[buildout]

parts =
  certificate-authority
  ca-stunnel
  logrotate
  logrotate-entry-stunnel
  logrotate-entry-apache
  cron
  cron-entry-logrotate
  trac-config
  trac-git-hook-script
  trac-svn-hook-script
  post-revprop-change-script
  gitweb-conf
  httpd
  gitdaemon
  promise
  ca-shellinabox

  frontend-promise
  content-promise
  publish-connection-informations


eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true


#----------------
#--
#-- Creation of all needed directories.

[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
var = $${buildout:directory}/var
srv = $${buildout:directory}/srv
bin = $${buildout:directory}/bin
tmp = $${buildout:directory}/tmp

[basedirectory]
recipe = slapos.cookbook:mkdirectory
log = $${rootdirectory:var}/log
services = $${rootdirectory:etc}/service
run = $${rootdirectory:var}/run
backup = $${rootdirectory:srv}/backup
promises = $${rootdirectory:etc}/promise

[directory]
recipe = slapos.cookbook:mkdirectory
cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps
ca-dir = $${rootdirectory:srv}/ssl
httpd-log = $${basedirectory:log}/apache
logrotate-entries = $${rootdirectory:etc}/logrotate.d
logrotate-backup = $${basedirectory:backup}/logrotate
tracconfig = $${rootdirectory:srv}
stunnel-conf = $${rootdirectory:etc}/stunnel
shellinabox = $${rootdirectory:srv}/shellinabox/

[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:ca-dir}/requests
private = $${directory:ca-dir}/private
certs = $${directory:ca-dir}/certs
newcerts = $${directory:ca-dir}/newcerts
crl = $${directory:ca-dir}/crl


#----------------
#--
#-- Deploy cron.

[cron]
recipe = slapos.cookbook:cron
dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps}
catcher = $${cron-simplelogger:wrapper}
binary = $${basedirectory:services}/crond

[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = $${rootdirectory:bin}/cron_simplelogger
log = $${basedirectory:log}/crond.log


#----------------
#--
#-- Deploy logrotate.

[cron-entry-logrotate]
<= cron
recipe = slapos.cookbook:cron.d
name = logrotate
frequency = 0 0 * * *
command = $${logrotate:wrapper}

[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
gzip-binary = ${gzip:location}/bin/gzip
gunzip-binary = ${gzip:location}/bin/gunzip
# Directories
wrapper = $${rootdirectory:bin}/logrotate
conf = $${rootdirectory:etc}/logrotate.conf
logrotate-entries = $${directory:logrotate-entries}
backup = $${directory:logrotate-backup}
state-file = $${rootdirectory:srv}/logrotate.status


#----------------
#--
#-- Deploy stunnel.

[stunnel]
recipe = slapos.cookbook:stunnel
client = true
stunnel-binary = ${stunnel:location}/bin/stunnel
remote-host = $${mariadb-urlparse:host}
remote-port = $${mariadb-urlparse:port}
local-host = $${slap-network-information:local-ipv4}
local-port = 3306
log-file = $${basedirectory:log}/stunnel.log
config-file = $${directory:stunnel-conf}/stunnel.conf
key-file = $${directory:stunnel-conf}/stunnel.key
cert-file = $${directory:stunnel-conf}/stunnel.crt
pid-file = $${basedirectory:run}/stunnel.pid
wrapper = $${rootdirectory:bin}/raw_stunnel
post-rotate-script = $${rootdirectory:bin}/stunnel_post_rotate

[logrotate-entry-stunnel]
<= logrotate
recipe = slapos.cookbook:logrotate.d
name = stunnel
log = $${stunnel:log-file}
frequency = daily
rotate-num = 30
notifempty = true
create = true
post = $${stunnel:post-rotate-script}


#----------------
#--
#-- Certificate stuff.

[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${directory:ca-dir}
requests-directory = $${cadirectory:requests}
wrapper = $${basedirectory:services}/ca
ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts}
ca-crl = $${cadirectory:crl}

[ca-stunnel]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
executable = $${stunnel:wrapper}
wrapper = $${basedirectory:services}/stunnel
key-file = $${stunnel:key-file}
cert-file = $${stunnel:cert-file}


#----------------
#--
#-- Request MariaDB instance and parse its URL.

[request-mariadb]
<= slap-connection
recipe = slapos.cookbook:request
name = MariaDB
software-url = $${slap-connection:software-release-url}
software-type = mariadb
return = url
sla = computer_guid
sla-computer_guid = $${slap-connection:computer-id}

[mariadb-urlparse]
recipe = slapos.cookbook:urlparse
url = $${request-mariadb:connection-url}


#----------------
#--
#-- Deploy Apache + PHP application.
[httpd-conf]
recipe = slapos.recipe.template
url = ${template-httpd-conf:location}/${template-httpd-conf:filename}
output = $${rootdirectory:etc}/apache.conf

document_root = $${rootdirectory:srv}/site/
wsgi_location = $${rootdirectory:srv}/site/apache
gitweb-static-dir = ${gitweb:location}/share/gitweb/static/
gitweb-script = $${gitweb-cgi:output}
git-http-backend = $${git-http-backend-cgi:output}
cgid-sock = $${basedirectory:run}/cgid.sock
pid_file = $${basedirectory:run}/apache.pid
lock_file = $${basedirectory:run}/apache.lock
ip = $${slap-network-information:global-ipv6}
port = 8080
error_log = $${directory:httpd-log}/error.log
access_log = $${directory:httpd-log}/access.log

[trac-config]
recipe = slapos.recipe.template
url = ${tracIni:location}/${tracIni:filename}
output = $${directory:tracconfig}/trac-config-model.ini
mode = 0600
project_dir = $${rootdirectory:srv}/site
#project_url = http://[$${slap-network-information:global-ipv6}]:8080
project_url = $${request-frontend:connection-site_url}
trac_plugins = $${:project_dir}/plugins
git_bin = ${git:location}/bin/git
git_project_base = $${:project_dir}/git
git_project_list = 
git_url = $${:project_url}git
admin_email = $${slap-parameter:admin-email}
project_description = $${slap-parameter:project-desc}
project_footer = $${slap-parameter:project-footer}
project_name = $${slap-parameter:project-name}

#MySQL informations
mysql_username = $${mariadb-urlparse:username}
mysql_password = $${mariadb-urlparse:password}
mysql_database = $${mariadb-urlparse:path}
mysql_host = $${stunnel:local-host}
mysql_port = $${stunnel:local-port}

[trac-wsgi]
recipe = slapos.recipe.template
url = ${tracWsgi:location}/${tracWsgi:filename}
output = $${directory:tracconfig}/trac.wsgi
mode = 0700

trac_env = $${trac-config:project_dir}
python_bin = ${python2.7:location}/bin/python2.7

[trac-svn-hook-script]
recipe = slapos.recipe.template
url = ${trac-svn-hook:location}/${trac-svn-hook:filename}
output = $${directory:tracconfig}/trac-svn-hook
mode = 0700

trac_env = $${trac-config:project_dir}
trac_admin = ${buildout:bin-directory}
python_bin = ${python2.7:location}/bin
python_lib = ${python2.7:location}/lib
svn_python = ${subversion-1.9:location}/lib/svn-python

[trac-git-hook-script]
recipe = slapos.recipe.template
url = ${trac-git-hook:location}/${trac-git-hook:filename}
output = $${directory:tracconfig}/trac-git-hook
mode = 0700
git_bin = ${git:location}/bin/git
trac_admin = ${buildout:bin-directory}/trac-admin
trac_env = $${trac-config:project_dir}

[post-revprop-change-script]
recipe = slapos.recipe.template
url = ${post-revprop-change:location}/${post-revprop-change:filename}
output = $${directory:tracconfig}/post-revprop-change
mode = 0700
trac_svn_hook = $${trac-svn-hook-script:output}

[trac-svnrepo-script]
recipe = slapos.recipe.template
url = ${create-svn-repo:location}/${create-svn-repo:filename}
output = $${rootdirectory:bin}/create-svn-repository.sh
mode = 0700
trac_admin = ${buildout:bin-directory}
svn_bin = ${subversion-1.9:location}/bin
svn_python = ${subversion-1.9:location}/lib/svn-python
python_lib = ${python2.7:location}/lib

[gitweb-conf]
recipe = slapos.recipe.template
url = ${template-gitweb-conf:location}/${template-gitweb-conf:filename}
output = $${rootdirectory:etc}/gitweb.conf
url-list = $${trac-config:project_url}git http://[$${slap-network-information:global-ipv6}]:8080/git git://[$${slap-network-information:global-ipv6}]
base-directory = $${trac-config:project_dir}/git

[gitweb-cgi]
recipe = slapos.recipe.template
url = ${template-gitweb-cgi:location}/${template-gitweb-cgi:filename}
output = $${rootdirectory:bin}/gitweb.cgi
mode = 700

perl = ${perl:location}/bin/perl
gitweb = ${gitweb:location}/share/gitweb/gitweb.cgi

[git-http-backend-cgi]
recipe = slapos.recipe.template
url = ${template-git-http-backend-cgi:location}/${template-git-http-backend-cgi:filename}
output = $${rootdirectory:bin}/git-http-backend.cgi
mode = 700

githttpbackend = ${git:location}/libexec/git-core/git-http-backend
base-directory = $${trac-config:project_dir}/git

[trac-admin]
recipe = slapos.cookbook:generate.password
storage-path = $${buildout:directory}/.password
user = TracAdmin

#---------------------
#to avoid manipulate apache after installation, this part is installed before
#running apache services for the first time
[inittrac]
recipe = slapos.cookbook:trac
site-dir = $${trac-config:project_dir}
site-url = $${trac-config:project_url}
project = $${slap-parameter:project-name}
#Use to install trac additional plugins
plugins-egg-dir = ${trac-plugins-egg:location}
#Usefull for update pythonPath
eggs-dirs = 
  ${buildout:eggs-directory}
  ${buildout:develop-eggs-directory}
python-lib = ${python2.7:location}/lib
trac-admin = ${buildout:bin-directory}/trac-admin
admin-user = $${trac-admin:user}
admin-password = $${trac-admin:passwd}
#MySQL informations
mysql-username = $${mariadb-urlparse:username}
mysql-password = $${mariadb-urlparse:password}
mysql-database = $${mariadb-urlparse:path}
mysql-host = $${stunnel:local-host}
mysql-port = $${stunnel:local-port}
#SVN - GIT Project list
svn-project-list = $${slap-parameter:svn-project-list}
git-project-list = $${slap-parameter:git-project-list}
git-binary = ${git:location}/bin/git
#configurations files
trac-ini = $${trac-config:output}
trac-wsgi = $${trac-wsgi:output}
svn-repo-script = $${trac-svnrepo-script:output}
post-revprop-change = $${post-revprop-change-script:output}
trac-svn-hook = $${trac-svn-hook-script:output}
trac-git-hook = $${trac-git-hook-script:output}
file-status = $${buildout:directory}/.status
#Trac User list
htpasswd = ${apache:location}/bin/htpasswd
passwd-file = $${trac-config:project_dir}/.htpasswd
user-list = $${slap-parameter:trac-user-list}


[httpd]
recipe = slapos.cookbook:wrapper
command-line = ${apache:location}/bin/httpd -DFOREGROUND -f "$${httpd-conf:output}"
environment = PYTHONPATH=${subversion-1.9:location}/lib/svn-python:$${inittrac:python_path}
  LD_LIBRARY_PATH=${python2.7:location}/lib
wrapper-path = $${basedirectory:services}/httpd
wait-for-files = $${inittrac:file-status}

[gitdaemon]
recipe = slapos.cookbook:wrapper
ip = $${slap-network-information:global-ipv6}
port = 9418
command-line = ${git:location}/bin/git daemon --export-all --listen=$${:ip} --port=$${:port} --interpolated-path=$${inittrac:site-dir}/git/%D
wrapper-path = $${basedirectory:services}/git-daemon
wait-for-files = $${inittrac:file-status}

[logrotate-entry-apache]
<= logrotate
recipe = slapos.cookbook:logrotate.d
name = apache
log = $${httpd-conf:error_log} $${httpd-conf:access_log}
frequency = daily
rotate-num = 30
sharedscripts = true
notifempty = true
create = true

#--------------------------
#-----
#---- Request Console for Trac-administration (cannot use Trac without console admin)

[ca-shellinabox]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
executable = $${shellinabox:wrapper}
wrapper = $${basedirectory:services}/shellinaboxd
key-file = $${shellinabox:key-file}
cert-file = $${shellinabox:cert-file}

[shellinabox]
recipe = slapos.cookbook:shellinabox
ipv6 = $${slap-network-information:global-ipv6}
port = 9000
shell = $${shell:wrapper}
wrapper = $${rootdirectory:bin}/shellinaboxd_raw
shellinabox-binary = ${shellinabox:location}/bin/shellinaboxd
password = $${trac-admin:passwd}
directory = $${inittrac:site-dir}
login-shell = $${rootdirectory:bin}/login
certificate-directory = $${directory:shellinabox}
cert-file = $${directory:shellinabox}/public.crt
key-file = $${directory:shellinabox}/private.key

[shell-wrapper]
recipe = slapos.cookbook:wrapper
command-line = ${buildout:bin-directory}/trac-admin $${inittrac:site-dir}
environment = PYTHONPATH=${subversion-1.9:location}/lib/svn-python:$${inittrac:python_path}
    ENV=$${inittrac:site-dir}
    SNV_REPOS=$${inittrac:site-dir}/svn
    GIT_REPOS=$${inittrac:site-dir}/git
wrapper-path =  $${rootdirectory:bin}/shell_raw

[shell]
recipe = slapos.cookbook:shell
wrapper = $${rootdirectory:bin}/shell
shell = $${shell-wrapper:wrapper-path}
home = $${inittrac:site-dir}
ps1 = "\\w> "
path =

#----------------
#--
#-- Request frontend.
#-- We need to remove dependancy between apache, trac and frontend, because url is needed in 
#-- trac configuration file and apache depend on trac.

[request-frontend]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = Frontend
# XXX We have hardcoded SR URL here.
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
slave = true
config = url custom_domain
config-url = http://[$${slap-network-information:global-ipv6}]:8080
return = site_url
config-custom_domain = $${slap-parameter:domain}

#----------------
#--
#-- Publish instance parameters.

[publish-connection-informations]
recipe = slapos.cookbook:publish
backend_url = http://[$${httpd-conf:ip}]:$${httpd-conf:port}/
frontend_url = $${request-frontend:connection-site_url}
git = $${request-frontend:connection-site_url}git/
svn = $${request-frontend:connection-site_url}svn/
admin_user = $${trac-admin:user}
admin_password = $${trac-admin:passwd}
admin_shell = https://[$${shellinabox:ipv6}]:$${shellinabox:port}/

#----------------
#--
#-- Deploy promises scripts.

[promise]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/apache
hostname = $${httpd-conf:ip}
port = $${httpd-conf:port}

[frontend-promise]
recipe = slapos.cookbook:check_url_available
path = $${basedirectory:promises}/frontend
url = $${request-frontend:connection-site_url}
dash_path = ${dash:location}/bin/dash
curl_path = ${curl:location}/bin/curl

[content-promise]
recipe = slapos.cookbook:check_page_content
path = $${basedirectory:promises}/content
url = $${request-frontend:connection-site_url}
dash_path = ${dash:location}/bin/dash
curl_path = ${curl:location}/bin/curl
match = $${slap-parameter:project-name}

[slap-parameter]
domain = 
project-name = project
project-desc = My example project
project-footer = Visit the Trac open source project at<br /><a href="http://trac.edgewall.org/">http://trac.edgewall.org/</a>
admin-email = you.admin@email.com
trac-user-list = {}
svn-project-list = {}
git-project-list = {}