_mroonga.so
# The following are important to configure and depend a lot on to the size of
# your database and the available resources.
#innodb_buffer_pool_size = 4G
#innodb_log_file_size = 256M
#innodb_log_buffer_size = 8M
# Some dangerous settings you may want to uncomment if you only want
# performance or less disk access. Useful for unit tests.
#innodb_flush_log_at_trx_commit = 0
#innodb_flush_method = nosync
#innodb_doublewrite = 0
#sync_frm = 0
# Uncomment the following if you need binary logging, which is recommended
# on production instances (either for replication or incremental backups).
#log-bin=mysql-bin
# Force utf8 usage
collation_server = utf8_unicode_ci
character_set_server = utf8
skip-character-set-client-handshake
[mysql]
no-auto-rehash
socket = %(socket)s
[mysqlhotcopy]
interactive-timeout
CREATE DATABASE IF NOT EXISTS %(database)s;
GRANT ALL PRIVILEGES ON %(database)s.* TO %(user)s@localhost IDENTIFIED BY %(password)r;
GRANT ALL PRIVILEGES ON %(database)s.* TO %(user)s@'%%' IDENTIFIED BY %(password)r;
GRANT SHOW DATABASES ON *.* TO %(user)s@localhost IDENTIFIED BY %(password)r;
GRANT SHOW DATABASES ON *.* TO %(user)s@'%%' IDENTIFIED BY %(password)r;
FLUSH PRIVILEGES;
EXIT
[PHP]
engine = On
safe_mode = Off
expose_php = Off
error_reporting = E_ALL & ~(E_DEPRECATED|E_NOTICE|E_WARNING)
display_errors = On
display_startup_errors = Off
log_errors = On
log_errors_max_len = 1024
ignore_repeated_errors = Off
ignore_repeated_source = Off
session.save_path = "%(tmp_directory)s"
session.auto_start = 0
date.timezone = Europe/Paris
file_uploads = On
upload_max_filesize = 16M
post_max_size = 16M
magic_quotes_gpc=Off
foreground = yes
output = %(log)s
pid = %(pid_file)s
syslog = no
[service]
client = yes
accept = %(local_host)s:%(local_port)s
connect = %(remote_host)s:%(remote_port)s
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import os
import sys
import subprocess
from slapos.recipe.librecipe import GenericBaseRecipe
from slapos.recipe.librecipe import filehash
class Recipe(GenericBaseRecipe):
def install(self):
path_list = []
template_filename = self.getTemplateFilename('my.cnf.in')
mysql_conf = dict(
ip=self.options['ip'],
data_directory=self.options['data-directory'],
tcp_port=self.options['port'],
pid_file=self.options['pid-file'],
socket=self.options['socket'],
error_log=self.options['error-log'],
mysql_database=self.options['database'],
mysql_user=self.options['user'],
mysql_password=self.options['password'],
)
mysql_binary = self.options['mysql-binary']
socket = self.options['socket'],
post_rotate = self.createWrapper(
self.options['logrotate-post'],
(mysql_binary, '--no-defaults', '-B', '-u', 'root',
'--socket=%s' % socket, '-e', 'FLUSH LOGS'),
)
path_list.append(post_rotate)
mysql_conf_file = self.createFile(
self.options['conf-file'],
self.substituteTemplate(template_filename, mysql_conf)
)
path_list.append(mysql_conf_file)
mysql_script_list = []
init_script = self.substituteTemplate(
self.getTemplateFilename('initmysql.sql.in'),
{
'mysql_database': mysql_conf['mysql_database'],
'mysql_user': mysql_conf['mysql_user'],
'mysql_password': mysql_conf['mysql_password']
}
)
mysql_script_list.append(init_script)
mysql_script_list.append('EXIT')
mysql_script = '\n'.join(mysql_script_list)
mysql_upgrade_binary = self.options['mysql-upgrade-binary']
mysql_update = self.createPythonScript(
self.options['update-wrapper'],
'%s.mysql.updateMysql' % __name__,
(dict(
mysql_script=mysql_script,
mysql_binary=mysql_binary,
mysql_upgrade_binary=mysql_upgrade_binary,
socket=socket,
),)
)
path_list.append(mysql_update)
mysqld_binary = self.options['mysqld-binary']
mysqld = self.createPythonScript(
self.options['wrapper'],
'%s.mysql.runMysql' % __name__,
(dict(
mysql_install_binary=self.options['mysql-install-binary'],
mysqld_binary=mysqld_binary,
data_directory=mysql_conf['data_directory'],
mysql_binary=mysql_binary,
socket=socket,
configuration_file=mysql_conf_file,
cwd=self.options['mysql-base-directory'],
),)
)
path_list.append(mysqld)
# backup configuration
if self.optionIsTrue('backup', default=False):
backup_script = self.createPythonScript(
self.options['backup-script'],
'%s.do_backup' % __name__,
(dict(
mydumper_binary=self.options['mydumper-binary'],
database=mysql_conf['mysql_database'],
socket=mysql_conf['socket'],
backup_directory=self.options['backup-directory']
),)
)
path_list.append(backup_script)
# Recovering backup
if self.optionIsTrue('recovering', default=False):
recovering_script = self.createPythonScript(
self.options['recovering-wrapper'],
'%s.import_dump' % __name__,
({
'lock_file': os.path.join(self.work_directory,
'import_done'),
'database': mysql_conf['mysql_database'],
'mysql_binary': self.options['mysql-binary'],
'mysql_socket': mysql_conf['socket'],
'duplicity_binary': self.options['duplicity-binary'],
'remote_backup': self.parameter_dict['remote-backup'],
'local_directory': self.mysql_backup_directory,
'dump_name': dump_filename,
'zcat_binary': self.options['zcat-binary'],
},)
)
path_list.append(recovering_script)
return path_list
# Replace zcat dump.sql.gz | mysql
def import_dump(args):
# Get data from kwargs
cache_file = args['cache_file']
database = args['database']
mysql_binary = args['mysql_binary']
mysql_socket = args['mysql_socket']
dump_file = args['dump_file']
zcat_binary = args['zcat_binary']
sha512sum = filehash(dump_file)
with open(cache_file, 'r') as cache_fileobj:
last_sha512sum = cache_fileobj.read().strip()
if sha512sum != last_sha512sum:
zcat = subprocess.Popen([zcat_binary, dump_file], stdout=subprocess.PIPE)
mysql = subprocess.Popen([mysql_binary, '--socket=%s' % mysql_socket, '-D',
database, '-u', 'root'], stdin=zcat.stdout)
zcat.stdout.close()
returncode = mysql.wait()
if returncode == 0:
with open(cache_file, 'w') as cache_fileobj:
cache_fileobj.write(sha512sum)
sys.exit(returncode)
def promise(args):
# This is not a dependency of slapos.cookbook, because it shall be runned
# in a python environment having mysqlclient
import MySQLdb
user = args['user']
password = args['password']
db = args['db']
host = args['host']
port = args['port']
db = MySQLdb.connect(host=host, port=port, user=user, passwd=password,
db=db)
cursor = db.cursor()
cursor.close()
import subprocess
import os
import os
import subprocess
import time
import sys
def runMysql(conf):
sleep = 60
mysqld_wrapper_list = [conf['mysqld_binary'], '--defaults-file=%s' %
conf['configuration_file']]
# we trust mysql_install that if mysql directory is available mysql was
# correctly initalised
if not os.path.isdir(os.path.join(conf['data_directory'], 'mysql')):
while True:
# XXX: Protect with proper root password
# XXX: Follow http://dev.mysql.com/doc/refman/5.0/en/default-privileges.html
popen = subprocess.Popen([conf['mysql_install_binary'],
'--skip-name-resolve', '--skip-host-cache', '--no-defaults',
'--datadir=%s' % conf['data_directory']],
stdout=subprocess.PIPE, stderr=subprocess.STDOUT, cwd=conf['cwd'])
result = popen.communicate()[0]
if popen.returncode is None or popen.returncode != 0:
print "Failed to initialise server.\nThe error was: %s" % result
print "Waiting for %ss and retrying" % sleep
time.sleep(sleep)
else:
print "Mysql properly initialised"
break
else:
print "MySQL already initialised"
print "Starting %r" % mysqld_wrapper_list[0]
sys.stdout.flush()
sys.stderr.flush()
os.execl(mysqld_wrapper_list[0], *mysqld_wrapper_list)
def updateMysql(conf):
sleep = 30
is_succeed = False
while True:
if not is_succeed:
mysql_upgrade_list = [conf['mysql_upgrade_binary'], '--no-defaults', '--user=root', '--socket=%s' % conf['socket']]
mysql_upgrade = subprocess.Popen(mysql_upgrade_list, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
result = mysql_upgrade.communicate()[0]
if mysql_upgrade.returncode is None:
mysql_upgrade.kill()
if mysql_upgrade.returncode != 0 and not 'is already upgraded' in result:
print "Command %r failed with result:\n%s" % (mysql_upgrade_list, result)
print 'Sleeping for %ss and retrying' % sleep
else:
if mysql_upgrade.returncode == 0:
print "MySQL database upgraded with result:\n%s" % result
else:
print "No need to upgrade MySQL database"
mysql_list = [conf['mysql_binary'].strip(), '--no-defaults', '-B', '--user=root', '--socket=%s' % conf['socket']]
mysql = subprocess.Popen(mysql_list, stdin=subprocess.PIPE,
stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
result = mysql.communicate(conf['mysql_script'])[0]
if mysql.returncode is None:
mysql.kill()
if mysql.returncode != 0:
print 'Command %r failed with:\n%s' % (mysql_list, result)
print 'Sleeping for %ss and retrying' % sleep
else:
is_succeed = True
print 'SlapOS initialisation script succesfully applied on database.'
sys.stdout.flush()
sys.stderr.flush()
time.sleep(sleep)
CREATE DATABASE IF NOT EXISTS %(mysql_database)s;
GRANT ALL PRIVILEGES ON %(mysql_database)s.* TO %(mysql_user)s@'%%' IDENTIFIED BY '%(mysql_password)s';
#GRANT ALL PRIVILEGES ON %(mysql_database)s.* TO %(mysql_user)s@* IDENTIFIED BY '%(mysql_password)s';
# ERP5 buildout my.cnf template based on my-huge.cnf shipped with mysql
# The MySQL server
[mysqld]
# ERP5 by default requires InnoDB storage. MySQL by default fallbacks to using
# different engine, like MyISAM. Such behaviour generates problems only, when
# tables requested as InnoDB are silently created with MyISAM engine.
#
# Loud fail is really required in such case.
sql-mode="NO_ENGINE_SUBSTITUTION"
skip-show-database
port = %(tcp_port)s
bind-address = %(ip)s
socket = %(socket)s
datadir = %(data_directory)s
pid-file = %(pid_file)s
log-error = %(error_log)s
long_query_time = 5
max_allowed_packet = 128M
query_cache_size = 32M
plugin-load = ha_mroonga.so
# The following are important to configure and depend a lot on to the size of
# your database and the available resources.
#innodb_buffer_pool_size = 4G
#innodb_log_file_size = 256M
#innodb_log_buffer_size = 8M
# Some dangerous settings you may want to uncomment if you only want
# performance or less disk access. Useful for unit tests.
#innodb_flush_log_at_trx_commit = 0
#innodb_flush_method = nosync
#innodb_doublewrite = 0
#sync_frm = 0
# Uncomment the following if you need binary logging, which is recommended
# on production instances (either for replication or incremental backups).
#log-bin=mysql-bin
# Force utf8 usage
collation_server = utf8_unicode_ci
character_set_server = utf8
skip-character-set-client-handshake
[mysql]
no-auto-rehash
socket = %(socket)s
[mysqlhotcopy]
interactive-timeout
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import BaseSlapRecipe
import os
import shutil
import pkg_resources
import subprocess
import time
import zc.buildout
class Recipe(BaseSlapRecipe):
def _install(self):
self.requirements, self.ws = self.egg.working_set()
parameter_dict = self.computer_partition.getInstanceParameterDict()
ipv4 = self.getLocalIPv4Address()
ipv6 = self.getGlobalIPv6Address()
self.install_mysql_server_configuration(ipv4)
port = '8900'
tomcat_home = os.path.join(self.data_root_directory, 'tomcat')
tomcat_lib = os.path.join(tomcat_home, 'lib')
xwiki_home = os.path.join(tomcat_home, 'webapps', 'xwiki')
for src, dst in (
(self.options['tomcat_location'].strip(), tomcat_home),
(self.options['xwiki_location'].strip(), xwiki_home),
):
if not os.path.isdir(dst):
try:
shutil.copytree(src, dst)
except:
shtuil.rmtree(dst)
raise
shutil.copy(self.options['jdbc_location'].strip(), os.path.join(tomcat_lib,
'jdbc.jar'))
# headless mode
self._writeFile(os.path.join(tomcat_home, 'bin', 'setenv.sh'), '''#!/bin/sh
export JAVA_OPTS="${JAVA_OPTS} -Djava.awt.headless=true"
''')
# tomcat wrapper
catalina = os.path.join(tomcat_home, 'bin', 'catalina.sh')
# solve "The BASEDIR environment variable is not defined correctly"
bindir = os.path.join(tomcat_home, 'bin')
for f in os.listdir(bindir):
if f.endswith('.sh'):
os.chmod(os.path.join(bindir, f), 0o755)
tomcat_wrapper = self.createRunningWrapper('xwiki', """#!/bin/sh
export JRE_HOME=%(java_home)s
exec %(catalina)s run
""" % dict(java_home=self.options['java_home'].strip(),
catalina = catalina))
tomcat_dict = dict(
http_address=ipv6,
http_port=port,
ajp_address=ipv4,
ajp_port="8009",
)
server_xml = os.path.join(tomcat_home, 'conf', 'server.xml')
self._writeFile(server_xml, pkg_resources.resource_string(__name__,
'template/tomcat-server.xml.in') % tomcat_dict)
hibernate_xml = os.path.join(tomcat_home, 'webapps', 'xwiki', 'WEB-INF', 'hibernate.cfg.xml')
self._writeFile(hibernate_xml, pkg_resources.resource_string(__name__,
'template/hibernate.cfg.xml.in') % dict(mysql_port='45678', mysql_ip = ipv4))
self.computer_partition.setConnectionDict(dict(
http_connection="http://[%s]:%s/xwiki/" % (ipv6, port),
))
return [server_xml, tomcat_wrapper]
def _initializeMysqlServer(self):
# XXX: Protect with proper root password
popen = subprocess.Popen([self.options['mysql_install_binary'],
'--skip-name-resolve', '--no-defaults',
'--datadir=%s' % self.data_directory],
stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
result = popen.communicate()[0]
if popen.returncode is None or popen.returncode != 0:
message = """Failed to initialise server in %(data_directory)r.
The error was: %(result)s""" % dict(data_directory=self.data_directory,
result=result)
raise zc.buildout.UserError(message)
def install_mysql_server_configuration(self, ip):
self.data_directory = os.path.join(self.data_root_directory,
'mysql_server')
self.configuration_file = os.path.join(self.etc_directory, 'my.cnf')
self._createDirectory(self.data_directory)
self.options['ip'] = ip
port = '45678'
self.options['tcp_port'] = port
self.options['data_directory'] = self.data_directory
self.options['pid_file'] = os.path.join(self.run_directory, 'mysqld.pid')
self.options['socket'] = os.path.join(self.run_directory, 'mysqld.sock')
self.options['error_log'] = os.path.join(self.log_directory, 'mysqld.log')
self.options['slow_query_log'] = os.path.join(self.log_directory,
'mysql-slow.log')
self._initializeMysqlServer()
mysql_conf_path = self.createConfigurationFile("my.cnf",
self.substituteTemplate(pkg_resources.resource_filename(__name__,
os.path.join('template', 'my.cnf.in')), self.options))
mysql_wrapper_path = self.createRunningWrapper('mysqld',
pkg_resources.resource_string(__name__, os.path.join('template',
'mysqld.bin')) % {'configuration_file': self.configuration_file,
'real_binary': self.options['mysqld_binary']})
mysql_connection_dict = dict(
ip=ip,
port=port,
user='xwiki',
password='xwiki',
database='xwiki',
)
# XXX: Bad thing -- it is required to fill mysql with some data, but there
# is no known any way to do it w/o running mysql (except rewriting
# mysql_install_db)
mysqld = subprocess.Popen([mysql_wrapper_path],
stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
try:
# XXX: Simplification of bad idea -- wait some time before connecting to
# mysql
time.sleep(2)
mysql = subprocess.Popen([self.options['mysql_binary'].strip(),
'--no-defaults', '-B', '--user=root',
'--socket=%s' % self.options['socket'],
], stdin=subprocess.PIPE, stdout=subprocess.PIPE,
stderr=subprocess.STDOUT)
result = mysql.communicate(pkg_resources.resource_string(__name__,
'template/initmysql.sql.in') % mysql_connection_dict)[0]
if mysql.returncode is None:
mysql.kill()
if mysql.returncode != 0:
raise zc.buildout.UserError('Issue during filling database, mysql '
'command result was: %s' % result)
finally:
mysqld.kill()
self.computer_partition.setConnectionDict(mysql_connection_dict)
return [mysql_conf_path, mysql_wrapper_path]
<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE hibernate-configuration PUBLIC "-//Hibernate/Hibernate Configuration DTD//EN"
"http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd">
<hibernate-configuration>
<session-factory>
<!-- Please refer to the installation guide on
http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Installation for configuring your
database. You'll need to do 2 things:
1) Copy your database driver JAR in WEB-INF/lib or in some shared lib directory
2) Uncomment the properties below for your specific DB (and comment the default
database configuration if it doesn't match your DB)
-->
<!-- Generic parameters common to all Databases -->
<property name="show_sql">false</property>
<property name="use_outer_join">true</property>
<property name="dbcp.defaultAutoCommit">false</property>
<property name="dbcp.maxActive">50</property>
<property name="dbcp.maxIdle">5</property>
<property name="dbcp.maxWait">30000</property>
<property name="dbcp.whenExhaustedAction">1</property>
<property name="dbcp.ps.whenExhaustedAction">1</property>
<property name="dbcp.ps.maxActive">20</property>
<property name="dbcp.ps.maxWait">120000</property>
<property name="dbcp.ps.maxIdle">20</property>
<!-- Without it, some queries fail in MS SQL. XWiki doesn't need scrollable result sets, anyway. -->
<property name="jdbc.use_scrollable_resultset">false</property>
<!-- Configuration for the default database.
Comment out this section and uncomment other sections below if you want to use another database.
Note that the database tables will be created automatically if they don't already exist.
<property name="connection.url">jdbc:hsqldb:file:database/xwiki_db;shutdown=true</property>
<property name="connection.username">sa</property>
<property name="connection.password"></property>
<property name="connection.driver_class">org.hsqldb.jdbcDriver</property>
<property name="dialect">org.hibernate.dialect.HSQLDialect</property>
<property name="connection.provider_class">com.xpn.xwiki.store.DBCPConnectionProvider</property>
<property name="connection.pool_size">2</property>
<property name="statement_cache.size">2</property>
<mapping resource="xwiki.hbm.xml"/>
<mapping resource="feeds.hbm.xml"/>
<mapping resource="activitystream.hbm.xml"/>
-->
<!-- MySQL configuration.
Uncomment if you want to use MySQL and comment out other database configurations.
We need to set the sql_mode to a less strict value, see XWIKI-1945
-->
<property name="connection.url">jdbc:mysql://%(mysql_ip)s:%(mysql_port)s/xwiki?useServerPrepStmts=false&amp;useUnicode=true&amp;characterEncoding=UTF-8&amp;sessionVariables=&amp;sql_mode=''</property>
<property name="connection.username">xwiki</property>
<property name="connection.password">xwiki</property>
<property name="connection.driver_class">com.mysql.jdbc.Driver</property>
<property name="dialect">org.hibernate.dialect.MySQLDialect</property>
<property name="connection.provider_class">com.xpn.xwiki.store.DBCPConnectionProvider</property>
<property name="connection.pool_size">2</property>
<property name="statement_cache.size">2</property>
<mapping resource="xwiki.hbm.xml"/>
<mapping resource="feeds.hbm.xml"/>
<mapping resource="activitystream.hbm.xml"/>
<!-- HSQLDB configuration.
Uncomment if you want to use HSQLDB and comment out other database configurations.
<property name="connection.url">jdbc:hsqldb:file:/some/path/xwikidb;shutdown=true</property>
<property name="connection.username">sa</property>
<property name="connection.password"></property>
<property name="connection.driver_class">org.hsqldb.jdbcDriver</property>
<property name="dialect">org.hibernate.dialect.HSQLDialect</property>
<property name="connection.provider_class">com.xpn.xwiki.store.DBCPConnectionProvider</property>
<property name="connection.pool_size">2</property>
<property name="statement_cache.size">2</property>
<mapping resource="xwiki.hbm.xml"/>
<mapping resource="feeds.hbm.xml"/>
<mapping resource="activitystream.hbm.xml"/>
-->
<!-- PostgreSQL configuration.
Uncomment if you want to use PostgreSQL and comment out other database configurations.
<property name="connection.url">jdbc:postgresql:xwiki</property>
<property name="connection.username">xwiki</property>
<property name="connection.password">xwiki</property>
<property name="connection.driver_class">org.postgresql.Driver</property>
<property name="dialect">org.hibernate.dialect.PostgreSQLDialect</property>
<property name="connection.provider_class">com.xpn.xwiki.store.DBCPConnectionProvider</property>
<property name="connection.pool_size">2</property>
<property name="statement_cache.size">2</property>
<mapping resource="xwiki.hbm.xml"/>
<mapping resource="feeds.hbm.xml"/>
<mapping resource="activitystream.hbm.xml"/>
-->
<!-- Oracle configuration.
Uncomment if you want to use Oracle and comment out other database configurations.
Note: the 2 properties named "hibernate.connection.SetBigStringTryClob" and
"hibernate.jdbc.batch_size". They are required to tell Oracle to allow CLOBs larger than
32K.
<property name="connection.url">jdbc:oracle:thin:@localhost:1521:XE</property>
<property name="connection.username">xwiki</property>
<property name="connection.password">xwiki</property>
<property name="connection.driver_class">oracle.jdbc.driver.OracleDriver</property>
<property name="dialect">org.hibernate.dialect.Oracle10gDialect</property>
<property name="connection.provider_class">com.xpn.xwiki.store.DBCPConnectionProvider</property>
<property name="connection.pool_size">2</property>
<property name="statement_cache.size">2</property>
<property name="hibernate.connection.SetBigStringTryClob">true</property>
<property name="hibernate.jdbc.batch_size">0</property>
<mapping resource="xwiki.oracle.hbm.xml"/>
<mapping resource="feeds.oracle.hbm.xml"/>
<mapping resource="activitystream.hbm.xml"/>
-->
<!-- Derby configuration.
Uncomment if you want to use Derby and comment out other database configurations.
<property name="connection.url">jdbc:derby:/some/path/xwikidb;create=true</property>
<property name="connection.driver_class">org.apache.derby.jdbc.EmbeddedDriver</property>
<property name="dialect">org.hibernate.dialect.DerbyDialect</property>
<property name="connection.provider_class">com.xpn.xwiki.store.DBCPConnectionProvider</property>
<property name="connection.pool_size">2</property>
<property name="statement_cache.size">2</property>
<mapping resource="xwiki.derby.hbm.xml"/>
<mapping resource="feeds.hbm.xml"/>
<mapping resource="activitystream.hbm.xml"/>
-->
</session-factory>
</hibernate-configuration>
CREATE DATABASE IF NOT EXISTS xwiki;
GRANT ALL PRIVILEGES ON %(database)s.* TO %(user)s@'%%' IDENTIFIED BY '%(password)s';
EXIT
# ERP5 buildout my.cnf template based on my-huge.cnf shipped with mysql
# The MySQL server
[mysqld]
# ERP5 by default requires InnoDB storage. MySQL by default fallbacks to using
# different engine, like MyISAM. Such behaviour generates problems only, when
# tables requested as InnoDB are silently created with MyISAM engine.
#
# Loud fail is really required in such case.
sql-mode="NO_ENGINE_SUBSTITUTION"
skip-show-database
port = %(tcp_port)s
bind-address = %(ip)s
socket = %(socket)s
datadir = %(data_directory)s
pid-file = %(pid_file)s
log-error = %(error_log)s
slow_query_log
slow_query_log_file = %(slow_query_log)s
long_query_time = 5
max_allowed_packet = 128M
query_cache_size = 32M
plugin-load = ha_mroonga.so
# The following are important to configure and depend a lot on to the size of
# your database and the available resources.
#innodb_buffer_pool_size = 4G
#innodb_log_file_size = 256M
#innodb_log_buffer_size = 8M
# Some dangerous settings you may want to uncomment if you only want
# performance or less disk access. Useful for unit tests.
#innodb_flush_log_at_trx_commit = 0
#innodb_flush_method = nosync
#innodb_doublewrite = 0
#sync_frm = 0
# Uncomment the following if you need binary logging, which is recommended
# on production instances (either for replication or incremental backups).
#log-bin=mysql-bin
# Force utf8 usage
collation_server = utf8_unicode_ci
character_set_server = utf8
skip-character-set-client-handshake
[mysql]
no-auto-rehash
socket = %(socket)s
[mysqlhotcopy]
interactive-timeout
#!/bin/sh
exec %(real_binary)s --defaults-file=%(configuration_file)s
<?xml version='1.0' encoding='utf-8'?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!-- Note: A "Server" is not itself a "Container", so you may not
define subcomponents such as "Valves" at this level.
Documentation at /docs/config/server.html
-->
<Server port="-1" shutdown="SHUTDOWN">
<!--APR library loader. Documentation at /docs/apr.html -->
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
<Listener className="org.apache.catalina.core.JasperListener" />
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<!-- JMX Support for the Tomcat server. Documentation at /docs/non-existent.html -->
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<!-- Global JNDI resources
Documentation at /docs/jndi-resources-howto.html
-->
<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<!-- A "Service" is a collection of one or more "Connectors" that share
a single "Container" Note: A "Service" is not itself a "Container",
so you may not define subcomponents such as "Valves" at this level.
Documentation at /docs/config/service.html
-->
<Service name="Catalina">
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
<!--
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="150" minSpareThreads="4"/>
-->
<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at :
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
Java AJP Connector: /docs/config/ajp.html
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL HTTP/1.1 Connector on port 8080
-->
<Connector address="%(http_address)s" port="%(http_port)s" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<!-- A "Connector" using the shared thread pool-->
<!--
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
-->
<!-- Define a SSL HTTP/1.1 Connector on port 8443
This connector uses the JSSE configuration, when using APR, the
connector should be using the OpenSSL style configuration
described in the APR documentation -->
<!--
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector address="%(ajp_address)s" port="%(ajp_port)s" protocol="AJP/1.3" redirectPort="8443" />
<!-- An Engine represents the entry point (within Catalina) that processes
every request. The Engine implementation for Tomcat stand alone
analyzes the HTTP headers included with the request, and passes them
on to the appropriate Host (virtual host).
Documentation at /docs/config/engine.html -->
<!-- You should set jvmRoute to support load-balancing via AJP ie :
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
-->
<Engine name="Catalina" defaultHost="localhost">
<!--For clustering, please take a look at documentation at:
/docs/cluster-howto.html (simple how to)
/docs/config/cluster.html (reference documentation) -->
<!--
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
-->
<!-- The request dumper valve dumps useful debugging information about
the request and response data received and sent by Tomcat.
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.valves.RequestDumperValve"/>
-->
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
<!-- Define the default virtual host
Note: XML Schema validation will not work with Xerces 2.2.
-->
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt" pattern="common" resolveHosts="false"/>
-->
</Host>
</Engine>
</Service>
</Server>
...@@ -137,6 +137,7 @@ template = ...@@ -137,6 +137,7 @@ template =
'${mariadb:location}/scripts/mysql_install_db' \ '${mariadb:location}/scripts/mysql_install_db' \
--defaults-file='{{defaults_file}}' \ --defaults-file='{{defaults_file}}' \
--skip-name-resolve \ --skip-name-resolve \
--auth-root-authentication-method=normal \
--basedir='${mariadb:location}' \ --basedir='${mariadb:location}' \
--datadir="$datadir.new" --datadir="$datadir.new"
mv -v "$datadir.new" "$datadir" mv -v "$datadir.new" "$datadir"
......
...@@ -14,7 +14,7 @@ ...@@ -14,7 +14,7 @@
# not need these here). # not need these here).
[mariadb-resiliency-after-import-script] [mariadb-resiliency-after-import-script]
filename = instance-mariadb-resiliency-after-import-script.sh.in filename = instance-mariadb-resiliency-after-import-script.sh.in
md5sum = aff3bb574c8f0a2db9911fee30540e12 md5sum = 85ce1e2f3d251aa435fef8118dca8a63
[mariadb-slow-query-report-script] [mariadb-slow-query-report-script]
filename = mysql-querydigest.sh.in filename = mysql-querydigest.sh.in
...@@ -22,11 +22,11 @@ md5sum = 0c0d98a68230cd0ad36046bb25b35f4a ...@@ -22,11 +22,11 @@ md5sum = 0c0d98a68230cd0ad36046bb25b35f4a
[mariadb-start-clone-from-backup] [mariadb-start-clone-from-backup]
filename = instance-mariadb-start-clone-from-backup.sh.in filename = instance-mariadb-start-clone-from-backup.sh.in
md5sum = d95e8500bdc72d1f40b97cc414656e7e md5sum = d10b8e35b02b5391cf46bf0c7dbb1196
[template-mariadb] [template-mariadb]
filename = instance-mariadb.cfg.in filename = instance-mariadb.cfg.in
md5sum = b29449652ef996c267518e4dcfd8e9e1 md5sum = 0eb2f45a145dde0c59d3488bfdbe66ff
[template-kumofs] [template-kumofs]
filename = instance-kumofs.cfg.in filename = instance-kumofs.cfg.in
......
...@@ -59,7 +59,7 @@ fi ...@@ -59,7 +59,7 @@ fi
echo "Importing data..." echo "Importing data..."
# Use latest dump XXX can contain funny characters # Use latest dump XXX can contain funny characters
dump=$(ls -r "$mariadb_backup_directory" | head -1) dump=$(ls -r "$mariadb_backup_directory" | head -1)
zcat "$mariadb_backup_directory/$dump" | $mysql_executable -u root || { zcat "$mariadb_backup_directory/$dump" | $mysql_executable || {
RESTORE_EXIT_CODE=$? RESTORE_EXIT_CODE=$?
echo 'Backup restoration failed.' echo 'Backup restoration failed.'
exit $RESTORE_EXIT_CODE exit $RESTORE_EXIT_CODE
......
...@@ -84,16 +84,16 @@ done ...@@ -84,16 +84,16 @@ done
"$UPDATE" "$UPDATE"
echo "Importing $BACKUP ..." echo "Importing $BACKUP ..."
zcat "$BACKUP" | "$CLIENT" -u root zcat "$BACKUP" | "$CLIENT"
echo "Configuring server as slave..." echo "Configuring server as slave..."
if [ "$MASTER_USE_GTID" -eq 1 ]; then if [ "$MASTER_USE_GTID" -eq 1 ]; then
"$CLIENT" -u root -e "$SQL_SET_GTID" "$CLIENT" -e "$SQL_SET_GTID"
MASTER_USE_GTID_SQL="slave_pos" MASTER_USE_GTID_SQL="slave_pos"
else else
MASTER_USE_GTID_SQL="NO" MASTER_USE_GTID_SQL="NO"
fi fi
"$CLIENT" -u root -e " "$CLIENT" -e "
CHANGE MASTER TO CHANGE MASTER TO
MASTER_HOST='$MASTER_HOST', MASTER_HOST='$MASTER_HOST',
MASTER_USER='$MASTER_USER', MASTER_USER='$MASTER_USER',
...@@ -111,9 +111,9 @@ if [ "$MASTER_USE_GTID" -eq 0 ]; then ...@@ -111,9 +111,9 @@ if [ "$MASTER_USE_GTID" -eq 0 ]; then
# Notes: # Notes:
# - Must happen after setting MASTER_HOST & MASTER_PORT. # - Must happen after setting MASTER_HOST & MASTER_PORT.
# - Implicitly sets MASTER_USE_GTID=NO if it was set before. # - Implicitly sets MASTER_USE_GTID=NO if it was set before.
"$CLIENT" -u root -e "$SQL_CHANGE_MASTER" "$CLIENT" -e "$SQL_CHANGE_MASTER"
fi fi
"$CLIENT" -u root -e "START SLAVE;" "$CLIENT" -e "START SLAVE;"
echo "Stopping mariadb..." echo "Stopping mariadb..."
trap EXIT trap EXIT
......
...@@ -107,7 +107,7 @@ time = {{ dumps(backup_periodicity) }} ...@@ -107,7 +107,7 @@ time = {{ dumps(backup_periodicity) }}
# can be fully restored. # can be fully restored.
# master-data: use value "2" as we are not in a replication case # master-data: use value "2" as we are not in a replication case
#} #}
command = "${binary-wrap-mysqldump:wrapper-path}" -u root --all-databases --flush-privileges --single-transaction --max-allowed-packet=128M {% if incremental_backup_retention_days > -1 %}--flush-logs --master-data=2 {% endif %}| {{ parameter_dict['gzip-location'] }}/bin/gzip > "${directory:mariadb-backup-full}/$({{ parameter_dict['coreutils-location'] }}/bin/date "+%Y%m%d%H%M%S").sql.gz" command = "${binary-wrap-mysqldump:wrapper-path}" --all-databases --flush-privileges --single-transaction --max-allowed-packet=128M {% if incremental_backup_retention_days > -1 %}--flush-logs --master-data=2 {% endif %}| {{ parameter_dict['gzip-location'] }}/bin/gzip > "${directory:mariadb-backup-full}/$({{ parameter_dict['coreutils-location'] }}/bin/date "+%Y%m%d%H%M%S").sql.gz"
{# KEEP GLOB PATTERN IN SYNC with generated filenames above {# KEEP GLOB PATTERN IN SYNC with generated filenames above
# YYYYmmddHHMMSS -#} # YYYYmmddHHMMSS -#}
file-glob = ??????????????.sql.gz file-glob = ??????????????.sql.gz
...@@ -206,7 +206,7 @@ context = section parameter_dict odbc-ini-text ...@@ -206,7 +206,7 @@ context = section parameter_dict odbc-ini-text
< = logrotate-entry-base < = logrotate-entry-base
name = mariadb name = mariadb
log = ${my-cnf-parameters:error-log} ${my-cnf-parameters:slow-query-log} log = ${my-cnf-parameters:error-log} ${my-cnf-parameters:slow-query-log}
post = "${binary-wrap-mysql:wrapper-path}" -B -u root -e "FLUSH LOGS" post = "${binary-wrap-mysql:wrapper-path}" -B -e "FLUSH LOGS"
[{{ section('binary-link') }}] [{{ section('binary-link') }}]
recipe = slapos.cookbook:symbolic.link recipe = slapos.cookbook:symbolic.link
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment