[slap-parameters] recipe = slapos.cookbook:slapconfiguration computer = $${slap-connection:computer-id} partition = $${slap-connection:partition-id} url = $${slap-connection:server-url} key = $${slap-connection:key-file} cert = $${slap-connection:cert-file} [monitor-parameters] monitor-dir = $${directory:monitor-result} result-dir = $${:monitor-dir}/bool json-filename = monitor.json json-path = $${:monitor-dir}/$${:json-filename} rss-path = $${directory:www}/monitor.html executable = $${directory:bin}/monitor.py [directory] home = $${buildout:directory} etc = $${:home}/etc bin = $${:home}/bin srv = $${:home}/srv var = $${:home}/var ca-dir = $${:srv}/ssl cgi-bin = $${:www}/cgi-bin cron-entries = $${:etc}/cron.d crontabs = $${:etc}/crontabs cronstamps = $${:etc}/cronstamps log = $${:var}/log monitor = $${:etc}/monitor monitor-result = $${:var}/monitor monitor-result-bool = $${monitor-parameters:result-dir} promise = $${:etc}/promise run = $${:var}/run service = $${:etc}/service/ tmp = $${:home}/tmp www = $${:var}/www [cron] recipe = slapos.cookbook:cron dcrond-binary = ${dcron:location}/sbin/crond cron-entries = $${directory:cron-entries} crontabs = $${directory:crontabs} cronstamps = $${directory:cronstamps} catcher = $${cron-simplelogger:wrapper} binary = $${directory:service}/crond # Add log to cron [cron-simplelogger] recipe = slapos.cookbook:simplelogger wrapper = $${directory:bin}/cron_simplelogger log = $${directory:log}/cron.log [cron-entry-monitor] <= cron recipe = slapos.cookbook:cron.d name = launch-monitor frequency = * * * * * command = $${monitor-parameters:executable} -a [cron-entry-rss] <= cron recipe = slapos.cookbook:cron.d name = build-rss frequency = * * * * * command = $${make-rss:output} [deploy-cgi-script] recipe = slapos.recipe.template:jinja2 template = ${cgi-bin:location}/${cgi-bin:filename} rendered = $${directory:cgi-bin}/index.cgi mode = 0744 context = key json_file monitor-parameters:json-path key password cgi-password:passwd [deploy-monitor-script] recipe = slapos.recipe.template:jinja2 template = ${monitor-bin:location}/${monitor-bin:filename} rendered = $${monitor-parameters:executable} mode = 0744 context = section directory directory key monitoring_file_json monitor-parameters:json-path key monitoring_folder_bool monitor-parameters:result-dir [deploy-rss-script] recipe = hexagonit.recipe.download url = ${rss-bin:destination}/${rss-bin:filename} destination = $${directory:bin} filename = ${rss-bin:filename} #md5sum = mode = 0744 download-only = true [make-rss] recipe = slapos.recipe.template url = ${make-rss-script:output} output = $${directory:bin}/make-rss.sh #md5sum = mode = 0744 [tempdirectory] recipe = slapos.cookbook:mkdirectory client_body_temp_path = $${directory:tmp}/client_body_temp_path proxy_temp_path = $${directory:tmp}/proxy_temp_path fastcgi_temp_path = $${directory:tmp}/fastcgi_temp_path uwsgi_temp_path = $${directory:tmp}/uwsgi_temp_path scgi_temp_path = $${directory:tmp}/scgi_temp_path [cadirectory] recipe = slapos.cookbook:mkdirectory requests = $${directory:ca-dir}/requests/ private = $${directory:ca-dir}/private/ certs = $${directory:ca-dir}/certs/ newcerts = $${directory:ca-dir}/newcerts/ crl = $${directory:ca-dir}/crl/ [certificate-authority] recipe = slapos.cookbook:certificate_authority openssl-binary = ${openssl:location}/bin/openssl ca-dir = $${directory:ca-dir} requests-directory = $${cadirectory:requests} wrapper = $${directory:service}/certificate_authority ca-private = $${cadirectory:private} ca-certs = $${cadirectory:certs} ca-newcerts = $${cadirectory:newcerts} ca-crl = $${cadirectory:crl} [ca-nginx] <= certificate-authority recipe = slapos.cookbook:certificate_authority.request key-file = $${cadirectory:certs}/nginx_rss.key cert-file = $${cadirectory:certs}/nginx_rss.crt executable = $${nginx-parameters:bin_launcher} wrapper = $${directory:service}/nginx-rss # Put domain name name = example.com [nginx-parameters] nb_workers = 2 port = 9685 global-ip = $${slap-parameters:ipv6-random} # SSL ssl-certificate = $${ca-nginx:cert-file} ssl-key = $${ca-nginx:key-file} # Log path_pid = $${directory:run}/nginx-rss.pid path_log = $${directory:log}/nginx.log path_access_log = $${directory:log}/nginx.access.log path_error_log = $${directory:log}/nginx.error.log path_tmp = $${directory:tmp} # Config files nginx_conf = $${nginx-conf:rendered} # Executables bin_nginx = ${nginx:location}/sbin/nginx bin_launcher = $${directory:bin}/nginx-launcher rss_feed = $${monitor-parameters:rss-path} www = $${directory:www} [nginx-conf] recipe = slapos.recipe.template:jinja2 template = ${template-nginx-conf:location}/${template-nginx-conf:filename} rendered = $${directory:etc}/nginx_rss.conf context = section param_nginx nginx-parameters section param_tempdir tempdirectory [nginx-service] recipe = slapos.cookbook:wrapper wrapper-path = $${nginx-parameters:bin_launcher} command-line = $${nginx-parameters:bin_nginx} -c $${nginx-parameters:nginx_conf} ########### # Deploy a webserver running cgi scripts for monitoring ########### [cgi-password] recipe = slapos.cookbook:generate.password storage-path = $${directory:var}/cgi-passwd bytes = 8 # XXX could it be something lighter? # XXX Add SSL [cgi-httpd-configuration-file] recipe = collective.recipe.template input = inline: PidFile "$${:pid-file}" Listen [$${:listening-ip}]:$${:listening-port} ServerAdmin someone@email DocumentRoot "$${:document-root}" ErrorLog "$${:error-log}" LoadModule unixd_module modules/mod_unixd.so LoadModule access_compat_module modules/mod_access_compat.so LoadModule authz_core_module modules/mod_authz_core.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule mime_module modules/mod_mime.so LoadModule cgid_module modules/mod_cgid.so LoadModule dir_module modules/mod_dir.so ScriptSock $${:cgid-pid-file} <Directory $${:document-root}> # XXX: security???? Options +ExecCGI AddHandler cgi-script .cgi DirectoryIndex $${deploy-cgi-script:rendered} </Directory> output = $${directory:etc}/cgi-httpd.conf # md5sum = listening-ip = $${slap-parameters:ipv6-random} # XXX: randomize-me listening-port = 9685 htdocs = $${directory:cgi-bin} pid-file = $${directory:run}/cgi-httpd.pid cgid-pid-file = $${directory:run}/cgi-httpd-cgid.pid document-root = $${directory:cgi-bin} error-log = $${directory:log}/cgi-httpd-error-log [cgi-httpd-wrapper] recipe = slapos.cookbook:wrapper apache-executable = ${apache:location}/bin/httpd command-line = $${:apache-executable} -f $${cgi-httpd-configuration-file:output} -DFOREGROUND wrapper-path = $${directory:service}/cgi-httpd [publish-connection-parameter] recipe = slapos.cookbook:publish monitor_url = http://[$${cgi-httpd-configuration-file:listening-ip}]:$${cgi-httpd-configuration-file:listening-port} monitor_password = $${cgi-password:passwd}