- 12 Jan, 2024 4 commits
-
-
Jérome Perrin authored
This reverts commit 620c9332 (stack/erp5: stop using caucase managed certificate for balancer, 2020-11-10) with an updated design. We add a caucase service for balancer in the balancer partition. The caucase service from the root partition (that was not used) is removed. The underlying idea is that the default configuration should use multiple caucases with limited scope, here we have one caucase to manage the certificate used by haproxy server in the balancer partition, so we put one caucase to manage this certificate and the caucase is configured to auto-accept one certificate only. The plan is that when we will add a certificate for mariadb server, we'll add another caucase inside this mariadb server. For more advanced usage and also to support the cases where a new certificate needs to be re-emitted for some reason, users can request with an existing caucase URL. In that case, they will have to accept the certificate requests. Notable changes: balancer/ssl/caucase-url is no longer documented in parameters, this is an internal parameter, users can pass one global caucase service to manage all partition CAUCASE environment variable is no longer set when running zope. There was no identified use case and with this new approach of multiple caucases, the term "caucase" alone became ambiguous.
-
Jérome Perrin authored
This is not documented in schema and has no effect in erp5 (but this is still used for slapos-master)
-
Jérome Perrin authored
-
Jérome Perrin authored
This change the format or the (mostly) unused frontend parameter to support requesting more than one frontend and also enable the request of a frontend by default, so that requesting a frontend separately is no longer needed. The `frontend` parameter now also supports requesting frontends for specific paths on the ERP5 backend, the example below requests a frontend serving directly a web site, with the necessary rewrite rules: ```js { "frontend": { "default": { "internal-path": "/erp5/web_site_module/renderjs_runner/" } } } ``` The example below requests a default frontend to the erp5 root, to access the ZMI or erp5_xhtml_style interface and two web sites: ```js { "frontend": { "default": {}, "erp5js": { "internal-path": "/erp5/web_site_module/renderjs_runner/" }, "crm": { "internal-path": "/erp5/web_site_module/erp5_officejs_support_request_ui/" } } } ``` The example below has an explicit definition of the zope families using `zope-partition-dict` parameter, because there is more than one zope family, no frontend is requested by default: ```js { "zope-partition-dict": { "backoffice": { "family": "backoffice" }, "web": { "family": "web" }, "activities": { "family": "activities" } } } ``` Continuing this example, to have frontends for backoffice and web families, the frontend request can specify the families, like it is demonstrated in the example below. In this example, we don't specify an entry for "activities" family, so no frontend will be requested for this family. ```js { "frontend": { "backoffice": { "zope-family": "backoffice" }, "web": { "zope-family": "web", "internal-path": "/erp5/web_site_module/web_site/" } } "zope-partition-dict": { "backoffice": { "family": "backoffice" }, "web": { "family": "web" }, "activities": { "family": "activities" } } } ```
-
- 11 Jan, 2024 3 commits
-
-
Jérome Perrin authored
-
Jérome Perrin authored
These partition references should be kept short, they are a mechanism to use a short path for unix sockets, because unix socket paths can not exceed 108 characters. When running the test in theia, this was causing errors: # [ALERT] (100453) : config : parsing [/srv/slapgrid/slappart15/srv/runner/instance/slappart7/tmp/inst/with-max-rlimit-nofile6/etc/haproxy.cfg:37] : log : socket path '/srv/slapgrid/slappart15/srv/runner/instance/slappart7/tmp/inst/with-max-rlimit-nofile6/var/run/log.sock' too long (max 97
-
Jérome Perrin authored
-
- 05 Jan, 2024 1 commit
-
-
Kirill Smelkov authored
Currently, due to ensure_ascii=True default of json.dumps, we are insisting on our JSON schemas to be ascii-only and all other characters to be represented by \uxxxx escapes. So far this was not problematic as all our schemas contains only ASCII characters, but upcoming ors-amarisoft changes want to use e.g. "→" symbol: https://lab.nexedi.com/kirr/slapos/blob/b51f5523/software/ors-amarisoft/software.cfg.json#L15 which currently results in failure of json-schema test: FAIL: test_ors-amarisoft_software_cfg_json_format (slapos.test.test_json_schema.TestJSONSchemaValidation) ... First differing element 14: ' "title": "\\u2192 eNB/gNB | Radio Unit",' ' "title": "→ eNB/gNB | Radio Unit",' And in general, in 2023 I think there is no reason to insist on our schemas to be ASCII-only: say if one wants to describe something about "α" parameter. It would be good to use that α character directly and seeing it in the editor, instead of using escapes all the time. As indicated by below stackoverflow answer "JSON spec requires UTF-8 support by decoders": https://stackoverflow.com/a/594881/9456786 , and indeed checking JSON specification also confirms that by default JSON decoders shall use UTF-8: https://datatracker.ietf.org/doc/html/rfc7159#section-8.1 This way, I think, we can switch to UTF-8 safely. /reviewed-by @jerome, @lu.xu /reviewed-on nexedi/slapos!1498
-
- 04 Jan, 2024 1 commit
-
-
Thomas Gambier authored
-
- 02 Jan, 2024 3 commits
-
-
Łukasz Nowak authored
-
Ivan Tyagov authored
See merge request nexedi/slapos!1499
-
Ivan Tyagov authored
-
- 29 Dec, 2023 1 commit
-
-
Lu Xu authored
-
- 28 Dec, 2023 3 commits
-
-
Levin Zimmermann authored
/reviewed-by @kirr and @jerome /reviewed-on nexedi/slapos!1494
-
Levin Zimmermann authored
wendelin.core 2.0.alpha3.post9 supports golang 1.21: with this new version we can set golang 1.21 as the new default. /reviewed-by @kirr and @jerome /reviewed-on nexedi/slapos!1494
-
Levin Zimmermann authored
Go1.21 already has the fifth minor revision (released 2023-12-05) and should therefore already be sufficiently stable. Furthermore we need it to fix a bug in a NEO/go dependency [1]. Please find all details in the official release note: https://go.dev/doc/go1.21 It was released on 2023-08-08 [2]. Due to the go promise of compatibility most software should still compile without any problems. In golang < 1.21 we needed to patch golang to fix https://github.com/golang/go/issues/42525. In golang 1.21 we still need to apply a fix, but can't apply the old patch because the code changed. In golang > 1.21 this problem is already fixed with https://go-review.googlesource.com/c/go/+/520055. Because of https://github.com/golang/go/commit/092671423cd95eaa6df93eb29442fef41504d097 'TestUnshareMountNameSpace' fails on golang 1.21 [3]. In golang 1.20 this test was skipped [4]. To fix this failure the additional patch 'skip-unshare-mount-test.patch' has been added. --- [1] nexedi/wendelin.core!22 (comment 195769)] [2] https://go.dev/doc/devel/release [3] --- FAIL: TestUnshareMountNameSpace (0.18s) exec_linux_test.go:243: unshare failed: exit status 2 unshare: mount /tmp/TestUnshareMountNameSpace2210137852/001 failed: 0x1 [4] === RUN TestUnshareMountNameSpace exec_linux_test.go:333: kernel prohibits unshare in unprivileged process, unless using user namespace — SKIP: TestUnshareMountNameSpace (0.00s) /reviewed-by @kirr and @jerome /reviewed-on nexedi/slapos!1494
-
- 25 Dec, 2023 8 commits
-
-
Jérome Perrin authored
-
Jérome Perrin authored
This version is compatible with gcc 12
-
Jérome Perrin authored
-
Jérome Perrin authored
using https://github.com/ilevkivskyi/com2ann
-
Jérome Perrin authored
drop versions not running on debian 12 and add new versions
-
Jérome Perrin authored
This was disabled to "keep compatibility with current font selection problems", but I don't think we need to care about compatibility for this. This was anyway causing a problem that system fontconfig will be used if it's available, so it's better to define things explictly to prevent falling back to system configuration.
-
Jérome Perrin authored
This caused cloudooo to select different fonts, because LibreOffice-bin comes with some Noto fonts and fontconfig now prefers Noto font
-
Jérome Perrin authored
Testing conversion of HTML with font-family:"FontFamily FontVariant" CSS rule does not really make sense. Remove a few cases for which the behavior is not stable.
-
- 20 Dec, 2023 1 commit
-
-
Titouan Soulard authored
Using RegExp to validate hostnames is a bad practice, and has a lot of reasons to be wrong. On top of that, the JSON Schema specification allows, since draft 7, to validate hostnames against an IDN hostname, by using the `idn-hostname` format. With these changes, IDN are now supported (.рф and .中國 for instance), and long TLD should not be a problem anymore.
-
- 19 Dec, 2023 1 commit
-
-
Jérome Perrin authored
With backported fixes so that old software supports debian 12
-
- 18 Dec, 2023 2 commits
-
-
Jérome Perrin authored
In 9636d79c (Nextcloud Upgrade fixes, 2023-12-13) parameter changed: - instance.trusted-domain-* parameters are replaced by instance.trusted-domain-list - the frontend is part of trusted domain, so with "bypassed" frontends from slapos proxy the backend appears twice (because the backend URL is returned as frontend URL)
-
Jérome Perrin authored
This actually updates firefox from version 68 to version 115
-
- 15 Dec, 2023 1 commit
-
-
Jérome Perrin authored
So that we can see when something changes.
-
- 14 Dec, 2023 6 commits
-
-
Lu Xu authored
-
Lu Xu authored
-
Lu Xu authored
Use runTestSuite interface to launch tests that request instances on actual SlapOS cloud.
-
Jérome Perrin authored
-
Jérome Perrin authored
-
- 13 Dec, 2023 5 commits
-
-
Jérome Perrin authored
As described in https://github.com/msgpack/msgpack-python#major-breaking-changes-in-msgpack-10 raw is False by default for unpacker so we receive strings, not bytes
-
Alain Takoudjou authored
See merge request nexedi/slapos!1490
-
Jérome Perrin authored
ZODB4 does not support python3
-
Jérome Perrin authored
These must be installed through dependencies, but we explicitly need scripts from supervisor because this is used by slapos-core tests
-
Jérome Perrin authored
on python3 we use lzma directly
-