Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Ophélie Gagnard
slapos
Commits
14a83ba7
Commit
14a83ba7
authored
Feb 05, 2013
by
Cédric de Saint Martin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Switch Apache 'backup' system to generic resilient system.
parent
2365feba
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
108 additions
and
172 deletions
+108
-172
stack/lamp/apache/instance-apache-export.cfg.jinja2
stack/lamp/apache/instance-apache-export.cfg.jinja2
+35
-0
stack/lamp/apache/instance-apache-import.cfg.in
stack/lamp/apache/instance-apache-import.cfg.in
+32
-0
stack/lamp/buildout.cfg
stack/lamp/buildout.cfg
+27
-10
stack/lamp/instance-resilient.cfg.jinja2
stack/lamp/instance-resilient.cfg.jinja2
+12
-161
stack/lamp/instance.cfg.in
stack/lamp/instance.cfg.in
+2
-1
No files found.
stack/lamp/apache/instance-apache-export.cfg.jinja2
0 → 100644
View file @
14a83ba7
# This file is responsible of two things:
# 1/ Act as "Apache exporter"
# 2/ Act as "Mariadb backup infrastructure requester"
{% import 'parts' as parts %}
{% import 'replicated' as replicated %}
[buildout]
extends = {{templateapache}}
{{templatepbsreadyexport}}
parts +=
{{ parts.replicate("mariadb", "3") }}
# have to repeat the next one, as it's not inherited from pbsready-export
cron-entry-backup
{{ replicated.replicate("mariadb", "3", "mariadb-export", "mariadb-import") }}
# Nothing to do for the exporter. Just dummy part that does nothing.
# For httpd instance, PBS will directly pull data from srv/www.
[exporter]
wrapper = /usr/bin/true
# State that we want to backup srv/www directory, not srv/backup.
[rdiff-backup-server]
path = ${directory:www}
# XXX-Cedric: resilient uses "urls" part to publish, but apache doesn't.
[urls]
<= publish-connection-informations
# XXX-Cedric: resilient overwrites what's returned from request-mariadb
[request-mariadb]
return = ssh-public-key ssh-url notification-id ip url
stack/lamp/apache/instance-apache-import.cfg.in
0 → 100644
View file @
14a83ba7
[buildout]
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
# XXX-Cedric: is instance-apache-php needed?
#extends = ${instance-apache-php:output}
# ${pbsready-import:output}
extends = ${pbsready-import:output}
parts +=
# have to repeat the next one, as it's not inherited from pbsready-import
import-on-notification
[directory]
srv = $${buildout:directory}/srv
www = $${:srv}/www/
# Nothing to do for the import. Just dummy part that does nothing.
# For httpd instance, PBS will directly push data to srv/www.
# XXX-Cedric: is it safe?
[exporter]
wrapper = /usr/bin/true
# XXX-Cedric: resilient uses "urls" part to publish, but apache doesn't.
[urls]
recipe = slapos.cookbook:publish
# State that we want to push to srv/www directory, not srv/backup.
[rdiff-backup-server]
path = $${directory:www}
stack/lamp/buildout.cfg
View file @
14a83ba7
...
@@ -20,6 +20,10 @@ parts =
...
@@ -20,6 +20,10 @@ parts =
instance-mariadb-import
instance-mariadb-import
instance-mariadb-export
instance-mariadb-export
#Contains the importer and exporter recipes for apache
instance-apache-import
instance-apache-export
extends =
extends =
../resilient/buildout.cfg
../resilient/buildout.cfg
...
@@ -62,7 +66,7 @@ strip-top-level-dir = true
...
@@ -62,7 +66,7 @@ strip-top-level-dir = true
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
url = ${:_profile_base_location_}/instance.cfg.in
output = ${buildout:directory}/instance.cfg
output = ${buildout:directory}/instance.cfg
md5sum =
9589ea6ce454012120656b79bfa23e2b
md5sum =
650cd2527158734fd6ccd9ec374b5e69
mode = 0644
mode = 0644
[instance-apache-php]
[instance-apache-php]
...
@@ -72,11 +76,25 @@ output = ${buildout:directory}/instance-apache-php.cfg
...
@@ -72,11 +76,25 @@ output = ${buildout:directory}/instance-apache-php.cfg
md5sum = 0538b05d27d8a64e89f898c09eb57716
md5sum = 0538b05d27d8a64e89f898c09eb57716
mode = 0644
mode = 0644
[instance-apache-
backup
]
[instance-apache-
import
]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/apache/instance-apache-backup.cfg.in
url = ${:_profile_base_location_}/apache/instance-apache-import.cfg.in
output = ${buildout:directory}/instance-apache-backup.cfg
output = ${buildout:directory}/instance-apache-import.cfg
md5sum = 48f969d82319a9d145570f5f0fd27672
md5sum = 7c5bb18f1dccb38ad043c33e224798e6
mode = 0644
[instance-apache-export]
recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/apache/instance-apache-export.cfg.jinja2
rendered = ${buildout:directory}/instance-apache-export.cfg
context = key templateapache instance-apache-php:output
key templatepbsreadyexport pbsready-export:output
import-list = file parts template-parts:destination
file replicated template-replicated:destination
md5sum = 6e544e4d6f8093fee1724b231e1e8f34
mode = 0644
mode = 0644
[instance-resilient]
[instance-resilient]
...
@@ -84,16 +102,15 @@ recipe = slapos.recipe.template:jinja2
...
@@ -84,16 +102,15 @@ recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/instance-resilient.cfg.jinja2
template = ${:_profile_base_location_}/instance-resilient.cfg.jinja2
rendered = ${buildout:directory}/instance-resilient.cfg
rendered = ${buildout:directory}/instance-resilient.cfg
context = key
templateapache instance-apache-php:output
context = key
buildout buildout:bin-directory
key d
ropbear dropbear:location
key d
evelop_eggs_directory buildout:develop-eggs-directory
key
buildout buildout:bin
-directory
key
eggs_directory buildout:eggs
-directory
import-list = file parts template-parts:destination
import-list = file parts template-parts:destination
file replicated template-replicated:destination
file replicated template-replicated:destination
md5sum =
15697876aefa8ec504e91b122b58ec19
md5sum =
efcf17ce8e1544738a64cc4f7025cec3
mode = 0644
mode = 0644
[instance-mariadb]
[instance-mariadb]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
...
...
stack/lamp/instance-resilient.cfg.jinja2
View file @
14a83ba7
...
@@ -4,172 +4,23 @@
...
@@ -4,172 +4,23 @@
{% import 'replicated' as replicated %}
{% import 'replicated' as replicated %}
[buildout]
[buildout]
eggs-directory = {{ eggs_directory }}
extends =
develop-eggs-directory = {{ develop_eggs_directory }}
{{templateapache}}
offline = true
# += because we need to take up parts (like instance-custom, slapmonitor etc) from the profile we extended
# += because we need to take up parts (like instance-custom, slapmonitor etc) from the profile we extended
parts +=
parts +=
{{ parts.replicate("mariadb","3") }}
{{ parts.replicate("apache", "3") }}
request-apache-backup-1
request-apache-backup-2
request-pull-backup-server-apache-1
request-pull-backup-server-apache-backup-1
request-pull-backup-server-apache-2
request-pull-backup-server-apache-backup-2
publish-connection-informations
publish-connection-informations
apache-php
stunnel
certificate-authority
ca-stunnel
logrotate
logrotate-entry-apache
logrotate-entry-stunnel
cron
cron-entry-logrotate
dropbear-server
sshkeys-authority
dropbear-server-pbs-authorized-key
request-pull-backup-server
{{ replicated.replicate("mariadb", "3", "mariadb-export", "mariadb-import") }}
[request-pull-backup-server]
<= request-pbs-common
name = PBS (Pull Backup Server)
return = ssh-key notification-url feeds-url
slave = false
[sshkeys-directory]
recipe = slapos.cookbook:mkdirectory
requests = ${directory:sshkeys}/requests
keys = ${directory:sshkeys}/keys
[sshkeys-authority]
recipe = slapos.cookbook:sshkeys_authority
request-directory = ${sshkeys-directory:requests}
keys-directory = ${sshkeys-directory:keys}
wrapper = ${basedirectory:services}/sshkeys_authority
keygen-binary = {{dropbear}}/bin/dropbearkey
[sshkeys-dropbear]
<= sshkeys-authority
recipe = slapos.cookbook:sshkeys_authority.request
name = dropbear
type = rsa
executable = ${dropbear-server:wrapper}
public-key = ${dropbear-server:rsa-keyfile}.pub
private-key = ${dropbear-server:rsa-keyfile}
wrapper = ${basedirectory:services}/sshd
[dropbear-server]
recipe = slapos.cookbook:dropbear
host = ${slap-network-information:global-ipv6}
port = 2222
home = ${directory:ssh}
wrapper = ${rootdirectory:bin}/raw_sshd
shell = ${rdiff-backup-server:wrapper}
rsa-keyfile = ${directory:ssh}/server_key.rsa
dropbear-binary = {{dropbear}}/sbin/dropbear
[dropbear-server-pbs-authorized-key]
<= dropbear-server
recipe = slapos.cookbook:dropbear.add_authorized_key
key = ${request-pull-backup-server:connection-ssh-key}
[rdiff-backup-server]
<= apache-php
recipe = slapos.cookbook:pbs
client = false
path = ${apache-php:htdocs}
wrapper = ${rootdirectory:bin}/rdiffbackup-server
rdiffbackup-binary = {{buildout}}/rdiff-backup
[request-apache-backup-1]
<= slap-connection
recipe = slapos.cookbook:request
name = Apache Backup 1
software-url = ${slap-connection:software-release-url}
software-type = apache-backup
return = url ssh-url ssh-public-key
config = authorized-key proxy-url
config-authorized-key = ${request-pull-backup-server:connection-ssh-key}
config-proxy-url = ${publish-connection-informations:url}
[request-apache-backup-2]
<= slap-connection
recipe = slapos.cookbook:request
name = Apache Backup 2
software-url = ${slap-connection:software-release-url}
software-type = apache-backup
return = url ssh-url ssh-public-key
config = authorized-key proxy-url
config-authorized-key = ${request-pull-backup-server:connection-ssh-key}
config-proxy-url = ${publish-connection-informations:url}
[request-pull-backup-server-apache-1]
<= request-pbs-common
name = PBS pulling from Apache 1
config = url name type server-key notify notification-id frequency
config-url = ssh://nobody@[${dropbear-server:host}]:${dropbear-server:port}/${rdiff-backup-server:path}
config-name = ${slap-connection:computer-id}-${slap-connection:partition-id}-apache
config-type = pull
config-server-key = ${sshkeys-dropbear:public-key-value}
config-notify = ${request-pull-backup-server:connection-notification-url}
config-notification-id = ${slap-connection:computer-id}-${slap-connection:partition-id}-apache-pull
config-frequency = 30 * * * *
slave = true
sla = instance_guid
sla-instance_guid = ${request-pull-backup-server:instance_guid}
[request-pull-backup-server-apache-2]
<= request-pbs-common
name = PBS pulling from Apache 2
config = url name type server-key notify notification-id frequency
config-url = ssh://nobody@[${dropbear-server:host}]:${dropbear-server:port}/${rdiff-backup-server:path}
config-name = ${slap-connection:computer-id}-${slap-connection:partition-id}-apache
config-type = pull
config-server-key = ${sshkeys-dropbear:public-key-value}
config-notify = ${request-pull-backup-server:connection-notification-url}
config-notification-id = ${slap-connection:computer-id}-${slap-connection:partition-id}-apache-pull
config-frequency = 30 * * * *
slave = true
sla = instance_guid
sla-instance_guid = ${request-pull-backup-server:instance_guid}
[request-pull-backup-server-apache-backup-1]
{{ replicated.replicate("apache", "3", "apache-export", "apache-import") }}
<= request-pbs-common
name = PBS pushing to ${request-apache-backup-1:name}
config = url name type server-key on-notification
config-url = ${request-apache-backup-1:connection-ssh-url}
config-name = ${request-pull-backup-server-apache-1:config-name}
config-type = push
config-server-key = ${request-apache-backup-1:connection-ssh-public-key}
config-on-notification = ${request-pull-backup-server:connection-feeds-url}${request-pull-backup-server-apache-1:config-notification-id}
slave = true
sla = instance_guid
sla-instance_guid = ${request-pull-backup-server:instance_guid}
[request-pull-backup-server-apache-backup-2]
# Bubble up the parameters
<= request-pbs-common
[request-apache]
name = PBS pushing to ${request-apache-backup-2:name}
return = url ssh-public-key ssh-url notification-id ip url backend_url
config = url name type server-key on-notification
config-url = ${request-apache-backup-2:connection-ssh-url}
config-name = ${request-pull-backup-server-apache-2:config-name}
config-type = push
config-server-key = ${request-apache-backup-2:connection-ssh-public-key}
config-on-notification = ${request-pull-backup-server:connection-feeds-url}${request-pull-backup-server-apache-2:config-notification-id}
slave = true
sla = instance_guid
sla-instance_guid = ${request-pull-backup-server:instance_guid}
[publish-connection-informations]
recipe = slapos.cookbook:publish
backend_url = ${request-apache:connection-backend_url}
url = ${request-apache:connection-url}
[directory]
ssh = ${rootdirectory:etc}/ssh
sshkeys = ${rootdirectory:srv}/sshkeys
stack/lamp/instance.cfg.in
View file @
14a83ba7
...
@@ -14,7 +14,8 @@ resilient = ${instance-resilient:rendered}
...
@@ -14,7 +14,8 @@ resilient = ${instance-resilient:rendered}
mariadb = ${instance-mariadb:output}
mariadb = ${instance-mariadb:output}
mariadb-import = ${instance-mariadb-import:output}
mariadb-import = ${instance-mariadb-import:output}
mariadb-export = ${instance-mariadb-export:output}
mariadb-export = ${instance-mariadb-export:output}
apache-backup = ${instance-apache-backup:output}
apache-import = ${instance-apache-import:output}
apache-export = ${instance-apache-export:rendered}
#frozen creates a syntax error, meaning it can keep its data.
#frozen creates a syntax error, meaning it can keep its data.
#It's dirty as hell, it needs to be replaced.
#It's dirty as hell, it needs to be replaced.
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment