Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos-caddy
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Guillaume Hervier
slapos-caddy
Commits
8d221be7
Commit
8d221be7
authored
Jul 22, 2015
by
Alain Takoudjou
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
kvm-cluster: setup apache http server for sharing files with vms
parent
80b99e40
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
68 additions
and
45 deletions
+68
-45
software/kvm/common.cfg
software/kvm/common.cfg
+6
-5
software/kvm/instance-kvm-cluster.cfg.jinja2.in
software/kvm/instance-kvm-cluster.cfg.jinja2.in
+26
-32
software/kvm/instance-kvm-http.cfg.in
software/kvm/instance-kvm-http.cfg.in
+19
-4
software/kvm/instance-kvm.cfg.jinja2
software/kvm/instance-kvm.cfg.jinja2
+1
-1
software/kvm/instance.cfg.in
software/kvm/instance.cfg.in
+1
-0
software/kvm/template/apache.conf.in
software/kvm/template/apache.conf.in
+15
-3
No files found.
software/kvm/common.cfg
View file @
8d221be7
...
...
@@ -87,7 +87,7 @@ command =
[template]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
md5sum =
cf67212d3155767d0d0d8a6d75d2d8ad
md5sum =
3bca2c959d19881270c64f94ad1ebba8
output = ${buildout:directory}/template.cfg
mode = 0644
...
...
@@ -95,7 +95,7 @@ mode = 0644
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/instance-kvm.cfg.jinja2
mode = 644
md5sum =
55eb9cb0d85dedbda0f03986cef261db
md5sum =
ea1e8f4a7c1878beec83267fd40728c2
download-only = true
on-update = true
...
...
@@ -103,7 +103,7 @@ on-update = true
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/instance-kvm-cluster.cfg.jinja2.in
mode = 644
md5sum =
1e4d8eade6d291480e5112ef9f31f031
md5sum =
5a864099760e3a37fa4604044d708657
download-only = true
on-update = true
...
...
@@ -173,7 +173,7 @@ recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/template/apache.conf.in
mode = 644
filename = apache.conf.in
md5sum =
91f05377aff35ffbac7f2687e90b5dcc
md5sum =
e9c9fd88d71e9dc7416149af5bcfb951
download-only = true
on-update = true
...
...
@@ -191,9 +191,10 @@ recipe = slapos.recipe.template:jinja2
filename = template-httpd.cfg
template = ${:_profile_base_location_}/instance-kvm-http.cfg.in
rendered = ${buildout:parts-directory}/${:_buildout_section_name_}/instance-kvm-http.cfg
md5sum =
84b96dfc78e8d2611bf7210b8b6bb9c5
md5sum =
fc8b3259942d6dedbc01065358a00d71
context =
key apache_location apache:location
raw openssl_executable_location ${openssl:location}/bin/openssl
raw template_apache_conf ${template-apache-conf:location}/${template-apache-conf:filename}
software/kvm/instance-kvm-cluster.cfg.jinja2.in
View file @
8d221be7
...
...
@@ -66,19 +66,19 @@ config-data-to-vm = {{ dumps(kvm_parameter_dict.get('data-to-vm', '')) }}
{% endif -%}
# Enable simple http server on ipv6 so all VMs will access it
config-document-host = ${
http-server:host
}
config-document-port = ${
http-server
:port}
config-document-path = ${h
ttp-server:path
}
config-document-host = ${
apache-conf:ip
}
config-document-port = ${
apache-conf
:port}
config-document-path = ${h
ash-code:passwd
}
return =
backend-url
url
{% if
use_nat
.lower() -%}
{% if
str(use_nat)
.lower() -%}
{% for port in nat_rules_list -%}
{{ ' ' }}nat-rule-url-{{ port }}
{% endfor -%}
{% endif -%}
{% if
kvm_parameter_dict.get('use-tap', 'True'
).lower() == 'true' -%}
{% if
str(kvm_parameter_dict.get('use-tap', 'True')
).lower() == 'true' -%}
{{ ' ' }}tap-ipv4
{% do publish_dict.__setitem__('lan-' ~ instance_name, '${' ~ section ~ ':connection-tap-ipv4}') -%}
...
...
@@ -135,6 +135,11 @@ sla-instance_guid = {{ slave_frontend_iguid }}
{% endfor %}
# Enable simple http server on ipv6 so all VMs will access it
[hash-code]
recipe = slapos.cookbook:generate.password
storage-path = ${directory:etc}/code
bytes = 24
[directory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
...
...
@@ -144,34 +149,19 @@ var = ${buildout:directory}/var
log = ${:var}/log
scripts = ${:etc}/run
services = ${:etc}/service
documen
t = ${:srv}/document
webroo
t = ${:srv}/document
promises = ${:etc}/promise
ssl = ${:etc}/ssl
[http-ssl]
recipe = plone.recipe.command
command = "{{ openssl_executable_location }}" req -newkey rsa -batch -new -x509 -days 3650 -nodes -keyout "${:key}" -out "${:cert}"
key = ${directory:ssl}/key
cert = ${directory:ssl}/cert
update-command =
stop-on-error = true
[http-server]
recipe = slapos.cookbook:simplehttpserver
host = {{ ipv6 }}
[directory-doc]
recipe = slapos.cookbook:mkdirectory
document = ${directory:webroot}/${hash-code:passwd}
[apache-conf]
denied-root-access = true
root = ${directory:webroot}/
index = ${directory:webroot}/${hash-code:passwd}
port = 9002
base-path = ${directory:document}
wrapper = ${directory:services}/simple-http-server
log-file = ${directory:log}/http.log
cert-file = ${http-ssl:cert}
key-file = ${http-ssl:key}
use-hash-url = true
[http-promise]
recipe = slapos.cookbook:check_port_listening
path = ${directory:promises}/http-server
hostname = ${http-server:host}
port = ${http-server:port}
{% if len(kvm_hostname_list) -%}
{% do part_list.append('write-vm-hostname') -%}
...
...
@@ -179,7 +169,7 @@ port = ${http-server:port}
recipe = slapos.recipe.template:jinja2
template = {{ template_content }}
filename = hosts
rendered = ${
http-server:root-dir
}/${:filename}
rendered = ${
directory:webroot}/${hash-code:passwd
}/${:filename}
context =
raw content_list {{ kvm_hostname_list | join('#') }}
raw sep #
...
...
@@ -207,10 +197,14 @@ recipe = slapos.cookbook:publish
{{ name }} = {{ value }}
{% endfor %}
[buildout]
extends =
{{ template_httpd_cfg }}
parts =
http
-server
http-promise
http
d
http
d
-promise
publish
directory-doc
# Complete parts with sections
{{ part_list | join('\n ') }}
...
...
software/kvm/instance-kvm-http.cfg.in
View file @
8d221be7
...
...
@@ -14,33 +14,48 @@ log = ${:var}/log
services = ${:etc}/service
promises = ${:etc}/promise
run = ${:var}/run
document = ${:srv}/document
ssl = ${:etc}/ssl
[apache-conf]
recipe = slapos.recipe.template:jinja2
template = {{ template_apache_conf }}
rendered = ${directory:etc}/apache.conf
#ipv6
= ${slap-network-information:global-ipv6}
ipv4 = ${slap-network-information:local-ipv4}
ip
= ${slap-network-information:global-ipv6}
#
ipv4 = ${slap-network-information:local-ipv4}
port = ${slap-parameter:httpd-port}
error-log = ${directory:log}/apache-error.log
access-log = ${directory:log}/apache-access.log
pid-file = ${directory:run}/apache.pid
index = ${directory:public}
root = {:index}
denied-root-access = false
context =
key port :port
key ip :ip
v4
key ip :ip
key access_log :access-log
key error_log :error-log
key pid_file :pid-file
key index_folder :index
key cert httpd-ssl:cert
key key httpd-ssl:key
key document_root :root
[httpd]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:services}/httpd
command-line = "{{ apache_location }}/bin/httpd" -f "${apache-conf:rendered}" -DFOREGROUND
[httpd-ssl]
recipe = plone.recipe.command
command = "{{ openssl_executable_location }}" req -newkey rsa -batch -new -x509 -days 3650 -nodes -keyout "${:key}" -out "${:cert}"
key = ${directory:ssl}/key
cert = ${directory:ssl}/cert
update-command =
stop-on-error = true
[httpd-promise]
recipe = slapos.cookbook:check_port_listening
path = ${directory:promises}/apache-httpd
hostname = ${apache-conf:ip
v4
}
hostname = ${apache-conf:ip}
port = ${apache-conf:port}
\ No newline at end of file
software/kvm/instance-kvm.cfg.jinja2
View file @
8d221be7
...
...
@@ -135,7 +135,7 @@ external-disk-number = ${slap-parameter:external-disk-number}
external-disk-size = ${slap-parameter:external-disk-size}
external-disk-format = ${slap-parameter:external-disk-format}
{% if enable_http == 'tue' or ( use_tap == 'true' and tap_network_dict.has_key('ipv4') ) -%}
{% if enable_http == 't
r
ue' or ( use_tap == 'true' and tap_network_dict.has_key('ipv4') ) -%}
httpd-port = ${slap-parameter:httpd-port}
{% else -%}
httpd-port = 0
...
...
software/kvm/instance.cfg.in
View file @
8d221be7
...
...
@@ -67,6 +67,7 @@ filename = template-kvm-cluster.cfg
extra-context =
section parameter_dict dynamic-template-kvm-cluster-parameters
raw template_content ${template-content:location}/${template-content:filename}
raw template_httpd_cfg ${template-httpd:rendered}
[dynamic-template-kvm]
recipe = slapos.recipe.template:jinja2
...
...
software/kvm/template/apache.conf.in
View file @
8d221be7
...
...
@@ -27,6 +27,17 @@ ServerTokens Prod
ServerSignature Off
TraceEnable Off
SSLEngine on
SSLCertificateFile {{ cert }}
SSLCertificateKeyFile {{ key }}
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLProtocol All -SSLv2
SSLProxyEngine On
DocumentRoot {{ document_root }}
ErrorLog "{{ error_log }}"
# Default apache log format with request time in microsecond at the end
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D" combined
...
...
@@ -40,10 +51,11 @@ SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
Require all denied
</Directory>
DocumentRoot {{ index_folder }}
<Directory {{ index_folder }}>
Options Indexes FollowSymLinks
Require ip {{ ip }}
#
Require ip {{ ip }}
# Require env forwarded '{{ ip }}'
Require all denied
# Require all denied
AllowOverride None
Require all granted
</Directory>
\ No newline at end of file
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment