Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
slapos-mynij-dev
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Mynij
slapos-mynij-dev
Commits
93d599bc
Commit
93d599bc
authored
12 years ago
by
Marco Mariani
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
manual port of changes on lapp-resilient over this new branch
parent
d6a9aaa4
No related merge requests found
Changes
9
Show whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
670 additions
and
11 deletions
+670
-11
setup.py
setup.py
+2
-0
slapos/recipe/postgres/__init__.py
slapos/recipe/postgres/__init__.py
+56
-0
stack/lapp/apache/instance-apache-backup.cfg.in
stack/lapp/apache/instance-apache-backup.cfg.in
+197
-0
stack/lapp/buildout.cfg
stack/lapp/buildout.cfg
+52
-2
stack/lapp/instance-resilient.cfg
stack/lapp/instance-resilient.cfg
+172
-0
stack/lapp/instance.cfg.in
stack/lapp/instance.cfg.in
+11
-0
stack/lapp/postgres/instance-postgres-export.cfg.in
stack/lapp/postgres/instance-postgres-export.cfg.in
+18
-0
stack/lapp/postgres/instance-postgres-import.cfg.in
stack/lapp/postgres/instance-postgres-import.cfg.in
+13
-0
stack/lapp/postgres/instance-postgres.cfg.in
stack/lapp/postgres/instance-postgres.cfg.in
+149
-9
No files found.
setup.py
View file @
93d599bc
...
@@ -111,6 +111,8 @@ setup(name=name,
...
@@ -111,6 +111,8 @@ setup(name=name,
'onetimeupload = slapos.recipe.onetimeupload:Recipe'
,
'onetimeupload = slapos.recipe.onetimeupload:Recipe'
,
'pbs = slapos.recipe.pbs:Recipe'
,
'pbs = slapos.recipe.pbs:Recipe'
,
'postgres = slapos.recipe.postgres:Recipe'
,
'postgres = slapos.recipe.postgres:Recipe'
,
'postgres.import = slapos.recipe.postgres:ImportRecipe'
,
'postgres.export = slapos.recipe.postgres:ExportRecipe'
,
'maarch.configuration = slapos.recipe.maarch.configuration:Recipe'
,
'maarch.configuration = slapos.recipe.maarch.configuration:Recipe'
,
'proactive = slapos.recipe.proactive:Recipe'
,
'proactive = slapos.recipe.proactive:Recipe'
,
'publish = slapos.recipe.publish:Recipe'
,
'publish = slapos.recipe.publish:Recipe'
,
...
...
This diff is collapsed.
Click to expand it.
slapos/recipe/postgres/__init__.py
View file @
93d599bc
...
@@ -201,3 +201,59 @@ class Recipe(GenericBaseRecipe):
...
@@ -201,3 +201,59 @@ class Recipe(GenericBaseRecipe):
self
.
createExecutable
(
name
,
content
=
content
)
self
.
createExecutable
(
name
,
content
=
content
)
class
ExportRecipe
(
GenericBaseRecipe
):
def
install
(
self
):
pgdata
=
self
.
options
[
'pgdata-directory'
]
ret
=
[]
if
not
os
.
path
.
exists
(
pgdata
):
wrapper
=
self
.
options
[
'wrapper'
]
self
.
createBackupScript
(
wrapper
)
ret
.
append
(
wrapper
)
return
ret
def
createBackupScript
(
self
,
wrapper
):
"""
Create a script to backup the database in plain SQL format.
"""
content
=
textwrap
.
dedent
(
"""
\
#!/bin/sh
umask 077
%(bin)s/pg_dump -h %(pgdata-directory)s -f %(backup-directory)s/backup.sql %(dbname)s
"""
%
self
.
options
)
self
.
createExecutable
(
wrapper
,
content
=
content
)
class
ImportRecipe
(
GenericBaseRecipe
):
def
install
(
self
):
pgdata
=
self
.
options
[
'pgdata-directory'
]
ret
=
[]
if
not
os
.
path
.
exists
(
pgdata
):
wrapper
=
self
.
options
[
'wrapper'
]
self
.
createRestoreScript
(
wrapper
)
ret
.
append
(
wrapper
)
return
ret
def
createRestoreScript
(
self
,
wrapper
):
"""
Create a script to backup the database in plain SQL format.
"""
content
=
textwrap
.
dedent
(
"""
\
#!/bin/sh
%(bin)s/pg_restore -h %(pgdata-directory)s -d %(dbname)s %(backup-directory)s/backup.sql
"""
%
self
.
options
)
self
.
createExecutable
(
wrapper
,
content
=
content
)
This diff is collapsed.
Click to expand it.
stack/lapp/apache/instance-apache-backup.cfg.in
0 → 100644
View file @
93d599bc
[buildout]
parts =
urls
apache-proxy
logrotate
logrotate-entry-apache
cron
cron-entry-logrotate
sshkeys-authority
sshkeys-dropbear
dropbear-server
dropbear-server-pbs-authorized-key
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
#----------------
#--
#-- Creation of all needed directories.
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
var = $${buildout:directory}/var
srv = $${buildout:directory}/srv
bin = $${buildout:directory}/bin
tmp = $${buildout:directory}/tmp
[basedirectory]
recipe = slapos.cookbook:mkdirectory
log = $${rootdirectory:var}/log
services = $${rootdirectory:etc}/run
run = $${rootdirectory:var}/run
backup = $${rootdirectory:srv}/backup
promises = $${rootdirectory:etc}/promise
[directory]
recipe = slapos.cookbook:mkdirectory
htdocs = $${rootdirectory:srv}/www
logrotate-entries = $${rootdirectory:etc}/logrotate.d
logrotate-backup = $${basedirectory:backup}/logrotate
cronstamps = $${rootdirectory:etc}/cronstamps
cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs
ssh = $${rootdirectory:etc}/ssh
sshkeys = $${rootdirectory:srv}/sshkeys
httpd-log = $${basedirectory:log}/apache
#----------------
#--
#-- Deploy cron.
[cron]
recipe = slapos.cookbook:cron
dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps}
catcher = $${cron-simplelogger:wrapper}
binary = $${basedirectory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = $${rootdirectory:bin}/cron_simplelogger
log = $${basedirectory:log}/crond.log
#----------------
#--
#-- Deploy logrotate.
[cron-entry-logrotate]
<= cron
recipe = slapos.cookbook:cron.d
name = logrotate
frequency = 0 0 * * *
command = $${logrotate:wrapper}
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
gzip-binary = ${gzip:location}/bin/gzip
gunzip-binary = ${gzip:location}/bin/gunzip
# Directories
wrapper = $${rootdirectory:bin}/logrotate
conf = $${rootdirectory:etc}/logrotate.conf
logrotate-entries = $${directory:logrotate-entries}
backup = $${directory:logrotate-backup}
state-file = $${rootdirectory:srv}/logrotate.status
#----------------
#--
#-- sshkeys
[sshkeys-directory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:sshkeys}/requests
keys = $${directory:sshkeys}/keys
[sshkeys-authority]
recipe = slapos.cookbook:sshkeys_authority
request-directory = $${sshkeys-directory:requests}
keys-directory = $${sshkeys-directory:keys}
wrapper = $${basedirectory:services}/sshkeys_authority
keygen-binary = ${dropbear:location}/bin/dropbearkey
[sshkeys-dropbear]
<= sshkeys-authority
recipe = slapos.cookbook:sshkeys_authority.request
name = dropbear
type = rsa
executable = $${dropbear-server:wrapper}
public-key = $${dropbear-server:rsa-keyfile}.pub
private-key = $${dropbear-server:rsa-keyfile}
wrapper = $${basedirectory:services}/sshd
#----------------
#--
#-- Dropbear.
[dropbear-server]
recipe = slapos.cookbook:dropbear
host = $${slap-network-information:global-ipv6}
port = 2222
home = $${directory:ssh}
wrapper = $${rootdirectory:bin}/raw_sshd
shell = $${rdiff-backup-server:wrapper}
rsa-keyfile = $${directory:ssh}/server_key.rsa
dropbear-binary = ${dropbear:location}/sbin/dropbear
[dropbear-server-pbs-authorized-key]
<= dropbear-server
recipe = slapos.cookbook:dropbear.add_authorized_key
key = $${slap-parameter:authorized-key}
#----------------
#--
#-- rdiff
[rdiff-backup-server]
recipe = slapos.cookbook:pbs
client = false
path = $${directory:htdocs}
wrapper = $${rootdirectory:bin}/rdiffbackup-server
rdiffbackup-binary = ${buildout:bin-directory}/rdiff-backup
#----------------
#--
#-- Apache Proxy.
[apache-proxy]
recipe = slapos.cookbook:apacheproxy
url = $${slap-parameter:proxy-url}
pid-file = $${basedirectory:run}/apache.pid
lock-file = $${basedirectory:run}/apache.lock
ip = $${slap-network-information:global-ipv6}
port = 8080
error-log = $${directory:httpd-log}/error.log
access-log = $${directory:httpd-log}/access.log
httpd-conf = $${rootdirectory:etc}/apache.conf
wrapper = $${basedirectory:services}/apache
promise = $${basedirectory:promises}/apache
httpd-binary = ${apache:location}/bin/httpd
[logrotate-entry-apache]
<= logrotate
recipe = slapos.cookbook:logrotate.d
name = apache
log = $${apache-proxy:error-log} $${apache-proxy:access-log}
frequency = daily
rotate-num = 30
sharedscripts = true
notifempty = true
create = true
#----------------
#--
#-- Publish instance parameters.
[urls]
recipe = slapos.cookbook:publish
url = http://[$${apache-proxy:ip}]:$${apache-proxy:port}/
ssh-public-key = $${sshkeys-dropbear:public-key-value}
ssh-url = ssh://nobody@[$${dropbear-server:host}]:$${dropbear-server:port}/$${rdiff-backup-server:path}
This diff is collapsed.
Click to expand it.
stack/lapp/buildout.cfg
View file @
93d599bc
[buildout]
[buildout]
parts =
parts =
apache-php-postgres
apache-php-postgres
rdiff-backup
dropbear
eggs
eggs
instance
instance
psycopg2
psycopg2
instance-apache-php
instance-apache-php
instance-postgres
instance-postgres
#Contains the importer and exporter recipes for postgres
instance-postgres-import
instance-postgres-export
instance-default-root
instance-default-root
extends =
extends =
../resilient/buildout.cfg
../../component/apache/buildout.cfg
../../component/apache/buildout.cfg
../../component/apache-php/buildout.cfg
../../component/apache-php/buildout.cfg
../../component/dash/buildout.cfg
../../component/dash/buildout.cfg
...
@@ -18,10 +27,16 @@ extends =
...
@@ -18,10 +27,16 @@ extends =
../../component/logrotate/buildout.cfg
../../component/logrotate/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/postgresql/buildout.cfg
../../component/postgresql/buildout.cfg
../../component/rdiff-backup/buildout.cfg
../../component/stunnel/buildout.cfg
../../component/stunnel/buildout.cfg
../../component/dropbear/buildout.cfg
../slapos.cfg
../slapos.cfg
# XXX TODO
#[instance-recipe]
#egg = slapos.cookbook
#module = lamp.request
#----------------
#----------------
#-- Application-specific part (maarch, etc.)
#-- Application-specific part (maarch, etc.)
...
@@ -38,7 +53,7 @@ strip-top-level-dir = true
...
@@ -38,7 +53,7 @@ strip-top-level-dir = true
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
url = ${:_profile_base_location_}/instance.cfg.in
output = ${buildout:directory}/instance.cfg
output = ${buildout:directory}/instance.cfg
md5sum =
35d440866b4253dfa9f5ff291835fa50
md5sum =
1aaf3ea7b14e09e66904bdb80e3cfe2f
mode = 0644
mode = 0644
[instance-apache-php]
[instance-apache-php]
...
@@ -48,14 +63,49 @@ output = ${buildout:directory}/instance-apache-php.cfg
...
@@ -48,14 +63,49 @@ output = ${buildout:directory}/instance-apache-php.cfg
md5sum = fb34918c73ba242ffc08dfd7745367b3
md5sum = fb34918c73ba242ffc08dfd7745367b3
mode = 0644
mode = 0644
[instance-apache-backup]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/apache/instance-apache-backup.cfg.in
output = ${buildout:directory}/instance-apache-backup.cfg
md5sum = 48f969d82319a9d145570f5f0fd27672
mode = 0644
[template-resilient-lapp]
recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/template-resilient.cfg.in
rendered = ${buildout:directory}/instance-resilient.cfg
context = key templateapache instance-apache-php:output
key dropbear dropbear:location
key buildout buildout:bin-directory
import-list = file parts template-parts:destination
file replicated template-replicated:destination
md5sum = 29b44a5783263581bf2258de9e994a57
mode = 0644
[instance-postgres]
[instance-postgres]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/postgres/instance-postgres.cfg.in
url = ${:_profile_base_location_}/postgres/instance-postgres.cfg.in
output = ${buildout:directory}/instance-postgres.cfg
output = ${buildout:directory}/instance-postgres.cfg
md5sum =
1dd96699e54575d8787295a4c29f1ddb
md5sum =
c2e7b95e457857d35f687a67424363a4
mode = 0644
mode = 0644
[instance-postgres-import]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/postgres/instance-postgres-import.cfg.in
output = ${buildout:directory}/instance-postgres-import.cfg
md5sum = feb43a65eefd9c5dea8e7d3551465956
mode = 0644
[instance-postgres-export]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/postgres/instance-postgres-export.cfg.in
output = ${buildout:directory}/instance-postgres-export.cfg
md5sum = 7bce31bc22a731a8fc6119aee96586f5
mode = 0644
#----------------
#----------------
...
...
This diff is collapsed.
Click to expand it.
stack/lapp/instance-resilient.cfg
0 → 100644
View file @
93d599bc
{% import 'parts' as parts %}
{% import 'replicated' as replicated %}
[buildout]
extends =
{{templateapache}}
parts =
{{ parts.replicate("postgres","3") }}
request-apache-backup-1
request-apache-backup-2
request-pull-backup-server-apache-1
request-pull-backup-server-apache-backup-1
request-pull-backup-server-apache-2
request-pull-backup-server-apache-backup-2
publish-connection-informations
apache-php
stunnel
certificate-authority
ca-stunnel
logrotate
logrotate-entry-apache
logrotate-entry-stunnel
cron
cron-entry-logrotate
dropbear-server
sshkeys-authority
dropbear-server-pbs-authorized-key
request-pull-backup-server
{{ replicated.replicate("postgres", "3", "postgres-export", "postgres-import") }}
[request-pull-backup-server]
<= request-pbs-common
name = PBS (Pull Backup Server)
return = ssh-key notification-url feeds-url
slave = false
[sshkeys-directory]
recipe = slapos.cookbook:mkdirectory
requests = ${directory:sshkeys}/requests
keys = ${directory:sshkeys}/keys
[sshkeys-authority]
recipe = slapos.cookbook:sshkeys_authority
request-directory = ${sshkeys-directory:requests}
keys-directory = ${sshkeys-directory:keys}
wrapper = ${basedirectory:services}/sshkeys_authority
keygen-binary = {{dropbear}}/bin/dropbearkey
[sshkeys-dropbear]
<= sshkeys-authority
recipe = slapos.cookbook:sshkeys_authority.request
name = dropbear
type = rsa
executable = ${dropbear-server:wrapper}
public-key = ${dropbear-server:rsa-keyfile}.pub
private-key = ${dropbear-server:rsa-keyfile}
wrapper = ${basedirectory:services}/sshd
[dropbear-server]
recipe = slapos.cookbook:dropbear
host = ${slap-network-information:global-ipv6}
port = 2222
home = ${directory:ssh}
wrapper = ${rootdirectory:bin}/raw_sshd
shell = ${rdiff-backup-server:wrapper}
rsa-keyfile = ${directory:ssh}/server_key.rsa
dropbear-binary = {{dropbear}}/sbin/dropbear
[dropbear-server-pbs-authorized-key]
<= dropbear-server
recipe = slapos.cookbook:dropbear.add_authorized_key
key = ${request-pull-backup-server:connection-ssh-key}
[rdiff-backup-server]
<= apache-php
recipe = slapos.cookbook:pbs
client = false
path = ${apache-php:htdocs}
wrapper = ${rootdirectory:bin}/rdiffbackup-server
rdiffbackup-binary = {{buildout}}/rdiff-backup
[request-apache-backup-1]
<= slap-connection
recipe = slapos.cookbook:request
name = Apache Backup 1
software-url = ${slap-connection:software-release-url}
software-type = apache-backup
return = url ssh-url ssh-public-key
config = authorized-key proxy-url
config-authorized-key = ${request-pull-backup-server:connection-ssh-key}
config-proxy-url = ${publish-connection-informations:url}
[request-apache-backup-2]
<= slap-connection
recipe = slapos.cookbook:request
name = Apache Backup 2
software-url = ${slap-connection:software-release-url}
software-type = apache-backup
return = url ssh-url ssh-public-key
config = authorized-key proxy-url
config-authorized-key = ${request-pull-backup-server:connection-ssh-key}
config-proxy-url = ${publish-connection-informations:url}
[request-pull-backup-server-apache-1]
<= request-pbs-common
name = PBS pulling from Apache 1
config = url name type server-key notify notification-id frequency
config-url = ssh://nobody@[${dropbear-server:host}]:${dropbear-server:port}/${rdiff-backup-server:path}
config-name = ${slap-connection:computer-id}-${slap-connection:partition-id}-apache
config-type = pull
config-server-key = ${sshkeys-dropbear:public-key-value}
config-notify = ${request-pull-backup-server:connection-notification-url}
config-notification-id = ${slap-connection:computer-id}-${slap-connection:partition-id}-apache-pull
config-frequency = 30 * * * *
slave = true
sla = instance_guid
sla-instance_guid = ${request-pull-backup-server:instance_guid}
[request-pull-backup-server-apache-2]
<= request-pbs-common
name = PBS pulling from Apache 2
config = url name type server-key notify notification-id frequency
config-url = ssh://nobody@[${dropbear-server:host}]:${dropbear-server:port}/${rdiff-backup-server:path}
config-name = ${slap-connection:computer-id}-${slap-connection:partition-id}-apache
config-type = pull
config-server-key = ${sshkeys-dropbear:public-key-value}
config-notify = ${request-pull-backup-server:connection-notification-url}
config-notification-id = ${slap-connection:computer-id}-${slap-connection:partition-id}-apache-pull
config-frequency = 30 * * * *
slave = true
sla = instance_guid
sla-instance_guid = ${request-pull-backup-server:instance_guid}
[request-pull-backup-server-apache-backup-1]
<= request-pbs-common
name = PBS pushing to ${request-apache-backup-1:name}
config = url name type server-key on-notification
config-url = ${request-apache-backup-1:connection-ssh-url}
config-name = ${request-pull-backup-server-apache-1:config-name}
config-type = push
config-server-key = ${request-apache-backup-1:connection-ssh-public-key}
config-on-notification = ${request-pull-backup-server:connection-feeds-url}${request-pull-backup-server-apache-1:config-notification-id}
slave = true
sla = instance_guid
sla-instance_guid = ${request-pull-backup-server:instance_guid}
[request-pull-backup-server-apache-backup-2]
<= request-pbs-common
name = PBS pushing to ${request-apache-backup-2:name}
config = url name type server-key on-notification
config-url = ${request-apache-backup-2:connection-ssh-url}
config-name = ${request-pull-backup-server-apache-2:config-name}
config-type = push
config-server-key = ${request-apache-backup-2:connection-ssh-public-key}
config-on-notification = ${request-pull-backup-server:connection-feeds-url}${request-pull-backup-server-apache-2:config-notification-id}
slave = true
sla = instance_guid
sla-instance_guid = ${request-pull-backup-server:instance_guid}
[directory]
ssh = ${rootdirectory:etc}/ssh
sshkeys = ${rootdirectory:srv}/sshkeys
This diff is collapsed.
Click to expand it.
stack/lapp/instance.cfg.in
View file @
93d599bc
[buildout]
[buildout]
parts =
parts =
switch_softwaretype
switch_softwaretype
...
@@ -10,4 +11,14 @@ offline = true
...
@@ -10,4 +11,14 @@ offline = true
recipe = slapos.cookbook:softwaretype
recipe = slapos.cookbook:softwaretype
default = ${instance-default-root:output}
default = ${instance-default-root:output}
apache = ${instance-apache-php:output}
apache = ${instance-apache-php:output}
resilient = ${template-resilient-lapp:rendered}
postgres = ${instance-postgres:output}
postgres = ${instance-postgres:output}
postgres-import = ${instance-postgres-import:output}
postgres-export = ${instance-postgres-export:output}
apache-backup = ${instance-apache-backup:output}
#frozen creates a syntax error, meaning it can keep its data.
#It's dirty as hell, it needs to be replaced.
frozen = ${instance-frozen:output}
pull-backup = ${template-pull-backup:output}
This diff is collapsed.
Click to expand it.
stack/lapp/postgres/instance-postgres-export.cfg.in
0 → 100644
View file @
93d599bc
[buildout]
extends = ${instance-postgres:output}
${pbsready-export:output}
parts +=
urls
postgres-instance
postgres-promise
[exporter]
recipe = slapos.cookbook:postgres.export
wrapper = $${rootdirectory:bin}/$${slap-parameter:namebase}-exporter
bin = $${postgres-instance:bin}
pgdata-directory = $${postgres-instance:pgdata-directory}
backup-directory = $${postgres-instance:backup-directory}
dbname = $${postgres-instance:dbname}
This diff is collapsed.
Click to expand it.
stack/lapp/postgres/instance-postgres-import.cfg.in
0 → 100644
View file @
93d599bc
[buildout]
extends = ${instance-postgres:output}
${pbsready-import:output}
parts += postgres-instance
[importer]
recipe = slapos.cookbook:postgres.import
wrapper = $${rootdirectory:bin}/resilient-importer
bin = $${postgres-instance:bin}
pgdata-directory = $${postgres-instance:pgdata-directory}
backup-directory = $${postgres-instance:backup-directory}
dbname = $${postgres-instance:dbname}
This diff is collapsed.
Click to expand it.
stack/lapp/postgres/instance-postgres.cfg.in
View file @
93d599bc
...
@@ -3,8 +3,18 @@ parts =
...
@@ -3,8 +3,18 @@ parts =
urls
urls
postgres-instance
postgres-instance
postgres-promise
postgres-promise
stunnel
certificate-authority
ca-stunnel
logrotate
logrotate-entry-stunnel
logrotate-entry-cron
cron
cron
cron-entry-logrotate
slapmonitor
slapreport
gzip-binary = ${gzip:location}/bin/gzip
# Define egg directories to be the one from Software Release
# Define egg directories to be the one from Software Release
# (/opt/slapgrid/...)
# (/opt/slapgrid/...)
...
@@ -29,6 +39,8 @@ recipe = slapos.cookbook:mkdirectory
...
@@ -29,6 +39,8 @@ recipe = slapos.cookbook:mkdirectory
log = $${rootdirectory:var}/log
log = $${rootdirectory:var}/log
services = $${rootdirectory:etc}/run
services = $${rootdirectory:etc}/run
run = $${rootdirectory:var}/run
run = $${rootdirectory:var}/run
script = $${rootdirectory:etc}/script
backup = $${rootdirectory:srv}/backup
promises = $${rootdirectory:etc}/promise
promises = $${rootdirectory:etc}/promise
[directory]
[directory]
...
@@ -36,6 +48,10 @@ recipe = slapos.cookbook:mkdirectory
...
@@ -36,6 +48,10 @@ recipe = slapos.cookbook:mkdirectory
cron-entries = $${rootdirectory:etc}/cron.d
cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs
crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps
cronstamps = $${rootdirectory:etc}/cronstamps
ca-dir = $${rootdirectory:srv}/ssl
logrotate-backup = $${basedirectory:backup}/logrotate
stunnel-conf = $${rootdirectory:etc}/stunnel
logrotate-entries = $${rootdirectory:etc}/logrotate.d
#----------------
#----------------
...
@@ -59,16 +75,93 @@ log = $${basedirectory:log}/crond.log
...
@@ -59,16 +75,93 @@ log = $${basedirectory:log}/crond.log
#----------------
#----------------
#--
#--
#--
Fetches parameters defined in SlapOS Master for this instance
#--
Deploy logrotate.
[instance-parameters]
[cron-entry-logrotate]
recipe = slapos.cookbook:slapconfiguration
<= cron
computer = $${slap-connection:computer-id}
recipe = slapos.cookbook:cron.d
partition = $${slap-connection:partition-id}
name = logrotate
url = $${slap-connection:server-url}
frequency = 0 0 * * *
key = $${slap-connection:key-file}
command = $${logrotate:wrapper}
cert = $${slap-connection:cert-file}
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
gzip-binary = $${buildout:gzip-binary}
gunzip-binary = ${gzip:location}/bin/gunzip
# Directories
wrapper = $${rootdirectory:bin}/logrotate
conf = $${rootdirectory:etc}/logrotate.conf
logrotate-entries = $${directory:logrotate-entries}
backup = $${directory:logrotate-backup}
state-file = $${rootdirectory:srv}/logrotate.status
[logrotate-entry-stunnel]
<= logrotate
recipe = slapos.cookbook:logrotate.d
name = stunnel
log = $${stunnel:log-file}
frequency = daily
rotate-num = 30
notifempty = true
create = true
post = $${stunnel:post-rotate-script}
[logrotate-entry-cron]
<= logrotate
recipe =slapos.cookbook:logrotate.d
name = crond
log = $${cron-simplelogger:log}
frequency = daily
rotate-num = 30
notifempty = true
create = true
#----------------
#--
#-- Deploy stunnel.
#-- XXX This is actually not needed with Postgres.
[stunnel]
recipe = slapos.cookbook:stunnel
stunnel-binary = ${stunnel:location}/bin/stunnel
wrapper = $${rootdirectory:bin}/stunnel
log-file = $${basedirectory:log}/stunnel.log
config-file = $${directory:stunnel-conf}/stunnel.conf
key-file = $${directory:stunnel-conf}/stunnel.key
cert-file = $${directory:stunnel-conf}/stunnel.crt
pid-file = $${basedirectory:run}/stunnel.pid
local-host = $${postgres-instance:ip} # XXX we don't need tunnel
local-port = $${postgres-instance:port} # XXX we don't need tunnel
remote-host = $${slap-network-information:global-ipv6}
remote-port = 6446
client = false
post-rotate-script = $${rootdirectory:bin}/stunnel_post_rotate
#----------------
#--
#-- Certificate stuff.
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${directory:ca-dir}
requests-directory = $${cadirectory:requests}
wrapper = $${basedirectory:services}/ca
ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts}
ca-crl = $${cadirectory:crl}
[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:ca-dir}/requests/
private = $${directory:ca-dir}/private/
certs = $${directory:ca-dir}/certs/
newcerts = $${directory:ca-dir}/newcerts/
crl = $${directory:ca-dir}/crl/
#----------------
#----------------
#--
#--
...
@@ -80,13 +173,22 @@ ipv6_host = $${slap-network-information:global-ipv6}
...
@@ -80,13 +173,22 @@ ipv6_host = $${slap-network-information:global-ipv6}
user = postgres
user = postgres
port = 5432
port = 5432
dbname = db
dbname = db
# XXX the next line is required by stunnel, not by us
ip = $${slap-network-information:local-ipv4}
# pgdata_directory is created by initdb, and should not exist beforehand.
# pgdata_directory is created by initdb, and should not exist beforehand.
pgdata-directory = $${rootdirectory:var}/data
pgdata-directory = $${rootdirectory:var}/data
backup-directory = $${basedirectory:backup}
services = $${basedirectory:services}
services = $${basedirectory:services}
bin = $${rootdirectory:bin}
bin = $${rootdirectory:bin}
dependency-symlinks = $${symlinks:recipe}
dependency-symlinks = $${symlinks:recipe}
[ca-stunnel]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
executable = $${stunnel:wrapper}
wrapper = $${basedirectory:services}/stunnel
key-file = $${stunnel:key-file}
cert-file = $${stunnel:cert-file}
#----------------
#----------------
#--
#--
...
@@ -98,6 +200,32 @@ symlink_target = $${rootdirectory:bin}
...
@@ -98,6 +200,32 @@ symlink_target = $${rootdirectory:bin}
symlink_base = ${postgresql:location}/bin
symlink_base = ${postgresql:location}/bin
#----------------
#--
#-- Deploy slapmonitor.
[slapmonitor]
recipe = slapos.cookbook:slapmonitor
pid-file = $${basedirectory:run}/mariadb.pid
database-path = $${basedirectory:log}/slapmonitor.db
shell-path = ${dash:location}/bin/dash
slapmonitor-path = ${buildout:bin-directory}/slapmonitor
path = $${basedirectory:services}/slapmonitor
[slapreport]
recipe = slapos.cookbook:slapreport
pid-file = $${basedirectory:run}/mariadb.pid
database-path = $${basedirectory:log}/slapmonitor.db
consumption-log-path = $${basedirectory:log}/instance_consumption.log
logbox-ip = 87.98.152.12
logbox-port = 5122
logbox-user = admin
logbox-passwd = passer
shell-path = ${dash:location}/bin/dash
slapreport-path = ${buildout:bin-directory}/slapreport
path = $${basedirectory:services}/slapreport
#----------------
#----------------
#--
#--
#-- Deploy promise scripts.
#-- Deploy promise scripts.
...
@@ -117,3 +245,15 @@ port = $${postgres-instance:port}
...
@@ -117,3 +245,15 @@ port = $${postgres-instance:port}
recipe = slapos.cookbook:publishurl
recipe = slapos.cookbook:publishurl
url = $${postgres-instance:url}
url = $${postgres-instance:url}
#----------------
#--
#-- Fetches parameters defined in SlapOS Master for this instance
[instance-parameters]
recipe = slapos.cookbook:slapconfiguration
computer = $${slap-connection:computer-id}
partition = $${slap-connection:partition-id}
url = $${slap-connection:server-url}
key = $${slap-connection:key-file}
cert = $${slap-connection:cert-file}
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment