Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
slapos
Commits
7342c6b3
Commit
7342c6b3
authored
Sep 26, 2012
by
Marco Mariani
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
added some docs; fixed pw encryption
parent
3195461b
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
58 additions
and
8 deletions
+58
-8
slapos/recipe/maarch/configuration.py
slapos/recipe/maarch/configuration.py
+17
-0
slapos/recipe/postgres/__init__.py
slapos/recipe/postgres/__init__.py
+25
-8
stack/lapp/README.txt
stack/lapp/README.txt
+16
-0
No files found.
slapos/recipe/maarch/configuration.py
View file @
7342c6b3
...
@@ -33,6 +33,13 @@ import os
...
@@ -33,6 +33,13 @@ import os
import
lxml
import
lxml
# TODO: remove the hack below, used to reach psycopg2
# XXX: When run inside webrunner, Postgres refuses connection.
# TODO: make the recipe work inside webrunner
def
temporary_hack
():
def
temporary_hack
():
# XXX TODO provide psycopg to sys.path by other means
# XXX TODO provide psycopg to sys.path by other means
import
sys
import
sys
...
@@ -53,6 +60,16 @@ def xpath_set(xml, settings):
...
@@ -53,6 +60,16 @@ def xpath_set(xml, settings):
class
Recipe
(
GenericBaseRecipe
):
class
Recipe
(
GenericBaseRecipe
):
"""
\
This recipe configures a maarch instance to be ready to run,
without going through the initial wizard:
- creation of two xml files from the provided defaults
- php.ini as required by Maarch
- database setup.
The superuser password will be the same as the Postgres one.
"""
def
install
(
self
):
def
install
(
self
):
apps_config_xml
=
self
.
create_apps_config_xml
()
apps_config_xml
=
self
.
create_apps_config_xml
()
...
...
slapos/recipe/postgres/__init__.py
View file @
7342c6b3
...
@@ -34,7 +34,22 @@ from zc.buildout import UserError
...
@@ -34,7 +34,22 @@ from zc.buildout import UserError
from
slapos.recipe.librecipe
import
GenericBaseRecipe
from
slapos.recipe.librecipe
import
GenericBaseRecipe
# TODO: read ipv6 host without calling loads() in createConfig()
class
Recipe
(
GenericBaseRecipe
):
class
Recipe
(
GenericBaseRecipe
):
"""
\
This recipe creates:
- a Postgres cluster
- configuration to allow connections from IPV6 only (or unix socket)
- a superuser with provided name and generated password
- a database with provided name
- a foreground start script in the services directory
then adds the connection URL to the options.
The URL can be used as-is (ie. in sqlalchemy) or by the _urlparse.py recipe.
"""
def
_options
(
self
,
options
):
def
_options
(
self
,
options
):
options
[
'password'
]
=
self
.
generatePassword
()
options
[
'password'
]
=
self
.
generatePassword
()
...
@@ -52,7 +67,7 @@ class Recipe(GenericBaseRecipe):
...
@@ -52,7 +67,7 @@ class Recipe(GenericBaseRecipe):
self
.
createRunScript
()
self
.
createRunScript
()
return
[
return
[
# XXX
what to return
here?
# XXX
should we really return something
here?
# os.path.join(pgdata, 'postgresql.conf')
# os.path.join(pgdata, 'postgresql.conf')
]
]
...
@@ -74,9 +89,10 @@ class Recipe(GenericBaseRecipe):
...
@@ -74,9 +89,10 @@ class Recipe(GenericBaseRecipe):
def
createConfig
(
self
):
def
createConfig
(
self
):
from
zc.buildout
import
buildout
from
zc.buildout
import
buildout
pgdata
=
self
.
options
[
'pgdata-directory'
]
host
=
buildout
.
loads
(
self
.
options
[
'ipv6_host'
]).
pop
()
# XXX ugly hack
host
=
buildout
.
loads
(
self
.
options
[
'ipv6_host'
]).
pop
()
# XXX ugly hack
pgdata
=
self
.
options
[
'pgdata-directory'
]
with
open
(
os
.
path
.
join
(
pgdata
,
'postgresql.conf'
),
'wb'
)
as
cfg
:
with
open
(
os
.
path
.
join
(
pgdata
,
'postgresql.conf'
),
'wb'
)
as
cfg
:
cfg
.
write
(
textwrap
.
dedent
(
"""
\
cfg
.
write
(
textwrap
.
dedent
(
"""
\
listen_addresses = '%s'
listen_addresses = '%s'
...
@@ -115,14 +131,16 @@ class Recipe(GenericBaseRecipe):
...
@@ -115,14 +131,16 @@ class Recipe(GenericBaseRecipe):
"""
"""
Creates a Postgres superuser - other than "slapuser#" for use by the application.
Creates a Postgres superuser - other than "slapuser#" for use by the application.
"""
"""
user
=
self
.
options
[
'user'
]
password
=
'insecure'
# XXX should send it encrypted, didn't work
# http://postgresql.1045698.n5.nabble.com/Algorithm-for-generating-md5-encrypted-password-not-found-in-documentation-td4919082.html
# http://postgresql.1045698.n5.nabble.com/Algorithm-for-generating-md5-encrypted-password-not-found-in-documentation-td4919082.html
# enc_password = 'md5' + md5.md5(password+user).hexdigest()
self
.
runPostgresCommand
(
cmd
=
"""CREATE USER "%s" ENCRYPTED PASSWORD '%s' SUPERUSER"""
%
(
user
,
password
))
user
=
self
.
options
[
'user'
]
password
=
self
.
options
[
'password'
]
# encrypt the password to avoid storing in the logs
enc_password
=
'md5'
+
md5
.
md5
(
password
+
user
).
hexdigest
()
self
.
runPostgresCommand
(
cmd
=
"""CREATE USER "%s" ENCRYPTED PASSWORD '%s' SUPERUSER"""
%
(
user
,
enc_password
))
def
runPostgresCommand
(
self
,
cmd
):
def
runPostgresCommand
(
self
,
cmd
):
...
@@ -141,7 +159,6 @@ class Recipe(GenericBaseRecipe):
...
@@ -141,7 +159,6 @@ class Recipe(GenericBaseRecipe):
p
=
subprocess
.
Popen
([
postgres_binary
,
p
=
subprocess
.
Popen
([
postgres_binary
,
'--single'
,
'--single'
,
'-D'
,
pgdata
,
'-D'
,
pgdata
,
'-d'
,
'1'
,
# debug level, do not output commands
'postgres'
,
'postgres'
,
],
stdin
=
subprocess
.
PIPE
)
],
stdin
=
subprocess
.
PIPE
)
...
...
stack/lapp/README.txt
0 → 100644
View file @
7342c6b3
LAPP stack
==========
This fork of the LAMP stack provides:
- a Postgres instance, with an empty database and a 'postgres' superuser.
Log rotation is handled by Postgres itself.
- symlinks to all the postgres binaries, usable through unix socket
with no further authentication, or through ipv6
- a psycopg2 (postgres driver) egg
- configuration for a maarch instance (this part should be brought outside the stack)
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment