instance-runner.cfg 16.4 KB
Newer Older
1 2
[buildout]
parts =
3 4
  nginx_conf
  nginx-launcher
5
  cloud9
6 7
  certificate-authority
  ca-nginx
8
  ca-node-frontend
9
  ca-shellinabox
10 11
  gunicorn-launcher
  gunicorn-graceful
12
  test-runner
13
  sshkeys-dropbear-runner
14
  dropbear-server-add-authorized-key
15
  sshkeys-authority
16
  publish-connection-informations
17 18 19
  slaprunner-promise
  slaprunner-frontend-promise
  cloud9-promise
20
  cloud9-frontend-promise
21
  dropbear-promise
22
  shellinabox-promise
23
  symlinks
24 25 26
  request-cloud9-frontend
  node-frontend-promise
  nginx-promise
27
  shellinabox
28
  slapos-cfg
29
  slapos-repo-config
30
  prepare-software
31 32 33 34 35

eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true

36
# Create all needed directories
37
[directory]
38 39 40 41 42
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc/
var = $${buildout:directory}/var/
srv = $${buildout:directory}/srv/
bin = $${buildout:directory}/bin/
43
tmp = $${buildout:directory}/tmp/
44

45 46 47 48 49 50 51 52 53
sshkeys = $${:srv}/sshkeys
services = $${:etc}/service/
scripts = $${:etc}/run/
ssh = $${:etc}/ssh/
log = $${:var}/log/
run = $${:var}/run/
backup = $${:srv}/backup/
promises = $${:etc}/promise/
test = $${:etc}/test/
54
nginx-data = $${directory:srv}/nginx
55
ca-dir = $${:srv}/ssl
56
project = $${:srv}/runner/project/
57 58 59

[runnerdirectory]
recipe = slapos.cookbook:mkdirectory
60 61
home = $${directory:srv}/runner/
test = $${directory:srv}/test/
62 63 64
project = $${:home}/project
software-root = $${:home}/software
instance-root = $${:home}/instance
65 66 67
project-test = $${:test}/project
software-test = $${:test}/software
instance-test = $${:test}/instance
68
sessions = $${buildout:directory}/.sessions
69

70 71
#Create password recovery code for slaprunner
[recovery-code]
72
recipe = slapos.cookbook:generate.password
73
storage-path = $${directory:etc}/.rcode
74 75
bytes = 4

76 77 78
# Deploy cloud9 and slaprunner
[cloud9]
recipe = slapos.cookbook:cloud9
79
ip = $${slap-network-information:local-ipv4}
80
port = 4443
81
wrapper = $${directory:services}/cloud9
82 83
working-directory = $${runnerdirectory:home}
git-binary = ${git:location}/bin/git
84
node-binary = ${nodejs-0.6:location}/bin/node
85
cloud9 = ${cloud9:executable}
86 87

[slaprunner]
88 89 90 91 92
slaprunner = ${buildout:directory}/bin/slaprunner
slapgrid_sr = ${buildout:directory}/bin/slapgrid-sr
slapgrid_cp = ${buildout:directory}/bin/slapgrid-cp
slapproxy = ${buildout:directory}/bin/slapproxy
supervisor = ${buildout:directory}/bin/slapgrid-supervisorctl
93
git-binary = ${git:location}/bin/git
94
slapos.cfg = $${directory:etc}/slapos.cfg
95 96 97 98
working-directory = $${runnerdirectory:home}
project-directory = $${runnerdirectory:project}
software-directory = $${runnerdirectory:software-root}
instance-directory = $${runnerdirectory:instance-root}
99 100 101
etc_dir = $${directory:etc}
log_dir =  $${directory:log}
run_dir = $${directory:run}
102 103 104
ssh_client = $${sshkeys-dropbear-runner:wrapper}
public_key = $${sshkeys-dropbear-runner:public-key}
private_key = $${sshkeys-dropbear-runner:private-key}
105 106
ipv4 = $${slap-network-information:local-ipv4}
ipv6 = $${slap-network-information:global-ipv6}
Jean-Baptiste Petre's avatar
Jean-Baptiste Petre committed
107
proxy_port = 50000
108
runner_port = 50005
109
partition-amount = $${slap-parameter:instance-amount}
110
cloud9-url = $${cloud9:access-url}
111
wrapper = $${directory:services}/slaprunner
112
debug = $${slap-parameter:debug}
113
access-url = https://[$${:ipv6}]:$${:runner_port} 
Nicolas Wavrant's avatar
Nicolas Wavrant committed
114 115
supd-temp-var = $${directory:etc}/supervisord.conf
prox-db-var = $${slaprunner:working-directory}/proxy.db
116 117 118
console = False
verbose = False
debug = False
119

120 121 122 123
[test-runner]
<= slaprunner
recipe = slapos.cookbook:slaprunner.test
slaprunnertest = ${buildout:directory}/bin/slaprunnertest
124
slapos.cfg = $${directory:etc}/slapos-test.cfg
125 126 127 128
working-directory = $${runnerdirectory:test}
project-directory = $${runnerdirectory:project-test}
software-directory = $${runnerdirectory:software-test}
instance-directory = $${runnerdirectory:instance-test}
129
proxy_port = 8602
130 131 132 133 134 135 136 137 138
wrapper = $${directory:bin}/runTestSuite
etc_dir = $${directory:test}


# Deploy dropbear (minimalist SSH server)
[sshkeys-directory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:sshkeys}/requests/
keys = $${directory:sshkeys}/keys/
139

140 141 142 143
[sshkeys-authority]
recipe = slapos.cookbook:sshkeys_authority
request-directory = $${sshkeys-directory:requests}
keys-directory = $${sshkeys-directory:keys}
144
wrapper = $${directory:services}/sshkeys_authority
145 146
keygen-binary = ${dropbear:location}/bin/dropbearkey

147
[dropbear-runner-server]
148 149
recipe = slapos.cookbook:dropbear
host = $${slap-network-information:global-ipv6}
150
port = 22222
151
home = $${directory:ssh}
152 153
wrapper = $${directory:bin}/runner_sshd
shell = ${bash:location}/bin/bash
154 155 156
rsa-keyfile = $${directory:ssh}/server_key.rsa
dropbear-binary = ${dropbear:location}/sbin/dropbear

157
[sshkeys-dropbear-runner]
158 159 160 161
<= sshkeys-authority
recipe = slapos.cookbook:sshkeys_authority.request
name = dropbear
type = rsa
162 163 164 165
executable = $${dropbear-runner-server:wrapper}
public-key = $${dropbear-runner-server:rsa-keyfile}.pub
private-key = $${dropbear-runner-server:rsa-keyfile}
wrapper = $${directory:services}/runner_sshd
166 167

[dropbear-server-add-authorized-key]
168
<= dropbear-runner-server
169 170 171
recipe = slapos.cookbook:dropbear.add_authorized_key
key = $${slap-parameter:authorized-key}

172 173 174 175 176 177 178 179 180
#---------------------
#--
#-- Set node frontend

[node-frontend]
launcher = $${directory:bin}/node-frontend
ip = $${slap-network-information:global-ipv6}
port = $${cloud9:port}
access-url = https://[$${:ip}]:$${:port}
181

182 183 184 185 186 187 188 189 190 191
[node-frontend-launcher]
recipe = slapos.recipe.template:jinja2
template = ${node-frontend-template:location}/${node-frontend-template:filename}
rendered = $${node-frontend:launcher}
mode = 700
context =
	key ip node-frontend:ip
	key port node-frontend:port
	key key ca-node-frontend:key-file
	key certificate ca-node-frontend:cert-file
192
	key backend_ip nginx-frontend:local-ip
193 194 195 196 197 198 199
	key backend_port nginx-frontend:port
	raw shell_path ${bash:location}/bin/bash
	raw node_env ${buildout:parts-directory}:${npm-modules:location}/node_modules
	raw node_path ${nodejs:location}/bin/node
	raw conf_path ${simple-proxy:location}/${simple-proxy:filename}

#---------------------------
200
#--
201 202
#-- Set nginx frontend

203 204 205 206 207 208 209 210 211 212 213 214
[tempdirectory]
recipe = slapos.cookbook:mkdirectory
client_body_temp_path = $${directory:tmp}/client_body_temp_path
proxy_temp_path = $${directory:tmp}/proxy_temp_path
fastcgi_temp_path = $${directory:tmp}/fastcgi_temp_path
uwsgi_temp_path = $${directory:tmp}/uwsgi_temp_path
scgi_temp_path = $${directory:tmp}/scgi_temp_path

[nginx-frontend]
# Options
nb_workers = 2
# Network
215
local-ip = $${slap-network-information:local-ipv4}
216
port = 30001
217 218
global-ip = $${slap-network-information:global-ipv6}
global-port = $${slaprunner:runner_port}
219
# Backend
220 221 222 223
cloud9-ip = $${cloud9:ip}
cloud9-port = $${cloud9:port}
runner-ip = $${slaprunner:ipv4}
runner-port = $${slaprunner:runner_port}
224 225 226 227 228 229 230 231
# SSL
ssl-certificate = $${ca-nginx:cert-file}
ssl-key = $${ca-nginx:key-file}
# Log
path_pid = $${directory:run}/nginx.pid
path_log = $${directory:log}/nginx.log
path_access_log = $${directory:log}/nginx.access.log
path_error_log = $${directory:log}/nginx.error.log
232
path_tmp = $${directory:tmp}/
233 234 235 236
# Config files
path_nginx_conf = $${directory:etc}/nginx.conf
# Executables
bin_nginx = ${nginx:location}/sbin/nginx
237
bin_launcher = $${directory:bin}/launcher
238 239
# Utils
path_shell = ${dash:location}/bin/dash
240 241
# Misc.
etc_dir = $${directory:etc}
242 243 244 245 246 247 248


[nginx_conf]
recipe = slapos.recipe.template:jinja2
template = ${template_nginx_conf:location}/${template_nginx_conf:filename}
rendered = $${nginx-frontend:path_nginx_conf}
context =
249
    key shellinabox_port shellinabox:port
250
    key socket gunicorn:socket
251 252 253 254 255 256 257 258 259 260 261
    section param_nginx_frontend nginx-frontend
    section param_tempdir tempdirectory

[nginx-launcher]
recipe = slapos.recipe.template:jinja2
template = ${template_launcher:location}/${template_launcher:filename}
rendered = $${nginx-frontend:bin_launcher}
mode = 700
context =
    section param_nginx_frontend nginx-frontend

262 263 264 265
#--------------------
#--
#-- WSGI

266
[gunicorn]
267 268 269 270 271 272 273 274
bin_gunicorn = $${directory:bin}/gunicorn
bin_launcher = $${directory:services}/gunicorn
path_shell = ${dash:location}/bin/dash
socket = $${directory:tmp}/flaskserver.sock
path_pid = $${directory:run}/gunicorn.pid

[gunicorn-launcher]
recipe = slapos.cookbook:wrapper
275 276
command-line = $${gunicorn:bin_gunicorn} slapos.runner:app -p $${gunicorn:path_pid} -b unix:$${gunicorn:socket} -e RUNNER_CONFIG=$${slaprunner:slapos.cfg} --preload
wrapper-path = $${gunicorn:bin_launcher}
277 278 279 280 281
environment = PATH=$${environ:PATH}
  RUNNER_CONFIG=$${slaprunner:slapos.cfg}

[gunicorn-graceful]
recipe = slapos.cookbook:wrapper
282
command-line = $${directory:bin}/killpidfromfile $${gunicorn:path_pid} SIGHUP
283 284
wrapper-path = $${directory:scripts}/gunicorn-graceful

285
#--------------------
286
#--
287
#-- ssl certificates
288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312

[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${directory:ca-dir}
requests-directory = $${cadirectory:requests}
wrapper = $${directory:services}/certificate_authority
ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts}
ca-crl = $${cadirectory:crl}

[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:ca-dir}/requests/
private = $${directory:ca-dir}/private/
certs = $${directory:ca-dir}/certs/
newcerts = $${directory:ca-dir}/newcerts/
crl = $${directory:ca-dir}/crl/

[ca-nginx]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = $${cadirectory:certs}/nginx_frontend.key
cert-file = $${cadirectory:certs}/nginx_frontend.crt
313 314
executable = $${nginx-launcher:rendered}
wrapper = $${directory:services}/nginx-frontend
315 316 317
# Put domain name
name = example.com

318 319 320 321 322 323 324 325 326
[ca-node-frontend]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = $${cadirectory:certs}/nodejs.key
cert-file = $${cadirectory:certs}/nodejs.crt
executable = $${node-frontend-launcher:rendered}
wrapper = $${directory:services}/node-frontend
# Put domain name
name = example.com
327

328 329 330 331 332
[ca-shellinabox]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
executable = $${shellinabox:wrapper}
wrapper = $${directory:services}/shellinaboxd
333 334
key-file = $${cadirectory:certs}/shellinabox.key
cert-file = $${cadirectory:certs}/shellinabox.crt
335
#--------------------
336 337
#--
#-- Request frontend
338

339 340
[request-frontend]
<= slap-connection
341
recipe = slapos.cookbook:requestoptional
342
name = SlapRunner Frontend
343 344 345
# XXX We have hardcoded SR URL here.
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
slave = true
346
config = url domain
347
config-url = $${slaprunner:access-url}
348
config-domain = $${slap-parameter:frontend-domain}
349
return = site_url domain
350

351 352 353 354 355 356
[request-cloud9-frontend]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = Cloud9 Frontend
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
slave = true
357
config = url domain
358
config-url = $${node-frontend:access-url}
359
config-domain = $${slap-parameter:cloud9-frontend-domain}
360
return = site_url domain
361

362
#--------------------------------------
363 364
#--
#-- Send informations to SlapOS Master
365

366 367
[publish-connection-informations]
recipe = slapos.cookbook:publish
368
1_info = Set your passord in slaprunner in order to access cloud9
369
backend_url = $${slaprunner:access-url}/login
370
url =  https://$${request-frontend:connection-domain}
371 372
cloud9_backend_url = $${node-frontend:access-url}
cloud9_url = https://$${request-cloud9-frontend:connection-domain}
373
ssh_command = ssh $${dropbear-runner-server:host} -p $${dropbear-runner-server:port}
374
shell_password = $${shellinabox:password}
375
password_recovery_code = $${recovery-code:passwd}
376

377 378 379
#---------------------------
#--
#-- Deploy promises scripts
Jean-Baptiste Petre's avatar
Jean-Baptiste Petre committed
380

381 382
[slaprunner-promise]
recipe = slapos.cookbook:check_port_listening
383
path = $${directory:promises}/slaprunner
384 385
hostname = $${slaprunner:ipv6}
port = $${slaprunner:runner_port}
Jean-Baptiste Petre's avatar
Jean-Baptiste Petre committed
386

387
[slaprunner-frontend-promise]
Jean-Baptiste Petre's avatar
Jean-Baptiste Petre committed
388
recipe = slapos.cookbook:check_url_available
389
path = $${directory:promises}/slaprunner_frontend
390
url = https://$${request-frontend:connection-domain}/login
Jean-Baptiste Petre's avatar
Jean-Baptiste Petre committed
391 392 393
dash_path = ${dash:location}/bin/dash
curl_path = ${curl:location}/bin/curl

394 395
[cloud9-promise]
recipe = slapos.cookbook:check_url_available
396
path = $${directory:promises}/cloud9
397
url = http://$${cloud9:ip}:$${cloud9:port}
398 399 400
dash_path = ${dash:location}/bin/dash
curl_path = ${curl:location}/bin/curl

401 402 403 404 405 406 407 408
[cloud9-frontend-promise]
recipe = slapos.cookbook:check_url_available
path = $${directory:promises}/cloud9-frontend-promise
url = $${publish-connection-informations:cloud9_url}
check-secure = 1
dash_path = ${dash:location}/bin/dash
curl_path = ${curl:location}/bin/curl

409 410 411 412 413 414 415 416 417
[node-frontend-promise]
recipe = slapos.cookbook:check_port_listening
path = $${directory:promises}/node-frontend
hostname = $${node-frontend:ip}
port = $${node-frontend:port}

[nginx-promise]
recipe = slapos.cookbook:check_port_listening
path = $${directory:promises}/nginx
418
hostname = $${nginx-frontend:local-ip}
419 420
port = $${nginx-frontend:port}

421 422
[dropbear-promise]
recipe = slapos.cookbook:check_port_listening
423
path = $${directory:promises}/dropbear
424 425
hostname = $${dropbear-runner-server:host}
port = $${dropbear-runner-server:port}
426

427 428 429 430 431 432
[shellinabox-promise]
recipe = slapos.cookbook:check_port_listening
path = $${directory:promises}/shellinabox
hostname = $${shellinabox:ipv6}
port = $${shellinabox:port}

433 434
[symlinks]
recipe = cns.recipe.symlink
435
symlink_target = $${directory:bin}
436
symlink_base = ${buildout:directory}/bin
437 438 439 440

[slap-parameter]
# Default value if no ssh key is specified
authorized-key =
441
# Default value of instances number in slaprunner
442
instance-amount = 10
443 444 445
debug = false
cloud9-frontend-domain =
frontend-domain =
446 447 448 449
slapos-repository = http://git.erp5.org/repos/slapos.git
slapos-software =
slapos-reference = master
auto-deploy = true
450

451 452 453 454 455 456 457 458 459 460 461 462 463 464 465
[slapos-cfg]
recipe = slapos.recipe.template:jinja2
template = ${slapos-cfg-template:location}/${slapos-cfg-template:filename}
rendered = $${slaprunner:slapos.cfg}
mode = 700
context =
  key software_root runnerdirectory:software-root
  key instance_root runnerdirectory:instance-root
  key ipv4 slaprunner:ipv4
  key proxy_port slaprunner:proxy_port
  key partition_amount slaprunner:partition-amount
  key slapgrid_sr slaprunner:slapgrid_sr 
  key slapgrid_cp slaprunner:slapgrid_cp
  key slapproxy slaprunner:slapproxy 
  key supervisor slaprunner:supervisor
Nicolas Wavrant's avatar
Nicolas Wavrant committed
466
  key supervisord_config slaprunner:supd-temp-var
467 468 469 470 471
  key runner_workdir slaprunner:working-directory
  key runner_port slaprunner:runner_port
  key ipv6 slaprunner:ipv6
  key etc_dir slaprunner:etc_dir
  key proxy_host slaprunner:ipv4
Nicolas Wavrant's avatar
Nicolas Wavrant committed
472
  key proxy_database slaprunner:prox-db-var
473 474 475 476 477 478 479
  key ssh_client slaprunner:ssh_client
  key public_key slaprunner:public_key
  key private_key slaprunner:private_key
  key git slaprunner:git-binary
  key cloud9_url slaprunner:cloud9-url
  key run_dir slaprunner:run_dir
  key log_dir slaprunner:log_dir
480 481 482
  key console slaprunner:console
  key verbose slaprunner:verbose
  key debug slaprunner:debug
483
  key auto_deploy slap-parameter:auto-deploy
484

485 486
[shellinabox]
recipe = slapos.cookbook:shellinabox
487
ipv6 = $${slap-network-information:global-ipv6}
488
port = 8080
489
shell = $${shell:wrapper}
490
wrapper = $${directory:bin}/shellinaboxd
491
shellinabox-binary = ${shellinabox:location}/bin/shellinaboxd 
492 493
password = $${shellinabox-code:passwd}
directory = $${runnerdirectory:home}
494
login-shell = $${directory:bin}/login
495 496 497
certificate-directory = $${cadirectory:certs}
cert-file = $${ca-shellinabox:cert-file}
key-file = $${ca-shellinabox:key-file}
498

499 500 501 502 503 504 505 506 507 508 509 510 511
[shellinabox-code]
recipe = slapos.cookbook:generate.password
storage-path = $${directory:etc}/.scode
bytes = 4

[shell]
recipe = slapos.cookbook:shell
wrapper = $${directory:bin}/sh
shell = ${bash:location}/bin/bash
home = $${runnerdirectory:home}
path = $${environ:PATH}
ps1 = "\\w> "

512 513 514
[environ]
recipe = collective.recipe.environment

515 516 517 518 519 520 521 522 523 524 525 526
[slapos-repo]
recipe = slapos.recipe.build:gitclone
repository = $${slap-parameter:slapos-repository}
git-executable = ${git:location}/bin/git
develop = true
location = $${directory:project}/slapos

[slapos-repo-config]
recipe = plone.recipe.command
stop-on-error = true
reference = $${slap-parameter:slapos-reference}
location = $${slapos-repo:location}
527
command = cd $${:location} && ${git:location}/bin/git checkout $${:reference} && echo "$${directory:etc}/.project" && SR=$${slap-parameter:slapos-software} && if [ -n "$SR" ] && [ ! -f "$${directory:etc}/.project" ]; then echo workspace/slapos/$${slap-parameter:slapos-software}/ > $${directory:etc}/.project; fi
528 529 530 531 532 533

[prepare-software]
recipe = slapos.cookbook:wrapper
command-line = ${curl:location}/bin/curl $${slaprunner:ipv4}:$${slaprunner:runner_port}/isSRReady --max-time 1
wrapper-path = $${directory:scripts}/prepareSoftware