[buildout]
extends =
  {{ template_monitor }}
  {{ logrotate_cfg }}
  {{ custom_application_template }}

parts =
  monitor-base
  certificate-authority
  logrotate-entry-apache
  promise

  php.ini-conf
  apache-php-service
  publish-connection-information
  {{ parameter_dict['application-part-list'] }}


eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true


#----------------
#--
#-- Creation of all needed directories.

[directory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
var = ${buildout:directory}/var
srv = ${buildout:directory}/srv
bin = ${buildout:directory}/bin
tmp = ${buildout:directory}/tmp
log = ${:var}/log
services = ${:etc}/service
scripts = ${:etc}/run
run = ${:var}/run
backup = ${:srv}/backup
promises = ${:etc}/promise
plugins = ${:etc}/plugin
httpd-log = ${:log}/apache
php-ini-dir = ${:etc}/php
tmp-php = ${:tmp}/php
upload-tmp = ${:tmp}/upload
www = ${:srv}/www/
apache.d = ${:etc}/apache.d

#----------------
#--
#-- Certificate stuff.

[ca-directory]
recipe = slapos.cookbook:mkdirectory
root = ${directory:srv}/ssl
requests = ${:root}/requests
private = ${:root}/private
certs = ${:root}/certs
newcerts = ${:root}/newcerts
crl = ${:root}/crl

[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = {{ openssl_location }}/bin/openssl
ca-dir = ${ca-directory:root}
requests-directory = ${ca-directory:requests}
wrapper = ${directory:bin}/certificate_authority
ca-private = ${ca-directory:private}
ca-certs = ${ca-directory:certs}
ca-newcerts = ${ca-directory:newcerts}
ca-crl = ${ca-directory:crl}

[certificate-authority-service]
recipe = slapos.cookbook:wrapper
command-line = ${certificate-authority:wrapper}
wrapper-path = ${directory:services}/certificate_authority
hash-existing-files = ${buildout:directory}/software_release/buildout.cfg

[ca-apache-php]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = ${apache-php-configuration:key-file}
cert-file = ${apache-php-configuration:cert-file}
executable = ${apache-php-wrapper:wrapper-path}
wrapper = ${directory:bin}/ca-apache-php

[apache-php-service]
recipe = slapos.cookbook:wrapper
command-line = ${ca-apache-php:wrapper}
wrapper-path = ${directory:services}/apache-php
hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
depends =
  ${copy-application:recipe}
  ${apache-graceful:recipe}

[copy-application]
recipe = plone.recipe.command
command = if [ -z "$(ls -A ${directory:www})" ]; then
    rm -rf ${directory:www};
    cp -ax {{ parameter_dict['application-location'] }}/ ${directory:www};
  fi
update-command = ${:command}
stop-on-error = true

[mariadb-urlparse]
recipe = slapos.cookbook:urlparse
url = {{ slapparameter_dict['database-list'][0] }}



#----------------
#--
#-- Common network parameters
[apache-network-configuration]
listening-ip = {{ (ipv6 | list)[0] }}
listening-port = 9988


#----------------
#--
#-- Deploy Apache + PHP application.

[apache-php-configuration]
document-root = ${directory:www}
pid-file = ${directory:run}/apache.pid
lock-file = ${directory:run}/apache.lock
ip = ${apache-network-configuration:listening-ip}
port = ${apache-network-configuration:listening-port}
url = https://[${:ip}]:${:port}/
error-log = ${directory:httpd-log}/error.log
access-log = ${directory:httpd-log}/access.log
log-dir = ${directory:httpd-log}
php-ini-dir = ${directory:php-ini-dir}
cert-file = ${ca-directory:certs}/httpd.crt
key-file = ${ca-directory:certs}/httpd.key
apache-config-dir = ${directory:apache.d}

[apache-php-conf]
recipe = slapos.recipe.template:jinja2
template = {{ parameter_dict['template-apache-conf'] }}
rendered = ${directory:etc}/apache.conf
context = 
  section parameter_dict apache-php-configuration
extensions = jinja2.ext.do
mode = 0644

[apache-php-wrapper]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:bin}/apache-wrapper
command-line = "{{ parameter_dict['apache-location'] }}/bin/httpd" -f "${apache-php-conf:rendered}" -DFOREGROUND
wait-for-files =
  ${ca-directory:certs}/httpd.crt
  ${ca-directory:certs}/httpd.key

[apache-graceful]
recipe = collective.recipe.template
output = ${directory:scripts}/apache-httpd-graceful
mode = 700
input = inline:
  #!/bin/sh
  kill -USR1 "$(cat '${apache-php-configuration:pid-file}')"

[logrotate-entry-apache]
<= logrotate-entry-base
name = apache
log = ${apache-php-configuration:log-dir}/*.log
frequency = daily
rotate-num = 30

[php.ini-configuration]
tmp-dir = ${directory:tmp-php}
php-upload-dir = ${directory:upload-tmp}

[php.ini-conf]
recipe = slapos.recipe.template:jinja2
template = {{ parameter_dict['template-php-ini'] }}
rendered = ${directory:php-ini-dir}/php.ini
context = 
  section parameter_dict php.ini-configuration
  section instance_dict instance-parameter
extensions = jinja2.ext.do
mode = 0644

[instance-parameter]
db-user = ${mariadb-urlparse:username}
db-password = ${mariadb-urlparse:password}
db-name = ${mariadb-urlparse:path}
db-host = ${mariadb-urlparse:host}
db-port = ${mariadb-urlparse:port}
document-root = ${apache-php-configuration:document-root}
backend-url = ${apache-php-configuration:url}
php-bin = {{ parameter_dict['apache-php-location'] }}/bin/php
php-ini = ${php.ini-conf:rendered}


#----------------
#--
#-- Publish instance parameters.

[publish-connection-information]
<= monitor-publish
recipe = slapos.cookbook:publish.serialised
backend-url = ${apache-php-configuration:url}


#----------------
#--
#-- Deploy promises scripts.
[promise-base]
recipe = slapos.cookbook:promise.plugin
eggs =
  slapos.toolbox
mode = 644
output = ${directory:plugins}/${:name}
content =
  from slapos.promise.plugin.${:module} import RunPromise

[promise]
# Check any apache port in ipv4, expect other ports and ipv6 to behave consistently
<= promise-base
module = check_port_listening
name = apache-httpd-port-listening.py
config-hostname = ${apache-php-configuration:ip}
config-port = ${apache-php-configuration:port}

[slap-parameter]
{% for key, value in slapparameter_dict.items() -%}
{{ key }} = {{ value }}
{% endfor -%}