Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Guillaume Hervier
slapos
Commits
6dfd3d62
Commit
6dfd3d62
authored
Mar 25, 2016
by
Alain Takoudjou
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
webrunner now use his own apache server
parent
4e15a53b
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
157 additions
and
68 deletions
+157
-68
software/slaprunner/common.cfg
software/slaprunner/common.cfg
+4
-12
software/slaprunner/httpd_conf.in
software/slaprunner/httpd_conf.in
+67
-8
software/slaprunner/instance-runner-export.cfg.in
software/slaprunner/instance-runner-export.cfg.in
+8
-1
software/slaprunner/instance-runner.cfg
software/slaprunner/instance-runner.cfg
+78
-47
No files found.
software/slaprunner/common.cfg
View file @
6dfd3d62
...
...
@@ -54,7 +54,7 @@ mode = 0644
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner.cfg
output = ${buildout:directory}/template-runner.cfg.in
md5sum =
04f5cd311b452836b76808cf29f5a23d
md5sum =
c1c81a2042f262a52657da3d427222e4
mode = 0644
[template-runner-import-script]
...
...
@@ -84,7 +84,7 @@ mode = 0644
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner-export.cfg.in
output = ${buildout:directory}/instance-runner-export.cfg
md5sum =
d2c374858d421247dfabcf38589a904f
md5sum =
8f4912ca04a650298c3c260689109c2e
mode = 0644
[template-resilient]
...
...
@@ -114,7 +114,7 @@ mode = 0644
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/httpd_conf.in
download-only = true
md5sum =
61ac2dd5aeb5af9745d4c72d2571df8a
md5sum =
21009dac6e9868bed61a669632103830
filename = httpd_conf.in
mode = 0644
...
...
@@ -171,15 +171,6 @@ filename = listener_slapgrid.py.in
download-only = true
mode = 0644
[cors-domain-cgi]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/template/${:filename}
download-only = true
md5sum = d4c564267dd98cd178a890158c52c384
destination = ${buildout:parts-directory}/monitor-template-cors-domain-cgi
filename = cors-domain.jinja
mode = 0644
[monitor-check-webrunner-internal-instance]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/template/${:filename}
...
...
@@ -193,6 +184,7 @@ mode = 0644
recipe = zc.recipe.egg
eggs =
collective.recipe.environment
collective.recipe.template
cns.recipe.symlink
erp5.util
lock-file
...
...
software/slaprunner/httpd_conf.in
View file @
6dfd3d62
PidFile "{{ parameters.path_pid }}"
ServerName example.com
ServerAdmin someone@email
<IfDefine !HTTPDPort>
Listen [{{ parameters.global_ip }}]:{{ parameters.global_port }}
Define HTTPDPort
</IfDefine>
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule mime_module modules/mod_mime.so
#LoadModule cgid_module modules/mod_cgid.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule alias_module modules/mod_alias.so
LoadModule env_module modules/mod_env.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule headers_module modules/mod_headers.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule cache_module modules/mod_cache.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule dir_module modules/mod_dir.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule autoindex_module modules/mod_autoindex.so
ErrorLog "{{ parameters.path_error_log }}"
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog "{{ parameters.path_access_log }}" common
# SSL Configuration
Define SSLConfigured
SSLCertificateFile {{ parameters.cert_file }}
SSLCertificateKeyFile {{ parameters.key_file }}
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLRandomSeed startup /dev/urandom 256
SSLRandomSeed connect builtin
SSLProtocol -ALL +SSLv3 +TLSv1
SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH
SSLEngine On
Include {{ parameters.httpd_cors_file }}
Header set Access-Control-Allow-Credentials "true"
Header set Access-Control-Allow-Methods "PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST"
Header set Access-Control-Allow-Headers "Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Authorization"
DocumentRoot {{ parameters.runner_home }}/public
Alias /web-public {{ parameters.runner_home }}/public
# Directory protection
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
Alias /public {{ parameters.runner_home }}/public
<Directory {{ parameters.runner_home }}/public>
Order Allow,Deny
Allow from all
...
...
@@ -17,20 +77,20 @@ Alias /web-public {{ parameters.runner_home }}/public
</Files>
</Directory>
Alias /shared {{ parameters.runner_home }}
DavLockDB {{ parameters.dav_lock }}
Alias /share {{ parameters.runner_home }}
<Directory {{ parameters.runner_home }}>
DirectoryIndex disabled
DAV On
Options Indexes FollowSymLinks
AuthType Basic
AuthName "
webd
av"
AuthUserFile "{{ parameters.
etc_dir }}/monitor-htpasswd
"
AuthName "
Webrunner D
av"
AuthUserFile "{{ parameters.
htpasswd_file }}
"
<LimitExcept OPTIONS>
Require valid-user
</LimitExcept>
</Directory>
SetEnv GIT_HTTP_EXPORT_ALL
ScriptAlias /git/ {{ parameters.git_http_backend }}/
ScriptAlias /git-public/ {{ parameters.git_http_backend }}/
...
...
@@ -45,7 +105,7 @@ RewriteCond %{REQUEST_URI} /git-receive-pack$
AuthType Basic
AuthName "Git Access"
AuthUserFile "{{ parameters.
etc_dir }}/monitor-htpasswd
"
AuthUserFile "{{ parameters.
htpasswd_file }}
"
Require valid-user
</LocationMatch>
...
...
@@ -56,8 +116,7 @@ RewriteCond %{REQUEST_URI} /git-receive-pack$
AuthType Basic
AuthName "Git Access"
AuthUserFile "{{ parameters.
etc_dir }}/monitor-htpasswd
"
AuthUserFile "{{ parameters.
htpasswd_file }}
"
Require valid-user
Satisfy any
</LocationMatch>
software/slaprunner/instance-runner-export.cfg.in
View file @
6dfd3d62
...
...
@@ -15,6 +15,8 @@ parts +=
publish-connection-information
slaprunner-promise
slaprunner-frontend-promise
apache-httpd-promise
httpd-frontend-promise
slaprunner-supervisord-wrapper
dropbear-promise
runtestsuite
...
...
@@ -22,11 +24,15 @@ parts +=
shellinabox
slapos-cfg
slapos-repo
cron-entry-backup
cron-entry-prepare-software
deploy-instance-parameters
instance-software
instance-software-type
minishell-cwd
bash-profile
supervisord-wrapper
supervisord-promise
httpd-graceful-wrapper
## Monitoring part
## Monitor for runner
monitor-check-resilient-feed-file
...
...
@@ -50,6 +56,7 @@ monitor-httpd-port = 8437
# Pass some parameter to dispay in monitoring interface
instance-configuration =
file recovery-code $${recovery-code:storage-path}
httpdcors cors-domain $${slaprunner-httpd-cors:location} $${httpd-graceful-wrapper:output}
raw webrunner-url https://$${request-frontend:connection-domain}
# Extends publish section with resilient parameters
...
...
software/slaprunner/instance-runner.cfg
View file @
6dfd3d62
...
...
@@ -12,6 +12,8 @@ parts =
publish-connection-information
slaprunner-promise
slaprunner-frontend-promise
apache-httpd-promise
httpd-frontend-promise
slaprunner-supervisord-wrapper
dropbear-promise
runtestsuite
...
...
@@ -27,6 +29,7 @@ parts =
bash-profile
supervisord-wrapper
supervisord-promise
httpd-graceful-wrapper
{% if slapparameter_dict.get('custom-frontend-backend-url') and slapparameter_dict.get('check-custom-frontend-promise', 'false') == 'true' %}
custom-frontend-promise
{% endif %}
...
...
@@ -298,39 +301,69 @@ context =
section param_nginx_frontend nginx-frontend
[httpd-parameters]
#path_pid = $${directory:run}/httpd.pid
#path_error_log = $${directory:log}/httpd-error.log
#path_access_log = $${directory:log}/httpd-access.log
#key_file = $${ca-httpd:key-file}
#cert_file = $${ca-httpd:cert-file}
path_pid = $${directory:run}/httpd.pid
path_error_log = $${directory:log}/httpd-error.log
path_access_log = $${directory:log}/httpd-access.log
# XXX Use ca-nginx, no need to regenerate certificate
cert_file = $${ca-nginx:cert-file}
key_file = $${ca-nginx:key-file}
global_ip = $${slap-network-information:global-ipv6}
global_port =
$${slaprunner:runner_port}
monitor
_port = $${monitor-parameters:port}
global_port =
8386
#httpd
_port = $${monitor-parameters:port}
#monitor_index = $${deploy-index:rendered}
#working_directory = $${slaprunner:working-directory}
#dav_lock = $${directory:var}/DavLock
working_directory = $${slaprunner:working-directory}
dav_lock = $${directory:var}/WebDavLock
htpasswd_file = $${monitor-httpd-conf-parameter:htpasswd-file}
etc_dir = $${directory:etc}
#
var_dir = $${directory:var}
#
project_folder = $${directory:project}
var_dir = $${directory:var}
project_folder = $${directory:project}
project_private_folder = $${runnerdirectory:private-project}
project_public_folder = $${runnerdirectory:public-project}
runner_home = $${runnerdirectory:home}
git_http_backend = ${git:location}/libexec/git-core/git-http-backend
#cgi_httpd_conf = $${monitor-httpd-configuration-file:rendered}
#httpd_cors_file = $${monito
r-httpd-cors:location}
httpd_cors_file = $${slaprunne
r-httpd-cors:location}
[httpd-conf]
recipe = slapos.recipe.template:jinja2
template = ${template_httpd_conf:location}/${template_httpd_conf:filename}
rendered = $${directory:etc}/httpd
-part
.conf
rendered = $${directory:etc}/httpd.conf
context =
section parameters httpd-parameters
#[cgi-httpd-wrapper]
#recipe = slapos.cookbook:wrapper
#apache-executable = ${apache:location}/bin/httpd
#wrapper-path = $${ca-httpd:executable}
#command-line = $${:apache-executable} -f $${httpd-conf:rendered} -DFOREGROUND
[apache-httpd]
recipe = slapos.cookbook:wrapper
apache-executable = ${apache:location}/bin/httpd
wrapper-path = $${directory:services}/slaprunner-httpd
command-line = $${:apache-executable} -f $${httpd-conf:rendered} -DFOREGROUND
access-url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:global_port}
wait-for-files =
$${ca-nginx:cert-file}
$${ca-nginx:key-file}
[httpd-graceful-wrapper]
recipe = collective.recipe.template
input = inline:
#!/bin/sh
exec kill -USR1 $(cat $${httpd-parameters:path_pid})
output = $${directory:scripts}/slaprunner-httpd-graceful
mode = 700
[apache-httpd-promise]
recipe = slapos.cookbook:check_url_available
path = $${directory:promises}/$${:filename}
filename = apache-httpd-listening-on-tcp
url = $${apache-httpd:access-url}
check-secure = 1
dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }}
[slaprunner-httpd-cors]
recipe = plone.recipe.command
command = if [ ! -f $${:location} ]; then touch $${:location}; fi
location = $${directory:etc}/$${:filename}
filename = slaprunner-httpd-cors.cfg
stop-on-error = true
#--------------------
#--
...
...
@@ -405,6 +438,25 @@ config-url = $${slaprunner:access-url}
config-domain = $${slap-parameter:frontend-domain}
return = site_url domain
[request-httpd-frontend]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = SlapRunner httpd Frontend
# XXX We have hardcoded SR URL here.
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
slave = true
config-url = $${apache-httpd:access-url}
config-domain =
return = secure_access domain
[httpd-frontend-promise]
recipe = slapos.cookbook:check_url_available
path = $${directory:promises}/slaprunner-apache-http-frontend
url = $${request-httpd-frontend:connection-secure_access}
dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }}
check-secure = 1
#--------------------------------------
#--
#-- Send information to SlapOS Master
...
...
@@ -417,10 +469,10 @@ backend_url = $${slaprunner:access-url}
access_url = $${:url}/login
url = https://$${request-frontend:connection-domain}
ssh_command = ssh $${dropbear-runner-server:host} -p $${dropbear-runner-server:port}
webdav_url = $${
:monitor-base-url
}/shared/
public_url = $${
:monitor-base-url}/web-
public/
git_public_url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:
monitor
_port}/git-public/
git_private_url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:
monitor
_port}/git/
webdav_url = $${
request-httpd-frontend:connection-secure_access
}/shared/
public_url = $${
request-httpd-frontend:connection-secure_access}/
public/
git_public_url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:
global
_port}/git-public/
git_private_url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:
global
_port}/git/
monitor-base-url = $${publish:monitor-base-url}
monitor-url = $${publish:monitor-url}
monitor-user = $${publish:monitor-user}
...
...
@@ -473,6 +525,8 @@ auto-deploy-instance = true
autorun = false
monitor-port = 9687
instance-name =
monitor-cors-domains =
monitor-interface-url =
[monitor-parameters]
port = $${slap-parameter:monitor-port}
...
...
@@ -682,12 +736,11 @@ opml-url-list = {{ slapparameter_dict['monitor-url-list'] }}
# Pass some parameter to dispay in monitoring interface
instance-configuration =
file recovery-code $${recovery-code:storage-path}
httpdcors cors-domain $${slaprunner-httpd-cors:location} $${httpd-graceful-wrapper:output}
raw webrunner-url https://$${request-frontend:connection-domain}
{% endif -%}
configuration-file-path = $${buildout:directory}/knowledge0.cfg
[monitor-httpd-conf-parameter]
httpd-include-file = $${httpd-conf:rendered}
[monitor-check-webrunner-internal-instance]
recipe = slapos.recipe.template:jinja2
template = ${monitor-check-webrunner-internal-instance:location}/${monitor-check-webrunner-internal-instance:filename}
...
...
@@ -695,25 +748,3 @@ rendered = $${monitor-directory:promises}/$${:filename}
filename = monitor-check-webrunner-internal-instance
mode = 0744
# XXX -not needed for monitor2
[monitor-deploy-cors-domain-cgi]
recipe = slapos.recipe.template:jinja2
template = ${cors-domain-cgi:location}/${cors-domain-cgi:filename}
rendered = $${monitor-directory:knowledge0-cgi}/$${:filename}
filename = cors-domain.cgi
mode = 0744
context =
raw config_cfg $${buildout:directory}/knowledge0.cfg
raw timestamp $${buildout:directory}/.timestamp
raw python_executable ${buildout:executable}
key apache_file httpd-parameters:httpd_cors_file
key pwd monitor-directory:knowledge0-cgi
key this_file :filename
key httpd_graceful cgi-httpd-graceful-wrapper:rendered
[monitor-httpd-cors-xx]
recipe = plone.recipe.command
command = if [ ! -f $${:location} ]; then touch $${:location}; fi
location = $${directory:etc}/$${:filename}
filename = httpd-cors.cfg
stop-on-error = true
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment