Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Labels
Merge Requests
104
Merge Requests
104
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Jobs
Commits
Open sidebar
nexedi
slapos
Commits
93d599bc
Commit
93d599bc
authored
Nov 20, 2012
by
Marco Mariani
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
manual port of changes on lapp-resilient over this new branch
parent
d6a9aaa4
Changes
9
Show whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
670 additions
and
11 deletions
+670
-11
setup.py
setup.py
+2
-0
slapos/recipe/postgres/__init__.py
slapos/recipe/postgres/__init__.py
+56
-0
stack/lapp/apache/instance-apache-backup.cfg.in
stack/lapp/apache/instance-apache-backup.cfg.in
+197
-0
stack/lapp/buildout.cfg
stack/lapp/buildout.cfg
+52
-2
stack/lapp/instance-resilient.cfg
stack/lapp/instance-resilient.cfg
+172
-0
stack/lapp/instance.cfg.in
stack/lapp/instance.cfg.in
+11
-0
stack/lapp/postgres/instance-postgres-export.cfg.in
stack/lapp/postgres/instance-postgres-export.cfg.in
+18
-0
stack/lapp/postgres/instance-postgres-import.cfg.in
stack/lapp/postgres/instance-postgres-import.cfg.in
+13
-0
stack/lapp/postgres/instance-postgres.cfg.in
stack/lapp/postgres/instance-postgres.cfg.in
+149
-9
No files found.
setup.py
View file @
93d599bc
...
...
@@ -111,6 +111,8 @@ setup(name=name,
'onetimeupload = slapos.recipe.onetimeupload:Recipe'
,
'pbs = slapos.recipe.pbs:Recipe'
,
'postgres = slapos.recipe.postgres:Recipe'
,
'postgres.import = slapos.recipe.postgres:ImportRecipe'
,
'postgres.export = slapos.recipe.postgres:ExportRecipe'
,
'maarch.configuration = slapos.recipe.maarch.configuration:Recipe'
,
'proactive = slapos.recipe.proactive:Recipe'
,
'publish = slapos.recipe.publish:Recipe'
,
...
...
slapos/recipe/postgres/__init__.py
View file @
93d599bc
...
...
@@ -201,3 +201,59 @@ class Recipe(GenericBaseRecipe):
self
.
createExecutable
(
name
,
content
=
content
)
class
ExportRecipe
(
GenericBaseRecipe
):
def
install
(
self
):
pgdata
=
self
.
options
[
'pgdata-directory'
]
ret
=
[]
if
not
os
.
path
.
exists
(
pgdata
):
wrapper
=
self
.
options
[
'wrapper'
]
self
.
createBackupScript
(
wrapper
)
ret
.
append
(
wrapper
)
return
ret
def
createBackupScript
(
self
,
wrapper
):
"""
Create a script to backup the database in plain SQL format.
"""
content
=
textwrap
.
dedent
(
"""
\
#!/bin/sh
umask 077
%(bin)s/pg_dump -h %(pgdata-directory)s -f %(backup-directory)s/backup.sql %(dbname)s
"""
%
self
.
options
)
self
.
createExecutable
(
wrapper
,
content
=
content
)
class
ImportRecipe
(
GenericBaseRecipe
):
def
install
(
self
):
pgdata
=
self
.
options
[
'pgdata-directory'
]
ret
=
[]
if
not
os
.
path
.
exists
(
pgdata
):
wrapper
=
self
.
options
[
'wrapper'
]
self
.
createRestoreScript
(
wrapper
)
ret
.
append
(
wrapper
)
return
ret
def
createRestoreScript
(
self
,
wrapper
):
"""
Create a script to backup the database in plain SQL format.
"""
content
=
textwrap
.
dedent
(
"""
\
#!/bin/sh
%(bin)s/pg_restore -h %(pgdata-directory)s -d %(dbname)s %(backup-directory)s/backup.sql
"""
%
self
.
options
)
self
.
createExecutable
(
wrapper
,
content
=
content
)
stack/lapp/apache/instance-apache-backup.cfg.in
0 → 100644
View file @
93d599bc
[buildout]
parts =
urls
apache-proxy
logrotate
logrotate-entry-apache
cron
cron-entry-logrotate
sshkeys-authority
sshkeys-dropbear
dropbear-server
dropbear-server-pbs-authorized-key
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
#----------------
#--
#-- Creation of all needed directories.
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
var = $${buildout:directory}/var
srv = $${buildout:directory}/srv
bin = $${buildout:directory}/bin
tmp = $${buildout:directory}/tmp
[basedirectory]
recipe = slapos.cookbook:mkdirectory
log = $${rootdirectory:var}/log
services = $${rootdirectory:etc}/run
run = $${rootdirectory:var}/run
backup = $${rootdirectory:srv}/backup
promises = $${rootdirectory:etc}/promise
[directory]
recipe = slapos.cookbook:mkdirectory
htdocs = $${rootdirectory:srv}/www
logrotate-entries = $${rootdirectory:etc}/logrotate.d
logrotate-backup = $${basedirectory:backup}/logrotate
cronstamps = $${rootdirectory:etc}/cronstamps
cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs
ssh = $${rootdirectory:etc}/ssh
sshkeys = $${rootdirectory:srv}/sshkeys
httpd-log = $${basedirectory:log}/apache
#----------------
#--
#-- Deploy cron.
[cron]
recipe = slapos.cookbook:cron
dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps}
catcher = $${cron-simplelogger:wrapper}
binary = $${basedirectory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = $${rootdirectory:bin}/cron_simplelogger
log = $${basedirectory:log}/crond.log
#----------------
#--
#-- Deploy logrotate.
[cron-entry-logrotate]
<= cron
recipe = slapos.cookbook:cron.d
name = logrotate
frequency = 0 0 * * *
command = $${logrotate:wrapper}
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
gzip-binary = ${gzip:location}/bin/gzip
gunzip-binary = ${gzip:location}/bin/gunzip
# Directories
wrapper = $${rootdirectory:bin}/logrotate
conf = $${rootdirectory:etc}/logrotate.conf
logrotate-entries = $${directory:logrotate-entries}
backup = $${directory:logrotate-backup}
state-file = $${rootdirectory:srv}/logrotate.status
#----------------
#--
#-- sshkeys
[sshkeys-directory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:sshkeys}/requests
keys = $${directory:sshkeys}/keys
[sshkeys-authority]
recipe = slapos.cookbook:sshkeys_authority
request-directory = $${sshkeys-directory:requests}
keys-directory = $${sshkeys-directory:keys}
wrapper = $${basedirectory:services}/sshkeys_authority
keygen-binary = ${dropbear:location}/bin/dropbearkey
[sshkeys-dropbear]
<= sshkeys-authority
recipe = slapos.cookbook:sshkeys_authority.request
name = dropbear
type = rsa
executable = $${dropbear-server:wrapper}
public-key = $${dropbear-server:rsa-keyfile}.pub
private-key = $${dropbear-server:rsa-keyfile}
wrapper = $${basedirectory:services}/sshd
#----------------
#--
#-- Dropbear.
[dropbear-server]
recipe = slapos.cookbook:dropbear
host = $${slap-network-information:global-ipv6}
port = 2222
home = $${directory:ssh}
wrapper = $${rootdirectory:bin}/raw_sshd
shell = $${rdiff-backup-server:wrapper}
rsa-keyfile = $${directory:ssh}/server_key.rsa
dropbear-binary = ${dropbear:location}/sbin/dropbear
[dropbear-server-pbs-authorized-key]
<= dropbear-server
recipe = slapos.cookbook:dropbear.add_authorized_key
key = $${slap-parameter:authorized-key}
#----------------
#--
#-- rdiff
[rdiff-backup-server]
recipe = slapos.cookbook:pbs
client = false
path = $${directory:htdocs}
wrapper = $${rootdirectory:bin}/rdiffbackup-server
rdiffbackup-binary = ${buildout:bin-directory}/rdiff-backup
#----------------
#--
#-- Apache Proxy.
[apache-proxy]
recipe = slapos.cookbook:apacheproxy
url = $${slap-parameter:proxy-url}
pid-file = $${basedirectory:run}/apache.pid
lock-file = $${basedirectory:run}/apache.lock
ip = $${slap-network-information:global-ipv6}
port = 8080
error-log = $${directory:httpd-log}/error.log
access-log = $${directory:httpd-log}/access.log
httpd-conf = $${rootdirectory:etc}/apache.conf
wrapper = $${basedirectory:services}/apache
promise = $${basedirectory:promises}/apache
httpd-binary = ${apache:location}/bin/httpd
[logrotate-entry-apache]
<= logrotate
recipe = slapos.cookbook:logrotate.d
name = apache
log = $${apache-proxy:error-log} $${apache-proxy:access-log}
frequency = daily
rotate-num = 30
sharedscripts = true
notifempty = true
create = true
#----------------
#--
#-- Publish instance parameters.
[urls]
recipe = slapos.cookbook:publish
url = http://[$${apache-proxy:ip}]:$${apache-proxy:port}/
ssh-public-key = $${sshkeys-dropbear:public-key-value}
ssh-url = ssh://nobody@[$${dropbear-server:host}]:$${dropbear-server:port}/$${rdiff-backup-server:path}
stack/lapp/buildout.cfg
View file @
93d599bc
[buildout]
parts =
apache-php-postgres
rdiff-backup
dropbear
eggs
instance
psycopg2
instance-apache-php
instance-postgres
#Contains the importer and exporter recipes for postgres
instance-postgres-import
instance-postgres-export
instance-default-root
extends =
../resilient/buildout.cfg
../../component/apache/buildout.cfg
../../component/apache-php/buildout.cfg
../../component/dash/buildout.cfg
...
...
@@ -18,10 +27,16 @@ extends =
../../component/logrotate/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/postgresql/buildout.cfg
../../component/rdiff-backup/buildout.cfg
../../component/stunnel/buildout.cfg
../../component/dropbear/buildout.cfg
../slapos.cfg
# XXX TODO
#[instance-recipe]
#egg = slapos.cookbook
#module = lamp.request
#----------------
#-- Application-specific part (maarch, etc.)
...
...
@@ -38,7 +53,7 @@ strip-top-level-dir = true
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
output = ${buildout:directory}/instance.cfg
md5sum =
35d440866b4253dfa9f5ff291835fa50
md5sum =
1aaf3ea7b14e09e66904bdb80e3cfe2f
mode = 0644
[instance-apache-php]
...
...
@@ -48,14 +63,49 @@ output = ${buildout:directory}/instance-apache-php.cfg
md5sum = fb34918c73ba242ffc08dfd7745367b3
mode = 0644
[instance-apache-backup]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/apache/instance-apache-backup.cfg.in
output = ${buildout:directory}/instance-apache-backup.cfg
md5sum = 48f969d82319a9d145570f5f0fd27672
mode = 0644
[template-resilient-lapp]
recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/template-resilient.cfg.in
rendered = ${buildout:directory}/instance-resilient.cfg
context = key templateapache instance-apache-php:output
key dropbear dropbear:location
key buildout buildout:bin-directory
import-list = file parts template-parts:destination
file replicated template-replicated:destination
md5sum = 29b44a5783263581bf2258de9e994a57
mode = 0644
[instance-postgres]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/postgres/instance-postgres.cfg.in
output = ${buildout:directory}/instance-postgres.cfg
md5sum =
1dd96699e54575d8787295a4c29f1ddb
md5sum =
c2e7b95e457857d35f687a67424363a4
mode = 0644
[instance-postgres-import]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/postgres/instance-postgres-import.cfg.in
output = ${buildout:directory}/instance-postgres-import.cfg
md5sum = feb43a65eefd9c5dea8e7d3551465956
mode = 0644
[instance-postgres-export]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/postgres/instance-postgres-export.cfg.in
output = ${buildout:directory}/instance-postgres-export.cfg
md5sum = 7bce31bc22a731a8fc6119aee96586f5
mode = 0644
#----------------
...
...
stack/lapp/instance-resilient.cfg
0 → 100644
View file @
93d599bc
{% import 'parts' as parts %}
{% import 'replicated' as replicated %}
[buildout]
extends =
{{templateapache}}
parts =
{{ parts.replicate("postgres","3") }}
request-apache-backup-1
request-apache-backup-2
request-pull-backup-server-apache-1
request-pull-backup-server-apache-backup-1
request-pull-backup-server-apache-2
request-pull-backup-server-apache-backup-2
publish-connection-informations
apache-php
stunnel
certificate-authority
ca-stunnel
logrotate
logrotate-entry-apache
logrotate-entry-stunnel
cron
cron-entry-logrotate
dropbear-server
sshkeys-authority
dropbear-server-pbs-authorized-key
request-pull-backup-server
{{ replicated.replicate("postgres", "3", "postgres-export", "postgres-import") }}
[request-pull-backup-server]
<= request-pbs-common
name = PBS (Pull Backup Server)
return = ssh-key notification-url feeds-url
slave = false
[sshkeys-directory]
recipe = slapos.cookbook:mkdirectory
requests = ${directory:sshkeys}/requests
keys = ${directory:sshkeys}/keys
[sshkeys-authority]
recipe = slapos.cookbook:sshkeys_authority
request-directory = ${sshkeys-directory:requests}
keys-directory = ${sshkeys-directory:keys}
wrapper = ${basedirectory:services}/sshkeys_authority
keygen-binary = {{dropbear}}/bin/dropbearkey
[sshkeys-dropbear]
<= sshkeys-authority
recipe = slapos.cookbook:sshkeys_authority.request
name = dropbear
type = rsa
executable = ${dropbear-server:wrapper}
public-key = ${dropbear-server:rsa-keyfile}.pub
private-key = ${dropbear-server:rsa-keyfile}
wrapper = ${basedirectory:services}/sshd
[dropbear-server]
recipe = slapos.cookbook:dropbear
host = ${slap-network-information:global-ipv6}
port = 2222
home = ${directory:ssh}
wrapper = ${rootdirectory:bin}/raw_sshd
shell = ${rdiff-backup-server:wrapper}
rsa-keyfile = ${directory:ssh}/server_key.rsa
dropbear-binary = {{dropbear}}/sbin/dropbear
[dropbear-server-pbs-authorized-key]
<= dropbear-server
recipe = slapos.cookbook:dropbear.add_authorized_key
key = ${request-pull-backup-server:connection-ssh-key}
[rdiff-backup-server]
<= apache-php
recipe = slapos.cookbook:pbs
client = false
path = ${apache-php:htdocs}
wrapper = ${rootdirectory:bin}/rdiffbackup-server
rdiffbackup-binary = {{buildout}}/rdiff-backup
[request-apache-backup-1]
<= slap-connection
recipe = slapos.cookbook:request
name = Apache Backup 1
software-url = ${slap-connection:software-release-url}
software-type = apache-backup
return = url ssh-url ssh-public-key
config = authorized-key proxy-url
config-authorized-key = ${request-pull-backup-server:connection-ssh-key}
config-proxy-url = ${publish-connection-informations:url}
[request-apache-backup-2]
<= slap-connection
recipe = slapos.cookbook:request
name = Apache Backup 2
software-url = ${slap-connection:software-release-url}
software-type = apache-backup
return = url ssh-url ssh-public-key
config = authorized-key proxy-url
config-authorized-key = ${request-pull-backup-server:connection-ssh-key}
config-proxy-url = ${publish-connection-informations:url}
[request-pull-backup-server-apache-1]
<= request-pbs-common
name = PBS pulling from Apache 1
config = url name type server-key notify notification-id frequency
config-url = ssh://nobody@[${dropbear-server:host}]:${dropbear-server:port}/${rdiff-backup-server:path}
config-name = ${slap-connection:computer-id}-${slap-connection:partition-id}-apache
config-type = pull
config-server-key = ${sshkeys-dropbear:public-key-value}
config-notify = ${request-pull-backup-server:connection-notification-url}
config-notification-id = ${slap-connection:computer-id}-${slap-connection:partition-id}-apache-pull
config-frequency = 30 * * * *
slave = true
sla = instance_guid
sla-instance_guid = ${request-pull-backup-server:instance_guid}
[request-pull-backup-server-apache-2]
<= request-pbs-common
name = PBS pulling from Apache 2
config = url name type server-key notify notification-id frequency
config-url = ssh://nobody@[${dropbear-server:host}]:${dropbear-server:port}/${rdiff-backup-server:path}
config-name = ${slap-connection:computer-id}-${slap-connection:partition-id}-apache
config-type = pull
config-server-key = ${sshkeys-dropbear:public-key-value}
config-notify = ${request-pull-backup-server:connection-notification-url}
config-notification-id = ${slap-connection:computer-id}-${slap-connection:partition-id}-apache-pull
config-frequency = 30 * * * *
slave = true
sla = instance_guid
sla-instance_guid = ${request-pull-backup-server:instance_guid}
[request-pull-backup-server-apache-backup-1]
<= request-pbs-common
name = PBS pushing to ${request-apache-backup-1:name}
config = url name type server-key on-notification
config-url = ${request-apache-backup-1:connection-ssh-url}
config-name = ${request-pull-backup-server-apache-1:config-name}
config-type = push
config-server-key = ${request-apache-backup-1:connection-ssh-public-key}
config-on-notification = ${request-pull-backup-server:connection-feeds-url}${request-pull-backup-server-apache-1:config-notification-id}
slave = true
sla = instance_guid
sla-instance_guid = ${request-pull-backup-server:instance_guid}
[request-pull-backup-server-apache-backup-2]
<= request-pbs-common
name = PBS pushing to ${request-apache-backup-2:name}
config = url name type server-key on-notification
config-url = ${request-apache-backup-2:connection-ssh-url}
config-name = ${request-pull-backup-server-apache-2:config-name}
config-type = push
config-server-key = ${request-apache-backup-2:connection-ssh-public-key}
config-on-notification = ${request-pull-backup-server:connection-feeds-url}${request-pull-backup-server-apache-2:config-notification-id}
slave = true
sla = instance_guid
sla-instance_guid = ${request-pull-backup-server:instance_guid}
[directory]
ssh = ${rootdirectory:etc}/ssh
sshkeys = ${rootdirectory:srv}/sshkeys
stack/lapp/instance.cfg.in
View file @
93d599bc
[buildout]
parts =
switch_softwaretype
...
...
@@ -10,4 +11,14 @@ offline = true
recipe = slapos.cookbook:softwaretype
default = ${instance-default-root:output}
apache = ${instance-apache-php:output}
resilient = ${template-resilient-lapp:rendered}
postgres = ${instance-postgres:output}
postgres-import = ${instance-postgres-import:output}
postgres-export = ${instance-postgres-export:output}
apache-backup = ${instance-apache-backup:output}
#frozen creates a syntax error, meaning it can keep its data.
#It's dirty as hell, it needs to be replaced.
frozen = ${instance-frozen:output}
pull-backup = ${template-pull-backup:output}
stack/lapp/postgres/instance-postgres-export.cfg.in
0 → 100644
View file @
93d599bc
[buildout]
extends = ${instance-postgres:output}
${pbsready-export:output}
parts +=
urls
postgres-instance
postgres-promise
[exporter]
recipe = slapos.cookbook:postgres.export
wrapper = $${rootdirectory:bin}/$${slap-parameter:namebase}-exporter
bin = $${postgres-instance:bin}
pgdata-directory = $${postgres-instance:pgdata-directory}
backup-directory = $${postgres-instance:backup-directory}
dbname = $${postgres-instance:dbname}
stack/lapp/postgres/instance-postgres-import.cfg.in
0 → 100644
View file @
93d599bc
[buildout]
extends = ${instance-postgres:output}
${pbsready-import:output}
parts += postgres-instance
[importer]
recipe = slapos.cookbook:postgres.import
wrapper = $${rootdirectory:bin}/resilient-importer
bin = $${postgres-instance:bin}
pgdata-directory = $${postgres-instance:pgdata-directory}
backup-directory = $${postgres-instance:backup-directory}
dbname = $${postgres-instance:dbname}
stack/lapp/postgres/instance-postgres.cfg.in
View file @
93d599bc
...
...
@@ -3,8 +3,18 @@ parts =
urls
postgres-instance
postgres-promise
stunnel
certificate-authority
ca-stunnel
logrotate
logrotate-entry-stunnel
logrotate-entry-cron
cron
cron-entry-logrotate
slapmonitor
slapreport
gzip-binary = ${gzip:location}/bin/gzip
# Define egg directories to be the one from Software Release
# (/opt/slapgrid/...)
...
...
@@ -29,6 +39,8 @@ recipe = slapos.cookbook:mkdirectory
log = $${rootdirectory:var}/log
services = $${rootdirectory:etc}/run
run = $${rootdirectory:var}/run
script = $${rootdirectory:etc}/script
backup = $${rootdirectory:srv}/backup
promises = $${rootdirectory:etc}/promise
[directory]
...
...
@@ -36,6 +48,10 @@ recipe = slapos.cookbook:mkdirectory
cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps
ca-dir = $${rootdirectory:srv}/ssl
logrotate-backup = $${basedirectory:backup}/logrotate
stunnel-conf = $${rootdirectory:etc}/stunnel
logrotate-entries = $${rootdirectory:etc}/logrotate.d
#----------------
...
...
@@ -59,16 +75,93 @@ log = $${basedirectory:log}/crond.log
#----------------
#--
#--
Fetches parameters defined in SlapOS Master for this instance
#--
Deploy logrotate.
[instance-parameters]
recipe = slapos.cookbook:slapconfiguration
computer = $${slap-connection:computer-id}
partition = $${slap-connection:partition-id}
url = $${slap-connection:server-url}
key = $${slap-connection:key-file}
cert = $${slap-connection:cert-file}
[cron-entry-logrotate]
<= cron
recipe = slapos.cookbook:cron.d
name = logrotate
frequency = 0 0 * * *
command = $${logrotate:wrapper}
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
gzip-binary = $${buildout:gzip-binary}
gunzip-binary = ${gzip:location}/bin/gunzip
# Directories
wrapper = $${rootdirectory:bin}/logrotate
conf = $${rootdirectory:etc}/logrotate.conf
logrotate-entries = $${directory:logrotate-entries}
backup = $${directory:logrotate-backup}
state-file = $${rootdirectory:srv}/logrotate.status
[logrotate-entry-stunnel]
<= logrotate
recipe = slapos.cookbook:logrotate.d
name = stunnel
log = $${stunnel:log-file}
frequency = daily
rotate-num = 30
notifempty = true
create = true
post = $${stunnel:post-rotate-script}
[logrotate-entry-cron]
<= logrotate
recipe =slapos.cookbook:logrotate.d
name = crond
log = $${cron-simplelogger:log}
frequency = daily
rotate-num = 30
notifempty = true
create = true
#----------------
#--
#-- Deploy stunnel.
#-- XXX This is actually not needed with Postgres.
[stunnel]
recipe = slapos.cookbook:stunnel
stunnel-binary = ${stunnel:location}/bin/stunnel
wrapper = $${rootdirectory:bin}/stunnel
log-file = $${basedirectory:log}/stunnel.log
config-file = $${directory:stunnel-conf}/stunnel.conf
key-file = $${directory:stunnel-conf}/stunnel.key
cert-file = $${directory:stunnel-conf}/stunnel.crt
pid-file = $${basedirectory:run}/stunnel.pid
local-host = $${postgres-instance:ip} # XXX we don't need tunnel
local-port = $${postgres-instance:port} # XXX we don't need tunnel
remote-host = $${slap-network-information:global-ipv6}
remote-port = 6446
client = false
post-rotate-script = $${rootdirectory:bin}/stunnel_post_rotate
#----------------
#--
#-- Certificate stuff.
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${directory:ca-dir}
requests-directory = $${cadirectory:requests}
wrapper = $${basedirectory:services}/ca
ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts}
ca-crl = $${cadirectory:crl}
[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:ca-dir}/requests/
private = $${directory:ca-dir}/private/
certs = $${directory:ca-dir}/certs/
newcerts = $${directory:ca-dir}/newcerts/
crl = $${directory:ca-dir}/crl/
#----------------
#--
...
...
@@ -80,13 +173,22 @@ ipv6_host = $${slap-network-information:global-ipv6}
user = postgres
port = 5432
dbname = db
# XXX the next line is required by stunnel, not by us
ip = $${slap-network-information:local-ipv4}
# pgdata_directory is created by initdb, and should not exist beforehand.
pgdata-directory = $${rootdirectory:var}/data
backup-directory = $${basedirectory:backup}
services = $${basedirectory:services}
bin = $${rootdirectory:bin}
dependency-symlinks = $${symlinks:recipe}
[ca-stunnel]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
executable = $${stunnel:wrapper}
wrapper = $${basedirectory:services}/stunnel
key-file = $${stunnel:key-file}
cert-file = $${stunnel:cert-file}
#----------------
#--
...
...
@@ -98,6 +200,32 @@ symlink_target = $${rootdirectory:bin}
symlink_base = ${postgresql:location}/bin
#----------------
#--
#-- Deploy slapmonitor.
[slapmonitor]
recipe = slapos.cookbook:slapmonitor
pid-file = $${basedirectory:run}/mariadb.pid
database-path = $${basedirectory:log}/slapmonitor.db
shell-path = ${dash:location}/bin/dash
slapmonitor-path = ${buildout:bin-directory}/slapmonitor
path = $${basedirectory:services}/slapmonitor
[slapreport]
recipe = slapos.cookbook:slapreport
pid-file = $${basedirectory:run}/mariadb.pid
database-path = $${basedirectory:log}/slapmonitor.db
consumption-log-path = $${basedirectory:log}/instance_consumption.log
logbox-ip = 87.98.152.12
logbox-port = 5122
logbox-user = admin
logbox-passwd = passer
shell-path = ${dash:location}/bin/dash
slapreport-path = ${buildout:bin-directory}/slapreport
path = $${basedirectory:services}/slapreport
#----------------
#--
#-- Deploy promise scripts.
...
...
@@ -117,3 +245,15 @@ port = $${postgres-instance:port}
recipe = slapos.cookbook:publishurl
url = $${postgres-instance:url}
#----------------
#--
#-- Fetches parameters defined in SlapOS Master for this instance
[instance-parameters]
recipe = slapos.cookbook:slapconfiguration
computer = $${slap-connection:computer-id}
partition = $${slap-connection:partition-id}
url = $${slap-connection:server-url}
key = $${slap-connection:key-file}
cert = $${slap-connection:cert-file}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment