Commit 98a5fab8 authored by Thomas Gambier's avatar Thomas Gambier 🚴🏼

Update release candidate

parents 0bbef436 7f0f8925
[buildout]
parts = babeld
[babeld-repository]
recipe = slapos.recipe.build:gitclone
repository = https://lab.nexedi.com/nexedi/babeld.git
branch = master
git-executable = ${git:location}/bin/git
revision = hmac-nxd1
[babeld]
recipe = slapos.recipe.cmmi
url = https://lab.nexedi.com/nexedi/babeld/repository/archive.tar.gz?ref=v1.8.4-nxd1
md5sum = 536cca6abe34eb9faeda8682b80ee7bc
path = ${babeld-repository:location}
make-options = CC='gcc -std=gnu99'
configure-command =
echo "No configure.."
......
[buildout]
extends =
../../component/golang/buildout.cfg
gowork.cfg
parts =
gowork
caddy
[gowork]
# Caddy 1.x+ uses go modules, for which gowork does not work yet
golang = ${golang1.12:location}
install =
github.com/mholt/caddy
[gowork.goinstall]
command = :
depends =
${caddy:recipe}
[caddy]
recipe = slapos.recipe.cmmi
path = ${go_github.com_mholt_caddy:location}
go = ${gowork:golang}/bin/go
configure-command = :
make-targets =
make-binary = cd ${:path}/caddy && ${:go} install -v
environment =
PATH=${pkgconfig:location}/bin:${gowork:golang}/bin:${buildout:bin-directory}:%(PATH)s
GOPATH=${gowork:directory}
# revision and repository can be used to control which caddy version is used
revision = v1.0.0
repository = github.com/mholt/caddy/caddy
recipe = plone.recipe.command
update-command = ${:command}
stop-on-error = True
# GO111MODULE=on enables go modules support
# the chmod is needed as modules are fetched with u-w
command =
. ${gowork:env.sh} &&
cd ${gowork:directory} &&
export GO111MODULE=on &&
go get ${:repository}@${:revision} &&
chmod -R u+w .
output = ${gowork:bin}/caddy
location = ${:output}
# Code generated by gowork-snapshot; DO NOT EDIT.
# list of go git repositories to fetch
[gowork.goinstall]
depends_gitfetch =
${go_github.com_mholt_caddy:recipe}
[go_github.com_mholt_caddy]
<= go-git-package
go.importpath = github.com/mholt/caddy
repository = https://lab.nexedi.com/nexedi/caddy.git
revision = nxd-v0.11.5-4-g9d3151db
......@@ -17,5 +17,5 @@ rpath = ${:library-dirs}
[geolite2-country]
recipe = slapos.recipe.build:download-unpacked
url = http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz#${:md5sum}
md5sum = 579c2286209e9f9f6c8eb0035fa55974
md5sum = ff7bcb609291b9f5ab14397ccc506254
strip-top-level-dir = true
......@@ -64,8 +64,8 @@ environment-extra =
[golang1.12]
<= golang-common
url = https://dl.google.com/go/go1.12.4.src.tar.gz
md5sum = edb6bac6dc1ce0afc931d9e41ef3d2ef
url = https://dl.google.com/go/go1.12.6.src.tar.gz
md5sum = 48a4141fc718dd742d106431294f08bf
# go1.11 needs go1.4 to bootstrap
environment-extra =
......
......@@ -102,7 +102,7 @@ md5sum = 89839a3f4ab71cab459afd1c27d00326
[template-configuration-state-script]
filename = templates/configuration-state-script.sh.in
md5sum = 00dfdc488548d1b14e89ba5f2f08fcb8
md5sum = 8d55aea0a4ebc262d2f7c2f96dd5428c
[template-rotate-script]
filename = templates/rotate-script.sh.in
......
......@@ -8,9 +8,11 @@ touch $SIGNATURE_FILE
{{ sha256sum }} {{ path_list }} 2> /dev/null | sort -k 66 > $NSIGNATURE_FILE
if diff "$SIGNATURE_FILE" "$NSIGNATURE_FILE" > /dev/null ; then
# No changes since last run just propagate information
rm -f ${NSIGNATURE_FILE}
exit 1
exit 0
else
# Changes since last run, so store new value and propagate information
mv "$NSIGNATURE_FILE" "$SIGNATURE_FILE"
exit 0
exit 1
fi
......@@ -4782,12 +4782,29 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
@classmethod
def setUpSlaves(cls):
_, cls.slave_key_pem, _, cls.slave_certificate_pem = \
_, cls.ssl_from_slave_key_pem, _, cls.ssl_from_slave_certificate_pem = \
createSelfSignedCertificate(
[
'*.customdomain.example.com',
'*.example.com',
'sslfromslave.example.com',
])
_, cls.ssl_from_slave_kedifa_overrides_key_pem, _, \
cls.ssl_from_slave_kedifa_overrides_certificate_pem = \
createSelfSignedCertificate(
[
'sslfromslavekedifaoverrides.example.com',
])
_, cls.type_notebook_ssl_from_slave_key_pem, _, \
cls.type_notebook_ssl_from_slave_certificate_pem = \
createSelfSignedCertificate(
[
'typenotebooksslfromslave.example.com',
])
_, cls.type_notebook_ssl_from_slave_kedifa_overrides_key_pem, _, \
cls.type_notebook_ssl_from_slave_kedifa_overrides_certificate_pem = \
createSelfSignedCertificate(
[
'typenotebooksslfromslavekedifaoverrides.example.com',
])
cls.ca = CertificateAuthority(
'TestSlaveSlapOSMasterCertificateCompatibility')
......@@ -4836,13 +4853,13 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
},
'ssl_from_slave': {
'url': cls.backend_url,
'ssl_crt': cls.slave_certificate_pem,
'ssl_key': cls.slave_key_pem,
'ssl_crt': cls.ssl_from_slave_certificate_pem,
'ssl_key': cls.ssl_from_slave_key_pem,
},
'ssl_from_slave_kedifa_overrides': {
'url': cls.backend_url,
'ssl_crt': cls.slave_certificate_pem,
'ssl_key': cls.slave_key_pem,
'ssl_crt': cls.ssl_from_slave_kedifa_overrides_certificate_pem,
'ssl_key': cls.ssl_from_slave_kedifa_overrides_key_pem,
},
'custom_domain_ssl_crt_ssl_key': {
'url': cls.backend_url,
......@@ -4883,8 +4900,8 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
},
'type-notebook-ssl_from_slave': {
'url': cls.backend_url,
'ssl_crt': cls.slave_certificate_pem,
'ssl_key': cls.slave_key_pem,
'ssl_crt': cls.type_notebook_ssl_from_slave_certificate_pem,
'ssl_key': cls.type_notebook_ssl_from_slave_key_pem,
'type': 'notebook',
},
'type-notebook-ssl_from_master_kedifa_overrides': {
......@@ -4893,8 +4910,10 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
},
'type-notebook-ssl_from_slave_kedifa_overrides': {
'url': cls.backend_url,
'ssl_crt': cls.slave_certificate_pem,
'ssl_key': cls.slave_key_pem,
'ssl_crt':
cls.type_notebook_ssl_from_slave_kedifa_overrides_certificate_pem,
'ssl_key':
cls.type_notebook_ssl_from_slave_kedifa_overrides_key_pem,
'type': 'notebook',
}
}
......@@ -5079,7 +5098,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual(
self.slave_certificate_pem,
self.ssl_from_slave_certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path')
......@@ -5111,7 +5130,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual(
self.slave_certificate_pem,
self.ssl_from_slave_kedifa_overrides_certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path')
......@@ -5256,7 +5275,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
HTTPS_PORT)
self.assertEqual(
self.slave_certificate_pem,
self.type_notebook_ssl_from_slave_certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path')
......@@ -5288,7 +5307,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
HTTPS_PORT)
self.assertEqual(
self.slave_certificate_pem,
self.type_notebook_ssl_from_slave_kedifa_overrides_certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path')
......
......@@ -15,7 +15,7 @@
# not need these here).
[instance-caucased]
filename = instance-caucased.cfg.jinja2
md5sum = 31dc85cce6e419235a92c3c7682a89d1
md5sum = 442e17a66b6f8d39f87903e147e3edaf
[instance]
filename = instance.cfg.jinja2
......
......@@ -11,10 +11,7 @@
"default": 8009
},
"external-url": {
"title": "External URL of base port",
"description": "When provided, this URL will be added to issued certificate as the CRL distribution point.",
"type": "string",
"format": "uri"
"$comment": "(deprecated)"
},
"service-auto-approve-amount": {
"title": "Number of service certificate requests to automatically approve",
......
{% import "caucase" as caucase with context %}
{% set ipv6 = (ipv6_set | list)[0] -%}
{% set netloc = '[' ~ ipv6 ~ ']:' ~ slapparameter_dict.get('base-port', 8009) -%}
{% set netloc = '[' ~ (ipv6_set | list)[0] ~ ']:' ~ slapparameter_dict.get('base-port', 8009) -%}
[directory]
recipe = slapos.cookbook:mkdirectory
......
......@@ -111,6 +111,11 @@
},
"type": "object"
},
"wsgi": {
"description": "If set to true, Zope is run as a WSGI application, instead of using the Medusa HTTP server.",
"type": "boolean",
"default": false
},
"zope-partition-dict": {
"description": "Zope layout definition",
"default": {
......
......@@ -68,16 +68,6 @@ mod-ssl = ${:cache}/httpd_mod_ssl
system-log = ${:private}/system-log
consumption = ${:log}/consumption
[monitor-httpd-configuration-file]
context =
import json_module json
section directory monitor-directory
section monitor_parameters monitor-parameters
section httpd_configuration monitor-httpd-configuration
section monitor_rewrite_rule monitor-rewrite-rule
section slave_information slap-configuration
key monitor_private_hash slap-configuration:private-hash
[python-symlink]
recipe = plone.recipe.command
command = ln -sf {{ buildout_bin }}/pythonwitheggs ${monitor-directory:bin}/python
......
......@@ -28,7 +28,7 @@ mode = 0644
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-monitor.cfg.jinja2
destination = ${buildout:directory}/template-base-monitor.cfg
md5sum = 2d9436dd6b116ee2e7cc7b30a6305475
md5sum = dffe797be3a66d6838ffc70ee8f5f3ff
mode = 0644
[template-monitor-distributor]
......
......@@ -139,9 +139,6 @@ extra-context =
{% endfor %}
####################
# Monitoring
[monitor-rewrite-rule]
powerdns = http://$${pdns:local-ipv4}:$${pdns:webserver-port}/
[buildout]
parts =
......
......@@ -25,7 +25,7 @@ mode = 0644
[template-powerdns]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-powerdns.cfg
md5sum = e623ae588e14cbfda69e28a3002eaa29
md5sum = b2301de110ba95be46121dc18d7ca544
output = ${buildout:directory}/template-powerdns.cfg
mode = 0644
......
......@@ -109,10 +109,10 @@ filename = registry-run.in
md5sum = 0bf4f2c03e06b55c6c6cc55fa33e65d6
[versions]
re6stnet = 0.520
re6stnet = 0.530
slapos.recipe.template = 4.3
# Required by:
# re6stnet==0.520
# re6stnet==0.530
miniupnpc = 1.9
......@@ -14,7 +14,7 @@
# not need these here).
[template-erp5]
filename = instance-erp5.cfg.in
md5sum = 0c929dcaba31e024d94c63c4aee181d6
md5sum = f3cc69df4d34d780af012260db9a4cf5
[template-balancer]
filename = instance-balancer.cfg.in
......
......@@ -204,7 +204,7 @@ software-type = zope
{% set section_name = 'request-' ~ partition_name -%}
{% set zope_family = zope_parameter_dict.get('family', 'default') -%}
{% do zope_family_name_list.append(zope_family) %}
{% set backend_path = zope_parameter_dict.get('backend-path', '/') % {'site-id': site_id} %}
{% set backend_path = zope_parameter_dict.get('backend-path', '') % {'site-id': site_id} %}
{# # default jupyter zope family is first zope family. -#}
{# # use list.append() to update it, because in jinja2 set changes only local scope. -#}
{% if not jupyter_zope_family_default -%}
......@@ -228,6 +228,7 @@ config-longrequest-logger-timeout = {{ dumps(zope_parameter_dict.get('longreques
config-large-file-threshold = {{ dumps(zope_parameter_dict.get('large-file-threshold', "10MB")) }}
config-port-base = {{ dumps(zope_parameter_dict.get('port-base', 2200)) }}
config-webdav = {{ dumps(zope_parameter_dict.get('webdav', False)) }}
config-wsgi = {{ dumps(slapparameter_dict.get('wsgi', False)) }}
{% if test_runner_enabled -%}
config-test-runner-apache-url-list = ${publish-early:{{ zope_family }}-test-runner-url-list}
{% endif -%}
......@@ -452,9 +453,6 @@ name = neo-${gen-neo-cluster-base:passwd}
[gen-smtpd-sasl-password]
< = gen-password
[monitor-instance-parameter]
monitor-httpd-port = 8386
{{ root_common.common_section() }}
[monitor-conf-parameters]
......
......@@ -18,7 +18,7 @@ md5sum = c44a7481bb85e3258128afe3fcf23f44
[template-runner]
filename = instance-runner.cfg
md5sum = 8f1da15d78ed08d9904ae94844a6893d
md5sum = a5e2ae493b78a0f42d61cc79a0b2e686
[template-runner-import-script]
filename = template/runner-import.sh.jinja2
......
......@@ -115,12 +115,17 @@
],
"default": "false"
},
"monitor-port": {
"slaprunner-httpd-port": {
"title": "Webrunner Server Port",
"description": "Port of the Apache server serving the Webrunner interface.",
"type": "integer",
"default": 9686
},
"monitor-httpd-port": {
"title": "Monitor Port",
"description": "Allow to manually change the port on wich the apache server running monitoring interface is listening. The default value for the webrunner is different from the default value of the standalone stack-monitor server (default 9684)",
"description": "Port of the Apache server serving the monitoring interface.",
"type": "integer",
"minimum": 9683,
"exclusiveMinimum": true
"default": 8386
},
"monitor-interface-url": {
"title": "Monitor Web Interface URL",
......
......@@ -170,7 +170,7 @@ pidfile-instance = $${directory:run}/slapgrid-sr.pid
ssh_client = ${openssh:location}/bin/ssh
public_key = $${runner-sshd-raw-server:rsa-keyfile}.pub
private_key = $${runner-sshd-raw-server:rsa-keyfile}
instance-monitor-url = https://[$${:ipv6}]:$${monitor-parameters:port}
instance-monitor-url = https://[$${:ipv6}]:$${slap-parameter:monitor-httpd-port}
etc_dir = $${directory:etc}
log_dir = $${directory:log}
run_dir = $${directory:run}
......@@ -413,7 +413,6 @@ project_public_folder = $${runnerdirectory:public-project}
runner_home = $${runnerdirectory:home}
git_http_backend = ${git:location}/libexec/git-core/git-http-backend
cgid_sock = $${directory:run}/cgid.sock
#cgi_httpd_conf = $${monitor-httpd-configuration-file:rendered}
httpd_cors_file = $${slaprunner-httpd-cors:location}
[httpd-conf]
......@@ -669,18 +668,12 @@ slapos-reference = 1.0
auto-deploy = false
auto-deploy-instance = true
autorun = false
slaprunner-httpd-port = $${:monitor-port}
# XXX - for backward compatibility, monitor-port was for slaprunner httpd server
monitor-port = 9686
slaprunner-httpd-port = 9686
instance-name =
monitor-cors-domains =
monitor-interface-url =
# XXX - define a new port for monitor here and use monitor-port for backward compatibility
monitor-httpd-port = 8386
[monitor-parameters]
port = $${slap-parameter:monitor-port}
[slapos-cfg]
recipe = slapos.recipe.template:jinja2
template = ${template-slapos-cfg:location}/${template-slapos-cfg:filename}
......
......@@ -15,6 +15,8 @@ scripts =
caucase
caucase-probe
caucase-updater
caucase-rerequest
caucase-key-id
caucased
caucased-manage
......
......@@ -564,18 +564,25 @@ eggs = ${neoppod:eggs}
unidiff
jsonpickle
# WSGI server
zope.globalrequest
waitress
# parameterizing the version of the generated python interpreter name by the
# python section version causes dependency between this egg section and the
# installation of python, which we don't want on an instance
interpreter = ${buildout:python}
entry-points =
runwsgi=Products.ERP5.bin.zopewsgi:runwsgi
scripts =
apachedex
repozo
runwsgi
runzope
runzeo
tidstoraged
tidstorage_repozo
web_checker_utility = erp5.util.webchecker:web_checker_utility
web_checker_utility
extra-paths =
${erp5:location}
......@@ -739,6 +746,8 @@ zbarlight = 2.0
cloudpickle = 0.5.3
dask = 0.18.1
toolz = 0.9.0
zope.globalrequest = 1.5
waitress = 1.3.0
# Re-add for as it is required to be there for uninstallation
erp5.recipe.w3validator = 1.0.2
......
......@@ -34,7 +34,7 @@ md5sum = 13315c109deab534b81e7a45e7320eea
[template-zope-conf]
filename = zope.conf.in
md5sum = adb25a1ab15c8aecf40a3952528f81c2
md5sum = 114e0ac43281b943931754ed317ebc36
[site-zcml]
filename = site.zcml
......@@ -78,7 +78,7 @@ md5sum = d41d8cd98f00b204e9800998ecf8427e
[template-erp5]
filename = instance-erp5.cfg.in
md5sum = ff2f4d9f806fa783421d34204f2a74c8
md5sum = fdecf814ba21b519612317061c2bd097
[template-zeo]
filename = instance-zeo.cfg.in
......@@ -86,7 +86,7 @@ md5sum = 10a01b85c966ad9fe13bc981f1ddabe8
[template-zope]
filename = instance-zope.cfg.in
md5sum = d9da770b4a83a58db8637f0eba97f4e8
md5sum = 646f10824178eaa817cdef3479853bcf
[template-balancer]
filename = instance-balancer.cfg.in
......
......@@ -203,7 +203,7 @@ software-type = zope
{% set section_name = 'request-' ~ partition_name -%}
{% set zope_family = zope_parameter_dict.get('family', 'default') -%}
{% do zope_family_name_list.append(zope_family) %}
{% set backend_path = zope_parameter_dict.get('backend-path', '/') % {'site-id': site_id} %}
{% set backend_path = zope_parameter_dict.get('backend-path', '') % {'site-id': site_id} %}
{# # default jupyter zope family is first zope family. -#}
{# # use list.append() to update it, because in jinja2 set changes only local scope. -#}
{% if not jupyter_zope_family_default -%}
......@@ -227,6 +227,7 @@ config-longrequest-logger-timeout = {{ dumps(zope_parameter_dict.get('longreques
config-large-file-threshold = {{ dumps(zope_parameter_dict.get('large-file-threshold', "10MB")) }}
config-port-base = {{ dumps(zope_parameter_dict.get('port-base', 2200)) }}
config-webdav = {{ dumps(zope_parameter_dict.get('webdav', False)) }}
config-wsgi = {{ dumps(slapparameter_dict.get('wsgi', False)) }}
{% if test_runner_enabled -%}
config-test-runner-apache-url-list = ${publish-early:{{ zope_family }}-test-runner-url-list}
{% endif -%}
......@@ -409,9 +410,6 @@ name = neo-${gen-neo-cluster-base:passwd}
[gen-smtpd-sasl-password]
< = gen-password
[monitor-instance-parameter]
monitor-httpd-port = 8386
{{ root_common.common_section() }}
[monitor-conf-parameters]
......
{% set wsgi = slapparameter_dict['wsgi'] -%}
{% set webdav = slapparameter_dict['webdav'] -%}
{% set use_ipv6 = slapparameter_dict.get('use-ipv6', False) -%}
{% set next_port = itertools.count(slapparameter_dict['port-base']).next -%}
{% set site_id = slapparameter_dict['site-id'] -%}
......@@ -182,7 +184,11 @@ pem = {{dumps(storage_dict.pop(k))}}
[runzope-base]
<= run-common
instance-home = ${directory:instance}
{% if wsgi -%}
wrapped-command-line = '{{ bin_directory }}/runwsgi' {% if webdav %}-w{% endif %} {{ ipv4 }}:${:port} '${:configuration-file}'
{% else -%}
wrapped-command-line = '{{ bin_directory }}/runzope' -C '${:configuration-file}'
{%- endif %}
private-dev-shm = {{ slapparameter_dict['private-dev-shm'] }}
[{{ section('zcml') }}]
......@@ -249,13 +255,13 @@ tidstorage-port = {{ dumps(slapparameter_dict['tidstorage-port']) }}
{% set thread_amount = slapparameter_dict['thread-amount'] -%}
{% set large_file_threshold = slapparameter_dict['large-file-threshold'] -%}
thread-amount = {{ thread_amount }}
{% set webdav = slapparameter_dict['webdav'] -%}
webdav = {{ dumps(webdav) }}
{% if webdav -%}
{% set timerserver_interval = 0 -%}
{% else -%}
{% set timerserver_interval = slapparameter_dict['timerserver-interval'] -%}
{%- endif %}
wsgi = {{ dumps(wsgi) }}
timerserver-interval = {{ dumps(timerserver_interval) }}
[zope-conf-base]
......@@ -315,6 +321,9 @@ context =
< = runzope-base
wrapper-path = ${directory:service-on-watch}/{{ name }}
configuration-file = {{ '${' ~ conf_name ~ ':rendered}' }}
{%- if wsgi %}
port = {{ port }}
{%- endif %}
[{{ section("promise-" ~ name) }}]
recipe = slapos.cookbook:check_port_listening
......
......@@ -22,15 +22,17 @@ rest-output-encoding utf-8
# XXX: isn't this entry implicit ?
products {{ parameter_dict['instance-products'] }}
{% if parameter_dict['webdav'] -%}
{% if not parameter_dict['wsgi'] -%}
{% if parameter_dict['webdav'] -%}
<webdav-source-server>
address {{ parameter_dict['ip'] }}:{{ parameter_dict['port'] }}
force-connection-close off
</webdav-source-server>
{% else %}
{% else %}
<http-server>
address {{ parameter_dict['ip'] }}:{{ parameter_dict['port'] }}
</http-server>
{% endif %}
{%- endif %}
<zoperunner>
......@@ -68,7 +70,11 @@ large-file-threshold {{ parameter_dict['large-file-threshold'] }}
{% set timerserver_interval = parameter_dict['timerserver-interval'] -%}
{% if timerserver_interval -%}
{% if parameter_dict['wsgi'] -%}
%import Products.TimerService.timerserver
{% else %}
%import timerserver
{% endif -%}
<timer-server>
interval {{ timerserver_interval }}
</timer-server>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment