Commit d1b3ff67 authored by Nicolas Wavrant's avatar Nicolas Wavrant

resilient: backup.signature can be accessed from takeover interface

parent cfee5b8d
......@@ -50,7 +50,7 @@ mode = 0644
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/pbsready-import.cfg.in
output = ${buildout:directory}/pbsready-import.cfg
md5sum = f4e6831110ad5fcf29e3463f49556eee
md5sum = cdebc491a50a61fecc3391a5eb311bdb
mode = 0644
[pbsready-export]
......@@ -95,7 +95,7 @@ output = ${buildout:directory}/instance-frozen.cfg
[resilient-web-takeover-cgi-script-download]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/resilient-web-takeover-cgi-script.py.in
md5sum = b3b47dd6e499ac2ea36aa32dbbdfd5f5
md5sum = c46c8e3e4ce4376c98ad2fc0e2ff0fe4
mode = 0644
destination = ${buildout:directory}/resilient-web-takeover-cgi-script.py.in
......
......@@ -62,12 +62,13 @@ callback = $${importer:wrapper}
[post-notification-run]
recipe = collective.recipe.template
diff-file-name = $${basedirectory:backup}/backup.diff
diff-file = $${basedirectory:backup}/backup.diff
proof-signature-file = $${basedirectory:backup}/proof.signature
input = inline:
#!/${bash:location}/bin/bash
cd $${directory:backup}
find -type f ! -name backup.signature ! -wholename "./rdiff-backup-data/*" -print0 | xargs -P4 -0 sha256sum | LC_ALL=C sort -k 66 > ../proof.signature
diff -ruw backup.signature $${basedirectory:backup}/proof.signature > $${:diff-file-name}
find -type f ! -name backup.signature ! -wholename "./rdiff-backup-data/*" -print0 | xargs -P4 -0 sha256sum | LC_ALL=C sort -k 66 > $${:proof-signature-file}
diff -ruw backup.signature $${:proof-signature-file} > $${:diff-file}
output = $${rootdirectory:bin}/post-notification-run
mode = 0700
......@@ -81,7 +82,7 @@ callback = $${post-notification-run:output}
recipe = slapos.recipe.template:jinja2
template = inline:
#!/${bash:location}/bin/bash
if [ "$(wc -l $${post-notification-run:diff-file-name} | cut -d \ -f1)" -eq 0 ]; then exit 0; else exit 1; fi
if [ "$(wc -l $${post-notification-run:diff-file} | cut -d \ -f1)" -eq 0 ]; then exit 0; else exit 1; fi
rendered = $${basedirectory:promises}/backup-transfer-integrity-promise
mode = 700
......@@ -113,6 +114,7 @@ input = ${resilient-web-takeover-cgi-script-download:destination}
output = $${directory:cgi-bin}/web-takeover.cgi
password = $${resilient-web-takeover-password:passwd}
mode = 700
proof-signature-url = $${publish:monitor-base-url}/private/resilient/backup.signature
# XXX could it be something lighter?
# XXX Add SSL
......@@ -167,4 +169,4 @@ curl_path = ${curl:location}/bin/curl
###########
[backup-signature-link]
recipe = cns.recipe.symlink
symlink = $${basedirectory:backup}/proof.signature = $${directory:monitor-resilient}/backup.signature
\ No newline at end of file
symlink = $${post-notification-run:proof-signature-file} = $${directory:monitor-resilient}/backup.signature
\ No newline at end of file
......@@ -87,6 +87,7 @@ if "password" not in form:
<hr />
<p><b>Last valid backup:</b> %s</p>
<p><b>Importer script(s) of backup in progress:</b> %s</p>
<p><b>Backup Signature:</b> <a href='${resilient-web-takeover-cgi-script:proof-signature-url}'>${resilient-web-takeover-cgi-script:proof-signature-url}</a></b></p>
%s
<form action="/">
Password: <input type="text" name="password">
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment