Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kwabena Antwi-Boasiako
slapos
Commits
e13f7c63
Commit
e13f7c63
authored
Apr 23, 2013
by
Marco Mariani
Browse files
Options
Browse Files
Download
Plain Diff
Merge remote-tracking branch 'origin/master' into zimbra
parents
0e3ec32b
e40afbc5
Changes
22
Hide whitespace changes
Inline
Side-by-side
Showing
22 changed files
with
310 additions
and
185 deletions
+310
-185
CHANGES.txt
CHANGES.txt
+13
-0
component/noVNC/buildout.cfg
component/noVNC/buildout.cfg
+1
-1
component/qemu-kvm/buildout.cfg
component/qemu-kvm/buildout.cfg
+8
-3
component/zabbix/buildout.cfg
component/zabbix/buildout.cfg
+2
-2
setup.py
setup.py
+1
-1
slapos/recipe/apache_frontend/__init__.py
slapos/recipe/apache_frontend/__init__.py
+45
-58
slapos/recipe/apache_frontend/template/apache.conf.in
slapos/recipe/apache_frontend/template/apache.conf.in
+20
-6
slapos/recipe/kvm_frontend/__init__.py
slapos/recipe/kvm_frontend/__init__.py
+2
-1
slapos/recipe/kvm_frontend/template/kvm-proxy.js
slapos/recipe/kvm_frontend/template/kvm-proxy.js
+63
-39
slapos/recipe/kvm_frontend/template/nodejs_run.in
slapos/recipe/kvm_frontend/template/nodejs_run.in
+1
-1
slapos/recipe/zabbixagent/__init__.py
slapos/recipe/zabbixagent/__init__.py
+7
-4
software/apache-frontend/README.apache_frontend.txt
software/apache-frontend/README.apache_frontend.txt
+7
-0
software/apache-frontend/common.cfg
software/apache-frontend/common.cfg
+5
-3
software/apache-frontend/instance.cfg
software/apache-frontend/instance.cfg
+47
-6
software/apache-frontend/software.cfg
software/apache-frontend/software.cfg
+57
-23
software/kvm/common.cfg
software/kvm/common.cfg
+4
-10
software/kvm/development.cfg
software/kvm/development.cfg
+10
-3
software/kvm/instance-frontend.cfg.in
software/kvm/instance-frontend.cfg.in
+13
-4
software/kvm/instance-kvm.cfg.in
software/kvm/instance-kvm.cfg.in
+3
-4
software/kvm/instance-kvmplus.cfg.in
software/kvm/instance-kvmplus.cfg.in
+0
-14
software/kvm/instance.cfg.in
software/kvm/instance.cfg.in
+0
-1
software/kvm/software.cfg
software/kvm/software.cfg
+1
-1
No files found.
CHANGES.txt
View file @
e13f7c63
Changes
=======
0.77.1 (2013-04-18)
-------------------
* Re-release of 0.77.0.
0.77.0 (2013-04-18)
-------------------
* Allow to pass extra parameters when creating simple wrapper. [Sebastien Robin]
* Apache frontend: Append all rewrite module options to http as well. [Cedric de Saint Martin]
* Apache frontend: Add https-only support. [Cedric de Saint Martin]
* Apache frontend: make logrotate work by using "generic" component. [Cedric de Saint Martin]
0.76.0 (2013-04-03)
-------------------
...
...
component/noVNC/buildout.cfg
View file @
e13f7c63
...
...
@@ -6,5 +6,5 @@ parts =
recipe = hexagonit.recipe.download
# Post-0.4 release from January 2013
url = http://github.com/kanaka/noVNC/zipball/3b2acc2258d36137a37edfbe0f03a3099189c49d
md5sum =
0d06abc20e59643e14fefe52b42daf60
md5sum =
a276be8fa193652bb5de8a271603f11f
strip-top-level-dir = true
component/qemu-kvm/buildout.cfg
View file @
e13f7c63
...
...
@@ -3,6 +3,7 @@ extends =
../../component/gnutls/buildout.cfg
../../component/libpng/buildout.cfg
../../component/libuuid/buildout.cfg
../../component/xorg/buildout.cfg
../../component/zlib/buildout.cfg
[kvm]
...
...
@@ -11,9 +12,11 @@ extends =
[qemu-kvm]
recipe = slapos.recipe.cmmi
url = http://downloads.sourceforge.net/project/kvm/qemu-kvm/1.2.0/qemu-kvm-1.2.0.tar.gz
md5sum = d7b18b673c48abfee65a9c0245df0415
# qemu-kvm and qemu are now the same since 1.3.
url = http://wiki.qemu-project.org/download/qemu-1.4.1.tar.bz2
md5sum = eb2d696956324722b5ecfa46e41f9a75
configure-options =
--target-list=""
--disable-sdl
--disable-xen
--enable-vnc-tls
...
...
@@ -24,9 +27,11 @@ configure-options =
--disable-docs
--enable-vnc-png
--disable-vnc-jpeg
--enable-vnc-ws
--extra-cflags="-I${gnutls:location}/include -I${libuuid:location}/include -I${zlib:location}/include -I${libpng:location}/include"
--extra-ldflags="-Wl,-rpath -Wl,${glib:location}/lib -L${glib:location}/lib -Wl,-rpath -Wl,${gnutls:location}/lib -L${gnutls:location}/lib -Wl,-rpath -Wl,${gpg-error:location}/lib -L${gpg-error:location}/lib -L${gettext:location}/lib -Wl,-rpath -Wl,${gettext:location}/lib -Wl,-rpath -Wl,${libpng:location}/lib -L${libpng:location}/lib -L${libuuid:location}/lib -Wl,-rpath -Wl,${libuuid:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -lpng -lz -lgnutls"
--disable-werror
environment =
PATH=${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${gnutls:location}/lib/pkgconfig:${glib:location}/lib/pkgconfig
PKG_CONFIG_PATH=${gnutls:location}/lib/pkgconfig:${glib:location}/lib/pkgconfig:${pixman:location}/lib/pkgconfig
component/zabbix/buildout.cfg
View file @
e13f7c63
...
...
@@ -4,8 +4,8 @@ parts =
[zabbix-agent]
recipe = slapos.recipe.cmmi
url = http://prdownloads.sourceforge.net/zabbix/zabbix-2.0.
1
.tar.gz?download
md5sum =
3b301aa4f2b7cb5ede46884b9c7873e1
url = http://prdownloads.sourceforge.net/zabbix/zabbix-2.0.
5
.tar.gz?download
md5sum =
0c0721c31889b63bce9aa556bcb927e8
configure-options =
--enable-agent
--enable-ipv6
setup.py
View file @
e13f7c63
...
...
@@ -28,7 +28,7 @@ from setuptools import setup, find_packages
import
glob
import
os
version
=
'0.7
6.1
.dev'
version
=
'0.7
7.2
.dev'
name
=
'slapos.cookbook'
long_description
=
open
(
"README.txt"
).
read
()
+
"
\
n
"
+
\
open
(
"CHANGES.txt"
).
read
()
+
"
\
n
"
...
...
slapos/recipe/apache_frontend/__init__.py
View file @
e13f7c63
...
...
@@ -36,6 +36,7 @@ import ConfigParser
import
re
import
traceback
TRUE_VALUES
=
[
'y'
,
'yes'
,
'1'
,
'true'
]
class
Recipe
(
BaseSlapRecipe
):
...
...
@@ -65,13 +66,13 @@ class Recipe(BaseSlapRecipe):
# self.cron_d is a directory, where cron jobs can be registered
self
.
cron_d
=
self
.
installCrond
()
self
.
logrotate_d
,
self
.
logrotate_backup
=
self
.
installLogrotate
()
self
.
killpidfromfile
=
zc
.
buildout
.
easy_install
.
scripts
(
[(
'killpidfromfile'
,
'slapos.
recipe.erp5
.killpidfromfile'
,
[(
'killpidfromfile'
,
'slapos.
toolbox
.killpidfromfile'
,
'killpidfromfile'
)],
self
.
ws
,
sys
.
executable
,
self
.
bin_directory
)[
0
]
self
.
path_list
.
append
(
self
.
killpidfromfile
)
rewrite_rule_list
=
[]
rewrite_rule_https_only_list
=
[]
rewrite_rule_zope_list
=
[]
rewrite_rule_zope_path_list
=
[]
slave_dict
=
{}
...
...
@@ -88,20 +89,16 @@ class Recipe(BaseSlapRecipe):
# Sanitize inputs
backend_url
=
slave_instance
.
get
(
"url"
,
None
)
reference
=
slave_instance
.
get
(
"slave_reference"
)
enable_cache
=
slave_instance
.
get
(
'enable_cache'
,
''
).
lower
()
in
TRUE_VALUES
slave_type
=
slave_instance
.
get
(
'type'
,
''
).
lower
()
or
None
if
slave_instance
.
haskey
(
"enable_cache"
):
enable_cache
=
slave_instance
.
get
(
"enable_cache"
,
""
).
upper
()
in
(
'1'
,
'TRUE'
)
else
:
enable_cache
=
False
if
slave_instance
.
haskey
(
"type"
):
slave_type
=
slave_instance
.
get
(
"type"
,
""
).
lower
()
else
:
slave_type
=
None
https_only
=
slave_instance
.
get
(
'https-only'
,
''
).
lower
()
in
TRUE_VALUES
# Set scheme (http? https?)
# Future work may allow to choose between http and https (or both?)
scheme
=
'http://'
if
https_only
:
scheme
=
'https://'
else
:
scheme
=
'http://'
self
.
logger
.
info
(
'Processing slave instance: %s'
%
reference
)
...
...
@@ -143,6 +140,10 @@ class Recipe(BaseSlapRecipe):
rewrite_rule
=
"%s %s"
%
(
domain
,
backend_url
)
# Finally, if successful, we add the rewrite rule to our list of rules
# We have 4 RewriteMaps:
# - One for generic (non-zope) websites, accepting both HTTP and HTTPS
# - One for generic websites that only accept HTTPS
# - Two for Zope-based websites
if
rewrite_rule
:
# We check if we have a zope slave. It requires different rewrite
# rule structure.
...
...
@@ -154,7 +155,10 @@ class Recipe(BaseSlapRecipe):
rewrite_rule_path
=
"%s %s"
%
(
domain
,
slave_instance
.
get
(
'path'
,
''
))
rewrite_rule_zope_path_list
.
append
(
rewrite_rule_path
)
else
:
rewrite_rule_list
.
append
(
rewrite_rule
)
if
https_only
:
rewrite_rule_https_only_list
.
append
(
rewrite_rule
)
else
:
rewrite_rule_list
.
append
(
rewrite_rule
)
# Certificate stuff
valid_certificate_str
=
self
.
parameter_dict
.
get
(
"domain_ssl_ca_cert"
)
...
...
@@ -186,6 +190,7 @@ class Recipe(BaseSlapRecipe):
plain_http_port
=
frontend_plain_http_port_number
,
name
=
frontend_domain_name
,
rewrite_rule_list
=
rewrite_rule_list
,
rewrite_rule_https_only_list
=
rewrite_rule_https_only_list
,
rewrite_rule_zope_list
=
rewrite_rule_zope_list
,
rewrite_rule_zope_path_list
=
rewrite_rule_zope_path_list
,
key
=
key
,
certificate
=
certificate
)
...
...
@@ -279,29 +284,6 @@ class Recipe(BaseSlapRecipe):
return
"%s http://%s:%s"
%
\
(
domain
,
varnish_ip
,
base_varnish_port
)
def
installLogrotate
(
self
):
"""Installs logortate main configuration file and registers its to cron"""
logrotate_d
=
os
.
path
.
abspath
(
os
.
path
.
join
(
self
.
etc_directory
,
'logrotate.d'
))
self
.
_createDirectory
(
logrotate_d
)
logrotate_backup
=
self
.
createBackupDirectory
(
'logrotate'
)
logrotate_conf
=
self
.
createConfigurationFile
(
"logrotate.conf"
,
"include %s"
%
logrotate_d
)
logrotate_cron
=
os
.
path
.
join
(
self
.
cron_d
,
'logrotate'
)
state_file
=
os
.
path
.
join
(
self
.
data_root_directory
,
'logrotate.status'
)
open
(
logrotate_cron
,
'w'
).
write
(
'0 0 * * * %s -s %s %s'
%
(
self
.
options
[
'logrotate_binary'
],
state_file
,
logrotate_conf
))
self
.
path_list
.
extend
([
logrotate_d
,
logrotate_conf
,
logrotate_cron
])
return
logrotate_d
,
logrotate_backup
def
registerLogRotation
(
self
,
name
,
log_file_list
,
postrotate_script
):
"""Register new log rotation requirement"""
open
(
os
.
path
.
join
(
self
.
logrotate_d
,
name
),
'w'
).
write
(
self
.
substituteTemplate
(
self
.
getTemplateFilename
(
'logrotate_entry.in'
),
dict
(
file_list
=
' '
.
join
([
'"'
+
q
+
'"'
for
q
in
log_file_list
]),
postrotate
=
postrotate_script
,
olddir
=
self
.
logrotate_backup
)))
def
requestCertificate
(
self
,
name
):
hash
=
hashlib
.
sha512
(
name
).
hexdigest
()
key
=
os
.
path
.
join
(
self
.
ca_private
,
hash
+
self
.
ca_key_ext
)
...
...
@@ -418,8 +400,7 @@ class Recipe(BaseSlapRecipe):
def
_getApacheConfigurationDict
(
self
,
name
,
ip_list
,
port
):
apache_conf
=
dict
()
apache_conf
[
'server_name'
]
=
name
apache_conf
[
'pid_file'
]
=
os
.
path
.
join
(
self
.
run_directory
,
name
+
'.pid'
)
apache_conf
[
'pid_file'
]
=
self
.
options
[
'pid-file'
]
apache_conf
[
'lock_file'
]
=
os
.
path
.
join
(
self
.
run_directory
,
name
+
'.lock'
)
apache_conf
[
'document_root'
]
=
os
.
path
.
join
(
self
.
data_root_directory
,
...
...
@@ -429,13 +410,8 @@ class Recipe(BaseSlapRecipe):
apache_conf
[
'ip_list'
]
=
ip_list
apache_conf
[
'port'
]
=
port
apache_conf
[
'server_admin'
]
=
'admin@'
apache_conf
[
'error_log'
]
=
os
.
path
.
join
(
self
.
log_directory
,
'frontend-apache-error.log'
)
apache_conf
[
'access_log'
]
=
os
.
path
.
join
(
self
.
log_directory
,
'frontend-apache-access.log'
)
self
.
registerLogRotation
(
name
,
[
apache_conf
[
'error_log'
],
apache_conf
[
'access_log'
]],
self
.
killpidfromfile
+
' '
+
apache_conf
[
'pid_file'
]
+
' SIGUSR1'
)
apache_conf
[
'error_log'
]
=
self
.
options
[
'error-log'
]
apache_conf
[
'access_log'
]
=
self
.
options
[
'access-log'
]
return
apache_conf
def
installVarnishCache
(
self
,
name
,
ip
,
port
,
control_port
,
backend_host
,
...
...
@@ -517,10 +493,13 @@ class Recipe(BaseSlapRecipe):
port
=
4443
,
plain_http_port
=
8080
,
rewrite_rule_list
=
None
,
rewrite_rule_zope_list
=
None
,
rewrite_rule_https_only_list
=
None
,
rewrite_rule_zope_path_list
=
None
,
access_control_string
=
None
):
if
rewrite_rule_list
is
None
:
rewrite_rule_list
=
[]
if
rewrite_rule_https_only_list
is
None
:
rewrite_rule_zope_path_list
=
[]
if
rewrite_rule_zope_list
is
None
:
rewrite_rule_zope_list
=
[]
if
rewrite_rule_zope_path_list
is
None
:
...
...
@@ -571,15 +550,22 @@ class Recipe(BaseSlapRecipe):
self
.
path_list
.
append
(
backup_cron
)
# Create configuration file and rewritemaps
apachemap_name
=
"apachemap.txt"
apachemapzope_name
=
"apachemapzope.txt"
apachemapzopepath_name
=
"apachemapzopepath.txt"
self
.
createConfigurationFile
(
apachemap_name
,
"
\
n
"
.
join
(
rewrite_rule_list
))
self
.
createConfigurationFile
(
apachemapzope_name
,
"
\
n
"
.
join
(
rewrite_rule_zope_list
))
self
.
createConfigurationFile
(
apachemapzopepath_name
,
"
\
n
"
.
join
(
rewrite_rule_zope_path_list
))
apachemap_path
=
self
.
createConfigurationFile
(
"apache_rewritemap_generic.txt"
,
"
\
n
"
.
join
(
rewrite_rule_list
)
)
apachemap_httpsonly_path
=
self
.
createConfigurationFile
(
"apache_rewritemap_httpsonly.txt"
,
"
\
n
"
.
join
(
rewrite_rule_https_only_list
)
)
apachemap_zope_path
=
self
.
createConfigurationFile
(
"apache_rewritemap_zope.txt"
,
"
\
n
"
.
join
(
rewrite_rule_zope_list
)
)
apachemap_zopepath_path
=
self
.
createConfigurationFile
(
"apache_rewritemap_zopepath.txt"
,
"
\
n
"
.
join
(
rewrite_rule_zope_path_list
)
)
apache_conf
=
self
.
_getApacheConfigurationDict
(
name
,
ip_list
,
port
)
apache_conf
[
'ssl_snippet'
]
=
self
.
substituteTemplate
(
...
...
@@ -606,9 +592,10 @@ class Recipe(BaseSlapRecipe):
apache_conf
.
update
(
**
dict
(
path_enable
=
path
,
apachemap_path
=
os
.
path
.
join
(
self
.
etc_directory
,
apachemap_name
),
apachemapzope_path
=
os
.
path
.
join
(
self
.
etc_directory
,
apachemapzope_name
),
apachemapzopepath_path
=
os
.
path
.
join
(
self
.
etc_directory
,
apachemapzopepath_name
),
apachemap_path
=
apachemap_path
,
apachemap_httpsonly_path
=
apachemap_httpsonly_path
,
apachemapzope_path
=
apachemap_zope_path
,
apachemapzopepath_path
=
apachemap_zopepath_path
,
apache_domain
=
name
,
https_port
=
port
,
plain_http_port
=
plain_http_port
,
...
...
slapos/recipe/apache_frontend/template/apache.conf.in
View file @
e13f7c63
...
...
@@ -60,8 +60,8 @@ BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
# The following directive disables redirects on non-GET requests for
# a directory that does not include the trailing slash. This fixes a
# problem with Microsoft WebFolders which does not appropriately handle
# a directory that does not include the trailing slash. This fixes a
# problem with Microsoft WebFolders which does not appropriately handle
# redirects for folders with DAV methods.
# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
...
...
@@ -84,7 +84,7 @@ MCacheRemovalAlgorithm LRU
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/x-javascript application/javascript
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent
...
...
@@ -104,10 +104,12 @@ Header append Vary User-Agent
# or changed when slapgrid is ran. It can be freely customized by node admin.
Include %(custom_apache_virtualhost_conf)s
# Define the two RewriteMaps (key -> value store): one for Zope, one generic
# Define the 3 RewriteMaps (key -> value store): one for Zope, one generic,
# one generic https only,
# containing: rewritten URL -> original URL (a.k.a VirtualHostBase in Zope)
RewriteMap apachemapzope txt:%(apachemapzope_path)s
RewriteMap apachemapgeneric txt:%(apachemap_path)s
RewriteMap apachemapgenerichttpsonly txt:%(apachemap_httpsonly_path)s
# Define another RewriteMap for Zope, containing:
# rewritten URL -> VirtualHostRoot
...
...
@@ -123,21 +125,32 @@ Header append Vary User-Agent
RewriteCond ${apachemapgeneric:%%{SERVER_NAME}} >""
# We suppose that Apache listens to 443 (even indirectly thanks to things like iptables)
RewriteRule ^/(.*)$ ${apachemapgeneric:%%{SERVER_NAME}}/$1 [L,P]
# Same for https only server
RewriteCond ${apachemapgenerichttpsonly:%%{SERVER_NAME}} >""
# We suppose that Apache listens to 443 (even indirectly thanks to things like iptables)
RewriteRule ^/(.*)$ ${apachemapgenerichttpsonly:%%{SERVER_NAME}}/$1 [L,P]
# If nothing exist : put a nice error
ErrorDocument 404 /notfound.html
</VirtualHost>
# Only accept generic (i.e not Zope) backends on http
<VirtualHost *:%(plain_http_port)s>
RewriteEngine On
SSLProxyEngine on
# Rewrite part
ProxyVia On
ProxyPreserveHost On
ProxyTimeout 600
RewriteEngine On
# Remove "Secure" from cookies, as backend may be https
Header edit Set-Cookie "(?i)^(.+);secure$" "$1"
# Include configuration file not operated by slapos. This file won't be erased
# or changed when slapgrid is ran. It can be freely customized by node admin.
Include %(custom_apache_virtualhost_conf)s
# We accept generic (i.e not lamp) backends on http
RewriteMap apachemapgeneric txt:%(apachemap_path)s
RewriteCond ${apachemapgeneric:%%{SERVER_NAME}} >""
RewriteRule ^/(.*)$ ${apachemapgeneric:%%{SERVER_NAME}}/$1 [L,P]
...
...
@@ -148,6 +161,7 @@ Header append Vary User-Agent
RewriteRule ^/(.*)$ https://%%{SERVER_NAME}%%{REQUEST_URI}
</VirtualHost>
# Include configuration file not operated by slapos. This file won't be erased
# or changed when slapgrid is ran. It can be freely customized by node admin.
Include %(custom_apache_conf)s
slapos/recipe/kvm_frontend/__init__.py
View file @
e13f7c63
...
...
@@ -107,7 +107,8 @@ class Recipe(GenericSlapRecipe):
http_redirect_server
=
''
config
=
dict
(
ip
=
self
.
options
[
'ip'
],
ipv6
=
self
.
options
[
'ipv6'
],
ipv4
=
self
.
options
[
'ipv4'
],
port
=
self
.
options
[
'port'
],
key
=
self
.
options
[
'ssl-key-path'
],
certificate
=
self
.
options
[
'ssl-cert-path'
],
...
...
slapos/recipe/kvm_frontend/template/kvm-proxy.js
View file @
e13f7c63
...
...
@@ -37,12 +37,13 @@ var fs = require('fs'),
httpProxy
=
require
(
'
http-proxy
'
),
proxyByUrl
=
require
(
'
proxy-by-url
'
);
var
listenInterface
=
process
.
argv
[
2
],
port
=
process
.
argv
[
3
],
sslKeyFile
=
process
.
argv
[
4
],
sslCertFile
=
process
.
argv
[
5
],
proxyTable
=
process
.
argv
[
6
],
redirect
=
process
.
argv
[
7
]
||
false
,
var
listenInterfacev6
=
process
.
argv
[
2
],
listenInterfacev4
=
process
.
argv
[
3
],
port
=
process
.
argv
[
4
],
sslKeyFile
=
process
.
argv
[
5
],
sslCertFile
=
process
.
argv
[
6
],
proxyTable
=
process
.
argv
[
7
],
redirect
=
process
.
argv
[
8
]
||
false
,
isRawIPv6
;
if
(
process
.
argv
.
length
<
7
)
{
...
...
@@ -50,11 +51,6 @@ if (process.argv.length < 7) {
process
.
exit
(
1
);
}
isRawIPv6
=
function
checkipv6
(
str
)
{
// Inspired by http://forums.intermapper.com/viewtopic.php?t=452
return
(
/^
\s
*
((([
0-9A-Fa-f
]{1,4}
:
){7}([
0-9A-Fa-f
]{1,4}
|:
))
|
(([
0-9A-Fa-f
]{1,4}
:
){6}(
:
[
0-9A-Fa-f
]{1,4}
|
((
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)(\.(
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)){3})
|:
))
|
(([
0-9A-Fa-f
]{1,4}
:
){5}(((
:
[
0-9A-Fa-f
]{1,4}){1,2})
|:
((
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)(\.(
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)){3})
|:
))
|
(([
0-9A-Fa-f
]{1,4}
:
){4}(((
:
[
0-9A-Fa-f
]{1,4}){1,3})
|
((
:
[
0-9A-Fa-f
]{1,4})?
:
((
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)(\.(
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)){3}))
|:
))
|
(([
0-9A-Fa-f
]{1,4}
:
){3}(((
:
[
0-9A-Fa-f
]{1,4}){1,4})
|
((
:
[
0-9A-Fa-f
]{1,4}){0,2}
:
((
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)(\.(
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)){3}))
|:
))
|
(([
0-9A-Fa-f
]{1,4}
:
){2}(((
:
[
0-9A-Fa-f
]{1,4}){1,5})
|
((
:
[
0-9A-Fa-f
]{1,4}){0,3}
:
((
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)(\.(
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)){3}))
|:
))
|
(([
0-9A-Fa-f
]{1,4}
:
){1}(((
:
[
0-9A-Fa-f
]{1,4}){1,6})
|
((
:
[
0-9A-Fa-f
]{1,4}){0,4}
:
((
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)(\.(
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)){3}))
|:
))
|
(
:
(((
:
[
0-9A-Fa-f
]{1,4}){1,7})
|
((
:
[
0-9A-Fa-f
]{1,4}){0,5}
:
((
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)(\.(
25
[
0-5
]
|2
[
0-4
]\d
|1
\d\d
|
[
1-9
]?\d)){3}))
|:
)))(
%.+
)?\s
*$/
.
test
(
str
));
}(
listenInterface
);
/**
* Dummy middleware that throws 404 not found. Does not contain websocket
* middleware.
...
...
@@ -69,7 +65,7 @@ var middlewareNotFound = function(req, res, proxy) {
/**
* Create server
*/
var
proxyServer
=
httpProxy
.
createServer
(
var
proxyServer
v6
=
httpProxy
.
createServer
(
// We declare our proxyByUrl middleware
proxyByUrl
(
proxyTable
),
// Then we add your dummy middleware, called when proxyByUrl doesn't find url.
...
...
@@ -87,42 +83,70 @@ var proxyServer = httpProxy.createServer(
)
},
source
:
{
host
:
listenInterface
,
host
:
listenInterface
v6
,
port
:
port
}}
);
var
proxyServerv4
=
httpProxy
.
createServer
(
// We declare our proxyByUrl middleware
proxyByUrl
(
proxyTable
),
// Then we add your dummy middleware, called when proxyByUrl doesn't find url.
middlewareNotFound
,
// And we set HTTPS options for server. HTTP will be forbidden.
{
https
:
{
key
:
fs
.
readFileSync
(
sslKeyFile
,
'
utf8
'
),
cert
:
fs
.
readFileSync
(
sslCertFile
,
'
utf8
'
)
},
source
:
{
host
:
listenInterfacev4
,
port
:
port
}}
);
console
.
log
(
'
HTTPS server starting and trying to listen on
'
+
listenInterface
+
'
:
'
+
port
);
listenInterface
v4
+
'
:
'
+
port
);
// Release the beast.
proxyServer
.
listen
(
port
,
listenInterface
);
proxyServerv6
.
listen
(
port
,
listenInterfacev6
);
proxyServerv4
.
listen
(
port
,
listenInterfacev4
);
// Dummy HTTP server redirecting to HTTPS. Only has sense if we can use port 80
if
(
redirect
===
'
1
'
)
{
console
.
log
(
'
HTTP redirect server starting and trying to listen on
'
+
listenInterface
+
'
:
'
+
httpPort
);
try
{
var
httpPort
=
80
;
http
.
createServer
(
function
(
req
,
res
)
{
var
url
;
if
(
isRawIPv6
===
true
)
{
url
=
'
https://[
'
+
listenInterface
+
'
]
'
;
}
else
{
url
=
'
https://
'
+
listenInterface
;
}
// If non standard port : need to specify it
if
(
port
!==
443
)
{
url
=
url
+
'
:
'
+
port
;
}
// Add last part of URL
url
=
url
+
req
.
url
;
console
.
log
(
url
);
// Anwser "permanently redirected"
res
.
statusCode
=
301
;
res
.
setHeader
(
'
Location
'
,
url
);
res
.
end
();
}).
listen
(
httpPort
,
listenInterface
);
}
catch
(
error
)
{
console
.
log
(
'
Couldn
\'
t start plain HTTP redirection server :
'
+
error
)
}
/*
*try {
* var httpPort = 80;
* http.createServer(function(req, res) {
* var url;
* if (isRawIPv6 === true) {
* url = 'https://[' + listenInterface + ']';
* } else {
* url = 'https://' + listenInterface;
* }
* // If non standard port : need to specify it
* if (port !== 443) {
* url = url + ':' + port;
* }
* // Add last part of URL
* url = url + req.url;
* console.log(url);
* // Anwser "permanently redirected"
* res.statusCode = 301;
* res.setHeader('Location', url);
* res.end();
* }).listen(httpPort, listenInterface);
* } catch (error) {
* console.log('Couldn\'t start plain HTTP redirection server : ' + error)
* }
*/
}
slapos/recipe/kvm_frontend/template/nodejs_run.in
View file @
e13f7c63
...
...
@@ -2,4 +2,4 @@
# BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically
export NODE_PATH=%(node_env)s
exec %(node_path)s %(conf_path)s %(ip)s %(port)s %(key)s %(certificate)s %(map_path)s %(plain_http)s
exec %(node_path)s %(conf_path)s %(ip
v6)s %(ipv4
)s %(port)s %(key)s %(certificate)s %(map_path)s %(plain_http)s
slapos/recipe/zabbixagent/__init__.py
View file @
e13f7c63
...
...
@@ -119,10 +119,13 @@ class Recipe(BaseSlapRecipe):
# self.cron_d is a directory, where cron jobs can be registered
self
.
cron_d
=
self
.
installCrond
()
self
.
logrotate_d
,
self
.
logrotate_backup
=
self
.
installLogrotate
()
zabbix_agentd_conf
=
self
.
installZabbixAgentd
(
self
.
getGlobalIPv6Address
(),
10050
,
self
.
parameter_dict
[
'hostname'
],
self
.
parameter_dict
[
'server'
])
zabbix_agentd_conf
=
self
.
installZabbixAgentd
(
self
.
getGlobalIPv6Address
(),
10050
,
self
.
parameter_dict
[
'hostname'
],
self
.
parameter_dict
[
'server'
],
self
.
parameter_dict
.
get
(
'custom-user-parameter'
,
''
)
)
self
.
setConnectionDict
(
dict
(
ip
=
zabbix_agentd_conf
[
'ip'
],
name
=
zabbix_agentd_conf
[
'hostname'
],
port
=
str
(
zabbix_agentd_conf
[
'port'
])))
...
...
software/apache-frontend/README.apache_frontend.txt
View file @
e13f7c63
...
...
@@ -118,6 +118,13 @@ Domain name to use as frontend. The frontend will be accessible from this domain
[instancereference].[masterdomain].
Example: www.mycustomdomain.com
https-only
~~~~~~~~~~
Specify if website should be accessed using https only. If so, the frontend
will redirect the user to https if accessed from http.
Possible values: "true", "false".
This is an optional parameter. Defaults to false.
path
~~~~
Only used if type is "zope".
...
...
software/apache-frontend/common.cfg
View file @
e13f7c63
...
...
@@ -3,6 +3,7 @@ extends =
../../component/binutils/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/apache/buildout.cfg
../../component/gzip/buildout.cfg
../../component/stunnel/buildout.cfg
../../component/varnish/buildout.cfg
../../component/dcron/buildout.cfg
...
...
@@ -38,14 +39,15 @@ recipe = zc.recipe.egg
eggs = ${instance-recipe:egg}
[eggs]
recipe = z
c.recipe.egg
recipe = z
3c.recipe.scripts
eggs =
${lxml-python:egg}
slapos.toolbox
[template]
# Default template for apache instance.
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg
md5sum =
fea902a2b9dbf8c80ff201bcf73f9396
md5sum =
e7b9f57da7eb1450fc15789e239388d4
output = ${buildout:directory}/template.cfg
mode = 0644
\ No newline at end of file
mode = 0644
software/apache-frontend/instance.cfg
View file @
e13f7c63
[buildout]
parts =
directory
instanc
e
apach
e
configtest
logrotate
logrotate-entry-apache
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
...
...
@@ -10,15 +12,23 @@ develop-eggs-directory = ${buildout:develop-eggs-directory}
# Create all needed directories
[directory]
recipe = slapos.cookbook:mkdirectory
bin = $${buildout:directory}/bin/
etc = $${buildout:directory}/etc/
var = $${buildout:directory}/var/
srv = $${buildout:directory}/srv/
bin = $${buildout:directory}/bin/
var = $${buildout:directory}/var/
backup = $${:srv}/backup
log = $${:var}/log
run = $${:var}/run
service = $${:etc}/service
logrotate-backup = $${:backup}/logrotate
logrotate-entries = $${:etc}/logrotate.d
# Deploy Apache (old way, with monolithic recipe)
[
instanc
e]
[
apach
e]
recipe = ${instance-recipe:egg}:${instance-recipe:module}
httpd_home = ${apache-2.2:location}
httpd_binary = ${apache-2.2:location}/bin/httpd
...
...
@@ -31,9 +41,40 @@ rdiff_backup_binary = ${buildout:bin-directory}/rdiff-backup
gcc_binary = gcc
binutils_directory = ${binutils:location}/bin/
access-log = $${directory:log}/frontend-apache-access.log
error-log = $${directory:log}/frontend-apache-error.log
pid-file = $${directory:run}/httpd.pid
# Create wrapper for "apachectl conftest" in bin
[configtest]
recipe = slapos.cookbook:wrapper
command-line = $${instance:httpd_binary} -f $${directory:etc}/apache_frontend.conf -t
output = $${directory:bin}/apache-configtest
command-line = $${apache:httpd_binary} -f $${directory:etc}/apache_frontend.conf -t
wrapper-path = $${directory:bin}/apache-configtest
# Deploy Logrotate
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
gzip-binary = ${gzip:location}/bin/gzip
gunzip-binary = ${gzip:location}/bin/gunzip
# Directories
wrapper = $${directory:bin}/logrotate
conf = $${directory:etc}/logrotate.conf
logrotate-entries = $${directory:logrotate-entries}
backup = $${directory:logrotate-backup}
state-file = $${directory:srv}/logrotate.status
[logrotate-entry-apache]
<= logrotate
recipe = slapos.cookbook:logrotate.d
name = apache
log = $${apache:error-log} $${apache:access-log}
frequency = daily
rotate-num = 30
post = ${buildout:bin-directory}/killpidfromfile $${apache:pid-file} SIGUSR1
sharedscripts = true
notifempty = true
create = true
software/apache-frontend/software.cfg
View file @
e13f7c63
...
...
@@ -4,67 +4,101 @@ extends = common.cfg
[versions]
Jinja2 = 2.6
Werkzeug = 0.8.3
apache-libcloud = 0.12.3
async = 0.6.1
buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.6
gitdb = 0.5.4
hexagonit.recipe.cmmi = 2.0
meld3 = 0.6.10
pycrypto = 2.6
rdiff-backup = 1.0.5
slapos.
cookbook = 0.71.1
slapos.recipe.
build = 0.11.5
slapos.
recipe.build = 0.11.6
slapos.recipe.
cmmi = 0.1
slapos.recipe.template = 2.4.2
slapos.toolbox = 0.34.0
smmap = 0.8.2
z3c.recipe.scripts = 1.0.1
# Required by:
# slapos.core==0.33.1
# slapos.core==0.35.1
# slapos.toolbox==0.34.0
Flask = 0.9
# Required by:
#
hexagonit.recipe.cmmi==1.6
hexagonit.recipe.download = 1.6nxd002
#
slapos.toolbox==0.34.0
GitPython = 0.3.2.RC1
# Required by:
# slapos.cookbook==0.71.1
# slapos.toolbox==0.34.0
atomize = 0.1.1
# Required by:
# slapos.toolbox==0.34.0
feedparser = 5.1.3
# Required by:
# slapos.cookbook==0.77.1
inotifyx = 0.2.0
# Required by:
# slapos.cookbook==0.7
1
.1
# slapos.core==0.3
3
.1
# slapos.cookbook==0.7
7
.1
# slapos.core==0.3
5
.1
# xml-marshaller==0.9.7
lxml = 3.
0
.2
lxml = 3.
1
.2
# Required by:
# slapos.cookbook==0.7
1
.1
# slapos.cookbook==0.7
7
.1
netaddr = 0.7.10
# Required by:
# slapos.core==0.3
3
.1
# slapos.core==0.3
5
.1
netifaces = 0.8
# Required by:
# slapos.
cookbook==0.71.1
p
ytz = 2012j
# slapos.
toolbox==0.34.0
p
aramiko = 1.10.1
# Required by:
# slapos.cookbook==0.71.1
# slapos.core==0.33.1
# slapos.toolbox==0.34.0
psutil = 0.7.0
# Required by:
# slapos.core==0.35.1
pyflakes = 0.7
# Required by:
# slapos.cookbook==0.77.1
pytz = 2013b
# Required by:
# slapos.cookbook==0.77.1
# slapos.core==0.35.1
# slapos.toolbox==0.34.0
# zc.buildout==1.6.0-dev-SlapOS-010
# zc.recipe.egg==1.3.2
setuptools = 0.6c12dev-r88846
# Required by:
# slapos.cookbook==0.71.1
slapos.core = 0.33.1
# slapos.cookbook==0.77.1
# slapos.toolbox==0.34.0
slapos.core = 0.35.1
# Required by:
# slapos.core==0.3
3
.1
# slapos.core==0.3
5
.1
supervisor = 3.0b1
# Required by:
# slapos.co
okbook==0.71
.1
xml-marshaller = 0.9.7
# slapos.co
re==0.35
.1
unittest2 = 0.5.1
# Required by:
# slapos.core==0.33.1
zope.interface = 4.0.3
# slapos.cookbook==0.77.1
# slapos.toolbox==0.34.0
xml-marshaller = 0.9.7
# Required by:
# slapos.core==0.35.1
zope.interface = 4.0.5
[networkcache]
# signature certificates of the following uploaders.
...
...
software/kvm/common.cfg
View file @
e13f7c63
...
...
@@ -56,6 +56,7 @@ recipe = plone.recipe.command
destination = ${buildout:parts-directory}/${:_buildout_section_name_}
location = ${buildout:parts-directory}/${:_buildout_section_name_}
command =
export HOME=${:location};
rm -fr ${:destination} &&
mkdir -p ${:destination} &&
cd ${:destination} &&
...
...
@@ -69,17 +70,10 @@ command =
[template-kvm]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-kvm.cfg.in
md5sum =
c0320447308299ec9caaeece4187bc1f
md5sum =
87197471aa93863c310204e8865b5ac1
output = ${buildout:directory}/template-kvm.cfg
mode = 0644
[template-kvmplus]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-kvmplus.cfg.in
md5sum = c8e92237eeda93caca1132b5202c3a02
output = ${buildout:directory}/template-kvmplus.cfg
mode = 0644
[template-nbd]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-nbd.cfg.in
...
...
@@ -90,13 +84,13 @@ mode = 0644
[template-frontend]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-frontend.cfg.in
md5sum =
73359b52013b1b65f75005e8698ed180
md5sum =
cdb690495e9eb007d2b7d2f8e12f5c59
output = ${buildout:directory}/template-frontend.cfg
mode = 0644
[template]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
md5sum =
68788763d23f70f24b9e575871c903a8
md5sum =
0a98e34aaec7097a84066c0665e3a49a
output = ${buildout:directory}/template.cfg
mode = 0644
software/kvm/development.cfg
View file @
e13f7c63
[buildout]
extends =
../../git/buildout.cfg
../../
component/
git/buildout.cfg
common.cfg
parts +=
slapos.cookbook-repository
slapos.core-repository
slapos.toolbox-repository
check-recipe
develop =
${:parts-directory}/slapos.cookbook-repository
${:parts-directory}/slapos.toolbox-repository
[slapos.cookbook-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.git
branch = slaprunner
branch = kvm
git-executable = ${git:location}/bin/git
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
branch = master
git-executable = ${git:location}/bin/git
[check-recipe]
...
...
@@ -24,3 +30,4 @@ stop-on-error = true
update-command = ${:command}
command =
grep parts ${buildout:develop-eggs-directory}/slapos.cookbook.egg-link &&
grep parts ${buildout:develop-eggs-directory}/slapos.toolbox.egg-link
software/kvm/instance-frontend.cfg.in
View file @
e13f7c63
...
...
@@ -11,7 +11,8 @@ parts =
cron-entry-logrotate
ca-frontend
certificate-authority
frontend-promise
frontend-promise-ipv6
frontend-promise-ipv4
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
...
...
@@ -47,7 +48,8 @@ logrotate-entries = $${rootdirectory:etc}/logrotate.d
recipe = slapos.cookbook:kvm.frontend
domain = $${ca-frontend:name}
# port = $${slap-parameter:port}
ip = $${slap-network-information:local-ipv4}
ipv6 = $${slap-network-information:global-ipv6}
ipv4 = $${slap-network-information:local-ipv4}
port = $${slap-parameter:port}
http-redirection = $${slap-parameter:http-redirection}
ssl-key-path = $${ca-frontend:key-file}
...
...
@@ -60,10 +62,16 @@ node-binary = ${nodejs:location}/bin/node
node-env = ${buildout:parts-directory}:${npm-modules:location}/node_modules
shell-path = ${dash:location}/bin/dash
[frontend-promise]
[frontend-promise
-ipv6
]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/frontend_promise
hostname = $${frontend-instance:ip}
hostname = $${frontend-instance:ipv6}
port = $${frontend-instance:port}
[frontend-promise-ipv4]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/frontend_promise
hostname = $${frontend-instance:ipv4}
port = $${frontend-instance:port}
[certificate-authority]
...
...
@@ -133,6 +141,7 @@ state-file = $${rootdirectory:srv}/logrotate.status
# Default value if no port is specified
port = 4443
http-redirection = 0
slave_instance_list =
# [logrotate-entry-frontend]
# <= logrotate
...
...
software/kvm/instance-kvm.cfg.in
View file @
e13f7c63
...
...
@@ -36,7 +36,7 @@ storage-path = $${directory:srv}/mac
[gen-passwd]
recipe = slapos.cookbook:generate.password
storage-path = $${directory:srv}/passwd
bytes =
4
bytes =
8
[kvm-instance]
# XXX-Cedric: change "KVM" recipe to simple "create wrappers". No need for this
...
...
@@ -135,7 +135,7 @@ key-file = $${slap-connection:key-file}
cert-file = $${slap-connection:cert-file}
computer-id = $${slap-connection:computer-id}
partition-id = $${slap-connection:partition-id}
name =
Slave
Frontend
name =
VNC
Frontend
software-type = $${slap-parameter:frontend-software-type}
slave = true
config = host port
...
...
@@ -162,7 +162,6 @@ curl_path = ${curl:location}/bin/curl
[slap-parameter]
# Default values if not specified
frontend-instance-guid = SOFTINST-11031
frontend-software-type = frontend
frontend-software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.92:/software/kvm/software.cfg
...
...
@@ -175,4 +174,4 @@ ram-size = 1024
disk-size = 10
disk-type = virtio
cpu-count = 1
\ No newline at end of file
cpu-count = 1
software/kvm/instance-kvmplus.cfg.in
deleted
100644 → 0
View file @
0e3ec32b
#############################
#
# Instanciate kvm+
#
#############################
# Deprecated. Just specify amount of RAM / disk you want in instance parameter.
[buildout]
extends = ${template-kvm:output}
[slap-parameter]
ram-size = 2048
disk-size = 20
\ No newline at end of file
software/kvm/instance.cfg.in
View file @
e13f7c63
...
...
@@ -10,7 +10,6 @@ offline = true
recipe = slapos.cookbook:softwaretype
default = ${template-kvm:output}
kvm = ${template-kvm:output}
kvm+ = ${template-kvmplus:output}
nbd = ${template-nbd:output}
frontend = ${template-frontend:output}
...
...
software/kvm/software.cfg
View file @
e13f7c63
...
...
@@ -143,4 +143,4 @@ xml-marshaller = 0.9.7
# Required by:
# slapos.core==0.35.1
zope.interface = 4.0.5
\ No newline at end of file
zope.interface = 4.0.5
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment