Commit de11308a authored by Cédric de Saint Martin's avatar Cédric de Saint Martin Committed by Gabriel Monnerat

[SlapOS Core] Add configure-local command for standalone slapos.

parent dffdfda6
......@@ -94,6 +94,7 @@ setup(name=name,
'node instance = slapos.cli.slapgrid:InstanceCommand',
# SlapOS client commands
'console = slapos.cli.console:ConsoleCommand',
'configure local = slapos.cli.configure_local:ConfigureLocalCommand',
'configure client = slapos.cli.configure_client:ConfigureClientCommand',
'proxy start = slapos.cli.proxy_start:ProxyStartCommand',
'proxy show = slapos.cli.proxy_show:ProxyShowCommand',
......
[slapos]
# Replace computer_id by the unique identifier of your computer on vifib.net,
# starting by COMP-
computer_id = COMP-12345
# Replace computer_id by the unique identifier of your computer on your SlapOS,
# Master, usually starting by COMP-
computer_id = COMP-123456789
master_url = https://slap.vifib.com/
key_file = /etc/opt/slapos/ssl/computer.key
cert_file = /etc/opt/slapos/ssl/computer.crt
......@@ -10,8 +10,8 @@ software_root = /opt/slapgrid
instance_root = /srv/slapgrid
[slapformat]
# Replace by your network interface like eth0, eth1, slapbr0...
interface_name = interfacename
# Replace by your network interface providing IPv6 if you don't use re6st
interface_name = lo
# Change "create_tap" into "true" if you need to host KVM services
create_tap = false
partition_amount = 10
......@@ -23,8 +23,8 @@ tap_base_name = slaptap
# You can choose any other local network which does not conflict with your
# current machine configuration
ipv4_local_network = 10.0.0.0/16
# Comment this if you are using native IPv6 and don't want to use SlapOS tunnel
ipv6_interface = tapVPN
# Change to true if you want slapos to use local-only IPv6
use_unique_local_address = False
[networkcache]
# Define options for binary cache, used to download already compiled software.
......
......@@ -59,6 +59,7 @@ def get_certificate_key_pair(logger, master_url_web, token):
def fetch_configuration_template():
# XXX: change to local version.
req = requests.get('http://git.erp5.org/gitweb/slapos.core.git/blob_plain/HEAD:/slapos-client.cfg.example')
req.raise_for_status()
return req.text
......
# -*- coding: utf-8 -*-
##############################################################################
#
# Copyright (c) 2013 Vifib SARL and Contributors.
# All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly advised to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import logging
import os
import pkg_resources
import re
import subprocess
import sys
from slapos.cli.command import Command, must_be_root
from slapos.grid.utils import updateFile
from slapos.grid.svcbackend import launchSupervisord
DEFAULT_COMPUTER_ID = 'local_computer'
class ConfigureLocalCommand(Command):
"""
Configure a slapos node, from scratch to ready-ro-use, using slapproxy.
"""
def get_parser(self, prog_name):
ap = super(self.__class__, self).get_parser(prog_name)
ap.add_argument('--interface-name',
default='lo',
help='Primary network interface. IP of Partitions '
'will be added to it'
' (default: %(default)s)')
ap.add_argument('--partition-number',
default=20,
type=int,
help='Number of partitions to create in the SlapOS Node'
' (default: %(default)s)')
ap.add_argument('--ipv4-local-network',
default='10.0.0.0/16',
help='Subnetwork used to assign local IPv4 addresses. '
'It should be a not used network in order to'
' avoid conflicts (default: %(default)s)')
ap.add_argument('--daemon-listen-ip',
default='127.0.0.1',
help='Listening IP of the "slapproxy" daemon'
' (default: %(default)s)')
ap.add_argument('--daemon-listen-port',
default='127.0.0.1',
help='Listening port of the "slapproxy" daemon'
' (default: %(default)s)')
ap.add_argument('--slapos-configuration-directory',
default='/etc/opt/slapos',
help='Target location of the SlapOS configuration'
' directory (default: %(default)s)')
return ap
@must_be_root
def take_action(self, args):
try:
return_code = do_configure(args, logger)
except SystemExit as err:
return_code = err
sys.exit(return_code)
def _createDirectoryIfNotExist(target_directory, logger):
target_directory = os.path.normpath(target_directory)
# XXX: hardcoded
if os.path.exists(os.path.join(target_directory, 'slapos.cfg')):
logger.error('A SlapOS configuration directory already exist at'
' %s. Aborting.' % target_directory)
raise SystemExit(1)
if not os.path.exists(target_directory):
os.mkdir(target_directory, 0o711)
return target_directory
def _replaceParameterValue(original_content, to_replace):
"""
Replace in a .ini-like file the value of all parameters specified in
to_replace by their value.
"""
# XXX: Can be cleaned up by being replaced by a simple dict
new_content = ''
for key, value in to_replace:
# Replace all values of the given parameters to the specified values
new_content = re.sub(
'%s\s+=.*' % key, '%s = %s' % (key, value),
original_content
)
return new_content
def _generateSlaposNodeConfigurationFile(target_directory,
listening_ip, listening_port,
interface_name,
ipv4_local_network,
partition_number):
slapos_node_configuration_template = pkg_resources.resource_stream(
__name__, 'template/slapos.cfg.in').read()
slapos_node_configuration_file_location = os.path.join(
target_directory, 'slapos.cfg')
to_replace = [
('computer_id', DEFAULT_COMPUTER_ID),
('master_url', 'http://%s:%s' % (listening_ip, listening_port)),
('interface_name', interface_name),
('ipv4_local_network', ipv4_local_network),
('partition_amount', partition_number),
('use_unique_local_address', 'true')
]
slapos_node_configuration_content = _replaceParameterValue(
slapos_node_configuration_template, to_replace)
with open(slapos_node_configuration_file_location, 'w') as fout:
fout.write(slapos_node_configuration_content.encode('utf8'))
def _generateSlaposProxyConfigurationFile(target_directory,
listening_ip, listening_port
):
slapos_proxy_configuration_template = pkg_resources.resource_stream(
__name__, 'template/slapos-proxy.cfg.in').read()
slapos_proxy_configuration_file_location = os.path.join(
target_directory, 'slapos-proxy.cfg')
to_replace = [
('host', listening_ip),
('port', listening_port),
]
slapos_proxy_configuration_content = _replaceParameterValue(
slapos_proxy_configuration_template, to_replace)
with open(slapos_proxy_configuration_file_location, 'w') as fout:
fout.write(slapos_proxy_configuration_content.encode('utf8'))
return slapos_proxy_configuration_file_location
def _addProxyToSupervisor(proxy_configuration_file):
"""
Create a supervisord configuration file containing informations to run
slapproxy as daemon
"""
# In the beginning God created SlapOS.
# And SlapOS was without form, and void; and darkness was upon the face of the deep.
# And God said, Let there be supervisord manager.
# But God was drunk. The result can be found by the Brave in slapgrid, but it may turn the Brave blind forever.
# So, for the sake of God, I'm not using that helper.
# XXX every path here is hardcoded, assuming default values
program_partition_template = """\
[program:slapproxy]
directory=/opt/slapos
command=%(program_command)s
process_name=slapproxy
autostart=true
autorestart=true
startsecs=0
startretries=0
exitcodes=0
stopsignal=TERM
stopwaitsecs=60
user=0
group=0
serverurl=AUTO
redirect_stderr=true
stdout_logfile=%(log_file)s
stdout_logfile_maxbytes=100KB
stdout_logfile_backups=1
stderr_logfile=%(log_file)s
stderr_logfile_maxbytes=100KB
stderr_logfile_backups=1
""" % {'log_file': '/opt/slapos/log/slapos-proxy.log',
'program_command': '/opt/slapos/bin/slapproxy %s' % proxy_configuration_file}
updateFile(
'/srv/slapgrid/etc/supervisord.conf.d/slapproxy.conf',
program_partition_template
)
def _runFormat():
"""
Launch slapos node format.
"""
# XXX: hardcoded
command = '/opt/slapos/bin/slapos node format --now -v'.split()
subprocess.Popen(command).communicate()
def do_configure(conf, logger):
"""
Generate configuration files,
Create the instance path by running slapformat (but will crash),
Add proxy to supervisor,
Run supervisor, which will run the proxy,
Run format, which will finish correctly.
"""
slapos_configuration_directory = _createDirectoryIfNotExist(
conf.slapos_configuration_directory, logger)
_generateSlaposNodeConfigurationFile(
slapos_configuration_directory,
conf.daemon_listen_ip,
conf.daemon_listen_port,
conf.interface_name,
conf.ipv4_local_network,
conf.partition_number
)
proxy_configuration_file_location = _generateSlaposProxyConfigurationFile(
slapos_configuration_directory,
conf.daemon_listen_ip,
conf.daemon_listen_port
)
_runFormat()
_addProxyToSupervisor(proxy_configuration_file_location)
# XXX hardcoded
launchSupervisord(
'/srv/slapgrid/supervisord.socket',
'/srv/slapgrid/etc/supervisord.conf',
logger=logger)
_runFormat()
return 0
# This is an example configuration file for a standalone micro slapos master
# a.k.a slapproxy
[slapproxy]
host = %(host)s
port = %(port)s
database_uri = /opt/slapos/slapproxy.db
# Below is the list of software maintained by slapos.org and contributors
# It is used to simulate a proper configuration of a real slapos master.
software_product_list =
erp5 http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.143:/software/erp5/software.cfg
erp5_branch http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/heads/erp5:/software/erp5/software.cfg
kumofs http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.141:/software/kumofs/software.cfg
kvm http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.193:/software/kvm/software.cfg
maarch http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.159:/software/maarch/software.cfg
mariadb http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.152:/software/mariadb/software.cfg
memcached http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.82:/software/memcached/software.cfg
slaposwebrunner http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.160:/software/slaprunner/software.cfg
wordpress http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.163:/software/wordpress/software.cfg
zabbixagent http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.162:/software/zabbix-agent/software.cfg
[slapos]
# Replace computer_id by the unique identifier of your computer on your SlapOS,
# Master, usually starting by COMP-
computer_id = %(computer_id)s
master_url = %(master_url)s
software_root = /opt/slapgrid
instance_root = /srv/slapgrid
[slapformat]
# Replace by your network interface providing IPv6 if you don't use re6st
interface_name = %(interface_name)s
# Change "create_tap" into "true" if you need to host KVM services
create_tap = false
partition_amount = %(partition_amount)s
computer_xml = /opt/slapos/slapos.xml
log_file = /opt/slapos/log/slapos-node-format.log
partition_base_name = slappart
user_base_name = slappart
# You can choose any other local network which does not conflict with your
# current machine configuration
ipv4_local_network = %(ipv4_local_network)
# Change to true if you want slapos to use local-only IPv6
use_unique_local_address = True
[networkcache]
# Define options for binary cache, used to download already compiled software.
download-binary-cache-url = http://www.shacache.org/shacache
download-cache-url = https://www.shacache.org/shacache
download-binary-dir-url = http://www.shacache.org/shadir
# Configuration to Upload Configuration for Binary cache
#upload-binary-dir-url = https://www.shacache.org/shadir
#upload-binary-cache-url = https://www.shacache.org/shacache
#signature_private_key_file = /etc/opt/slapos/shacache/signature.key
#signature_certificate_file = /etc/opt/slapos/shacache/signature.cert
#upload-cache-url = https://www.shacache.org/shacache
#shacache-cert-file = /etc/opt/slapos/shacache/shacache.cert
#shacache-key-file = /etc/opt/slapos/shacache/shacache.key
#upload-binary-dir-url = https://www.shacache.org/shadir
#upload-binary-cache-url = https://www.shacache.org/shacache
#upload-dir-url = https://www.shacache.org/shadir
#shadir-cert-file = /etc/opt/slapos/shacache/shacache.cert
#shadir-key-file = /etc/opt/slapos/shacache/shacache.key
# List of signatures of uploaders we trust:
# Romain Courteaud
# Sebastien Robin
# Kazuhiko Shiozaki
# Cedric de Saint Martin
# Yingjie Xu
# Gabriel Monnerat
# Lukasz Nowak
# Marco Mariani
# Test Agent Signature
signature-certificate-list =
-----BEGIN CERTIFICATE-----
MIIB4DCCAUkCADANBgkqhkiG9w0BAQsFADA5MQswCQYDVQQGEwJGUjEZMBcGA1UE
CBMQRGVmYXVsdCBQcm92aW5jZTEPMA0GA1UEChMGTmV4ZWRpMB4XDTExMDkxNTA5
MDAwMloXDTEyMDkxNTA5MDAwMlowOTELMAkGA1UEBhMCRlIxGTAXBgNVBAgTEERl
ZmF1bHQgUHJvdmluY2UxDzANBgNVBAoTBk5leGVkaTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEApYZv6OstoqNzxG1KI6iE5U4Ts2Xx9lgLeUGAMyfJLyMmRLhw
boKOyJ9Xke4dncoBAyNPokUR6iWOcnPHtMvNOsBFZ2f7VA28em3+E1JRYdeNUEtX
Z0s3HjcouaNAnPfjFTXHYj4um1wOw2cURSPuU5dpzKBbV+/QCb5DLheynisCAwEA
ATANBgkqhkiG9w0BAQsFAAOBgQBCZLbTVdrw3RZlVVMFezSHrhBYKAukTwZrNmJX
mHqi2tN8tNo6FX+wmxUUAf3e8R2Ymbdbn2bfbPpcKQ2fG7PuKGvhwMG3BlF9paEC
q7jdfWO18Zp/BG7tagz0jmmC4y/8akzHsVlruo2+2du2freE8dK746uoMlXlP93g
QUUGLQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB8jCCAVugAwIBAgIJAPu2zchZ2BxoMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNV
BAMMB3RzeGRldjMwHhcNMTExMDE0MTIxNjIzWhcNMTIxMDEzMTIxNjIzWjASMRAw
DgYDVQQDDAd0c3hkZXYzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrPbh+
YGmo6mWmhVb1vTqX0BbeU0jCTB8TK3i6ep3tzSw2rkUGSx3niXn9LNTFNcIn3MZN
XHqbb4AS2Zxyk/2tr3939qqOrS4YRCtXBwTCuFY6r+a7pZsjiTNddPsEhuj4lEnR
L8Ax5mmzoi9nE+hiPSwqjRwWRU1+182rzXmN4QIDAQABo1AwTjAdBgNVHQ4EFgQU
/4XXREzqBbBNJvX5gU8tLWxZaeQwHwYDVR0jBBgwFoAU/4XXREzqBbBNJvX5gU8t
LWxZaeQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQA07q/rKoE7fAda
FED57/SR00OvY9wLlFEF2QJ5OLu+O33YUXDDbGpfUSF9R8l0g9dix1JbWK9nQ6Yd
R/KCo6D0sw0ZgeQv1aUXbl/xJ9k4jlTxmWbPeiiPZEqU1W9wN5lkGuLxV4CEGTKU
hJA/yXa1wbwIPGvX3tVKdOEWPRXZLg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB7jCCAVegAwIBAgIJAJWA0jQ4o9DGMA0GCSqGSIb3DQEBBQUAMA8xDTALBgNV
BAMMBHg2MXMwIBcNMTExMTI0MTAyNDQzWhgPMjExMTEwMzExMDI0NDNaMA8xDTAL
BgNVBAMMBHg2MXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANdJNiFsRlkH
vq2kHP2zdxEyzPAWZH3CQ3Myb3F8hERXTIFSUqntPXDKXDb7Y/laqjMXdj+vptKk
3Q36J+8VnJbSwjGwmEG6tym9qMSGIPPNw1JXY1R29eF3o4aj21o7DHAkhuNc5Tso
67fUSKgvyVnyH4G6ShQUAtghPaAwS0KvAgMBAAGjUDBOMB0GA1UdDgQWBBSjxFUE
RfnTvABRLAa34Ytkhz5vPzAfBgNVHSMEGDAWgBSjxFUERfnTvABRLAa34Ytkhz5v
PzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAFLDS7zNhlrQYSQO5KIj
z2RJe3fj4rLPklo3TmP5KLvendG+LErE2cbKPqnhQ2oVoj6u9tWVwo/g03PMrrnL
KrDm39slYD/1KoE5kB4l/p6KVOdeJ4I6xcgu9rnkqqHzDwI4v7e8/D3WZbpiFUsY
vaZhjNYKWQf79l6zXfOvphzJ
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAO4V/jiMoICoMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMjMyMCAXDTEyMDIxNjExMTAyM1oYDzIxMTIwMTIzMTExMDIzWjAT
MREwDwYDVQQDDAhDT01QLTIzMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
wi/3Z8W9pUiegUXIk/AiFDQ0UJ4JFAwjqr+HSRUirlUsHHT+8DzH/hfcTDX1I5BB
D1ADk+ydXjMm3OZrQcXjn29OUfM5C+g+oqeMnYQImN0DDQIOcUyr7AJc4xhvuXQ1
P2pJ5NOd3tbd0kexETa1LVhR6EgBC25LyRBRae76qosCAwEAAaNQME4wHQYDVR0O
BBYEFMDmW9aFy1sKTfCpcRkYnP6zUd1cMB8GA1UdIwQYMBaAFMDmW9aFy1sKTfCp
cRkYnP6zUd1cMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAskbFizHr
b6d3iIyN+wffxz/V9epbKIZVEGJd/6LrTdLiUfJPec7FaxVCWNyKBlCpINBM7cEV
Gn9t8mdVQflNqOlAMkOlUv1ZugCt9rXYQOV7rrEYJBWirn43BOMn9Flp2nibblby
If1a2ZoqHRxoNo2yTmm7TSYRORWVS+vvfjY=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAIlBksrZVkK8MA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMzU3MCAXDTEyMDEyNjEwNTUyOFoYDzIxMTIwMTAyMTA1NTI4WjAT
MREwDwYDVQQDDAhDT01QLTM1NzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
ts+iGUwi44vtIfwXR8DCnLtHV4ydl0YTK2joJflj0/Ws7mz5BYkxIU4fea/6+VF3
i11nwBgYgxQyjNztgc9u9O71k1W5tU95yO7U7bFdYd5uxYA9/22fjObaTQoC4Nc9
mTu6r/VHyJ1yRsunBZXvnk/XaKp7gGE9vNEyJvPn2bkCAwEAAaNQME4wHQYDVR0O
BBYEFKuGIYu8+6aEkTVg62BRYaD11PILMB8GA1UdIwQYMBaAFKuGIYu8+6aEkTVg
62BRYaD11PILMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAMoTRpBxK
YLEZJbofF7gSrRIcrlUJYXfTfw1QUBOKkGFFDsiJpEg4y5pUk1s5Jq9K3SDzNq/W
it1oYjOhuGg3al8OOeKFrU6nvNTF1BAvJCl0tr3POai5yXyN5jlK/zPfypmQYxE+
TaqQSGBJPVXYt6lrq/PRD9ciZgKLOwEqK8w=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAPHoWu90gbsgMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
BAMMCXZpZmlibm9kZTAeFw0xMjAzMTkyMzIwNTVaFw0xMzAzMTkyMzIwNTVaMBQx
EjAQBgNVBAMMCXZpZmlibm9kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
ozBijpO8PS5RTeKTzA90vi9ezvv4vVjNaguqT4UwP9+O1+i6yq1Y2W5zZxw/Klbn
oudyNzie3/wqs9VfPmcyU9ajFzBv/Tobm3obmOqBN0GSYs5fyGw+O9G3//6ZEhf0
NinwdKmrRX+d0P5bHewadZWIvlmOupcnVJmkks852BECAwEAAaNQME4wHQYDVR0O
BBYEFF9EtgfZZs8L2ZxBJxSiY6eTsTEwMB8GA1UdIwQYMBaAFF9EtgfZZs8L2ZxB
JxSiY6eTsTEwMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAc43YTfc6
baSemaMAc/jz8LNLhRE5dLfLOcRSoHda8y0lOrfe4lHT6yP5l8uyWAzLW+g6s3DA
Yme/bhX0g51BmI6gjKJo5DoPtiXk/Y9lxwD3p7PWi+RhN+AZQ5rpo8UfwnnN059n
yDuimQfvJjBFMVrdn9iP6SfMjxKaGk6gVmI=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAMNZBmoIOXPBMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMTMyMCAXDTEyMDUwMjEyMDQyNloYDzIxMTIwNDA4MTIwNDI2WjAT
MREwDwYDVQQDDAhDT01QLTEzMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
6peZQt1sAmMAmSG9BVxxcXm8x15kE9iAplmANYNQ7z2YO57c10jDtlYlwVfi/rct
xNUOKQtc8UQtV/fJWP0QT0GITdRz5X/TkWiojiFgkopza9/b1hXs5rltYByUGLhg
7JZ9dZGBihzPfn6U8ESAKiJzQP8Hyz/o81FPfuHCftsCAwEAAaNQME4wHQYDVR0O
BBYEFNuxsc77Z6/JSKPoyloHNm9zF9yqMB8GA1UdIwQYMBaAFNuxsc77Z6/JSKPo
yloHNm9zF9yqMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAl4hBaJy1
cgiNV2+Z5oNTrHgmzWvSY4duECOTBxeuIOnhql3vLlaQmo0p8Z4c13kTZq2s3nhd
Loe5mIHsjRVKvzB6SvIaFUYq/EzmHnqNdpIGkT/Mj7r/iUs61btTcGUCLsUiUeci
Vd0Ozh79JSRpkrdI8R/NRQ2XPHAo+29TT70=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAL9FOtBJZBqAMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtOTIyMCAXDTEyMDkyNjE2MDkwM1oYDzIxMTIwOTAyMTYwOTAzWjAT
MREwDwYDVQQDDAhDT01QLTkyMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
wlGVd6qOsc2xrtAQ5/rpflzS14/84SE/joaujMw2GGk6EFVSOcqKLq1TnHxkcCkv
nv1NYRPK/hpQOIKcGC1f+DvXXpMJI29R/rt2b2/y1oolxXonSVigBtCQlSyDoOFN
6LBX84CI5aYMvy3mqJCvfGEFBaPqze/PVugq9IpgZg0CAwEAAaNQME4wHQYDVR0O
BBYEFJ7HWyzVKkeSYnSK4FIwcdyng/tRMB8GA1UdIwQYMBaAFJ7HWyzVKkeSYnSK
4FIwcdyng/tRMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAZQWob2ki
ie6h90FgSctozXrotb8NIis2MtLIj+WonE0wSqYefxwBmAGjB9cfWz/sNamhM4rn
BP1A2ojVhF6hOE1qvTP5YxcGXOoYTrEQSuDF1hn12WlA4vqIAz1f+4CiMJNlXPwh
7N+X2kvRpHdXAHkBOxX3j34AeCZrSpu/yDQ=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAKRvzcy7OH0UMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtNzcyMCAXDTEyMDgxMDE1NDI1MVoYDzIxMTIwNzE3MTU0MjUxWjAT
MREwDwYDVQQDDAhDT01QLTc3MjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
o7aipd6MbnuGDeR1UJUjuMLQUariAyQ2l2ZDS6TfOwjHiPw/mhzkielgk73kqN7A
sUREx41eTcYCXzTq3WP3xCLE4LxLg1eIhd4nwNHj8H18xR9aP0AGjo4UFl5BOMa1
mwoyBt3VtfGtUmb8whpeJgHhqrPPxLoON+i6fIbXDaUCAwEAAaNQME4wHQYDVR0O
BBYEFEfjy3OopT2lOksKmKBNHTJE2hFlMB8GA1UdIwQYMBaAFEfjy3OopT2lOksK
mKBNHTJE2hFlMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAaNRx6YN2
M/p3R8/xS6zvH1EqJ3FFD7XeAQ52WuQnKSREzuw0dsw12ClxjcHiQEFioyTiTtjs
5pW18Ry5Ie7iFK4cQMerZwWPxBodEbAteYlRsI6kePV7Gf735Y1RpuN8qZ2sYL6e
x2IMeSwJ82BpdEI5niXxB+iT0HxhmR+XaMI=
-----END CERTIFICATE-----
# List of URL(s) which shouldn't be downloaded from binary cache.
# Any URL beginning by a blacklisted URL will be blacklisted as well.
download-from-binary-cache-url-blacklist =
http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD
http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/heads
/
# List of URL(s) which shouldn't be uploaded into binary cache.
# Any URL beginning by a blacklisted URL will be blacklisted as well.
upload-to-binary-cache-url-blacklist =
http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD
http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/heads
/
......@@ -233,6 +233,7 @@ def slapconfig(conf):
# Put slapos configuration file
config_path = os.path.join(slap_conf_dir, 'slapos.cfg')
# XXX: We should actually get the template from the egg, not from git
cfg = fetch_configuration_template()
to_replace = [
......
......@@ -393,13 +393,29 @@ class Computer(object):
except ValueError:
pass
def construct(self, alter_user=True, alter_network=True, create_tap=True):
def _addUniqueLocalAddressIpv6(self, interface_name):
"""
Create a unique local address in the interface interface_name, so that
slapformat can build upon this.
See https://en.wikipedia.org/wiki/Unique_local_address.
"""
command = 'ip address add dev %s fd00::1/64' % interface_name
subprocess.Popen(command.split()).communicate()
def construct(self, alter_user=True, alter_network=True, create_tap=True, unique_local_address=False):
"""
Construct the computer object as it is.
"""
if alter_network and self.address is not None:
self.interface.addAddr(self.address, self.netmask)
if unique_local_address and alter_network:
if self.ipv6_interface:
network_interface_name = self.ipv6_interface
else:
network_interface_name = self.name
self._addUniqueLocalAddressIpv6(network_interface_name)
for path in self.instance_root, self.software_root:
if not os.path.exists(path):
os.makedirs(path, 0o755)
......@@ -1089,7 +1105,8 @@ def do_format(conf):
computer.construct(alter_user=conf.alter_user,
alter_network=conf.alter_network,
create_tap=conf.create_tap)
create_tap=conf.create_tap,
unique_local_address=conf.use_unique_local_address_block)
if getattr(conf, 'certificate_repository_path', None):
mkdir_p(conf.certificate_repository_path, mode=0o700)
......@@ -1117,6 +1134,7 @@ class FormatConfig(object):
output_definition_file = None
dry_run = None
software_user = None
use_unique_local_address_block = None
def __init__(self, logger):
self.logger = logger
......@@ -1184,9 +1202,11 @@ class FormatConfig(object):
self.software_user = 'slapsoft'
if self.create_tap is None:
self.create_tap = True
if self.use_unique_local_address_block is None:
self.use_unique_local_address_block = False
# Convert strings to booleans
for option in ['alter_network', 'alter_user', 'create_tap']:
for option in ['alter_network', 'alter_user', 'create_tap', 'use_unique_local_address_block']:
attr = getattr(self, option)
if isinstance(attr, str):
if attr.lower() == 'true':
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment