software/slaprunner: auto-restart services on SR upgrade.

142d35d8 · Guillaume Hervier · a398f5cb · 142d35d8 · 142d35d8
Commit 142d35d8 authored Sep 24, 2018 by Guillaume Hervier
Hide whitespace changes
Inline Side-by-side

Showing with 53 additions and 14 deletions

software/slaprunner/buildout.hash.cfg software/slaprunner/buildout.hash.cfg +1 -1

software/slaprunner/instance-runner.cfg software/slaprunner/instance-runner.cfg +52 -13

No files found.
--- a/software/slaprunner/buildout.hash.cfg
+++ b/software/slaprunner/buildout.hash.cfg
@@ -18,7 +18,7 @@ md5sum = 713db528880282d568278f09458d2aab

 [template-runner]
 filename = instance-runner.cfg
-md5sum = e12255a8c946b3eb8c6373fff481339f
+md5sum = cd855670076979919c0fd00cc0f5938c

 [template-runner-import-script]
 filename = template/runner-import.sh.jinja2

--- a/software/slaprunner/instance-runner.cfg
+++ b/software/slaprunner/instance-runner.cfg
@@ -4,6 +4,8 @@ parts =
  nginx-launcher
  certificate-authority
  ca-nginx
+  certificate-authority-service
+  ca-nginx-service
  logrotate-entry-nginx
  gunicorn-launcher
  gunicorn-graceful
@@ -16,10 +18,13 @@ parts =
  runner-sshd-graceful
  runner-sshd-promise
  runner-sshkeys-authority
+  runner-sshkeys-authority-service
  runner-sshkeys-sshd
+  runner-sshkeys-sshd-service
  runtestsuite
  symlinks
  shellinabox
+  shellinabox-service
  slapos-cfg
  cron-entry-prepare-software
  deploy-instance-parameters
@@ -202,8 +207,9 @@ default_repository_branch = $${slap-parameter:slapos-reference}
 [slaprunner-supervisord-wrapper]
 recipe = slapos.cookbook:wrapper
 # XXX hardcoded locations
-command-line = $${buildout:directory}/bin/slapos node supervisord --cfg $${directory:etc}/slapos.cfg -n
+command-line = $${directory:bin}/slapos node supervisord --cfg $${directory:etc}/slapos.cfg -n
 wrapper-path = $${directory:services}/slaprunner-supervisord
+hash-files = $${buildout:directory}/software_release/buildout.cfg


 [test-runner]
@@ -224,7 +230,7 @@ arguments = --server_url=$${slap-connection:server-url} --key_file=$${slap-conne
 command-line = ${buildout:directory}/bin/slaprunnertest $${:arguments}
 wrapper-path = $${directory:bin}/runTestSuite
 environment = PATH=$${shell-environment:path}
-  RUNNER_CONFIG=$${slapos-cfg:rendered} 
+  RUNNER_CONFIG=$${slapos-cfg:rendered}

 # Deploy openssh-server
 [runner-sshd-port]
@@ -287,9 +293,15 @@ keys = $${directory:sshkeys}/runner-keys/
 recipe = slapos.cookbook:sshkeys_authority
 request-directory = $${runner-sshkeys-directory:requests}
 keys-directory = $${runner-sshkeys-directory:keys}
-wrapper = $${directory:services}/runner_sshkeys_authority
+wrapper = $${directory:bin}/runner_sshkeys_authority
 keygen-binary = ${openssh:location}/bin/ssh-keygen

+[runner-sshkeys-authority-service]
+recipe = slapos.cookbook:wrapper
+command-line = $${runner-sshkeys-authority:wrapper}
+wrapper-path = $${directory:services}/runner-sshkeys-authority
+hash-files = $${buildout:directory}/software_release/buildout.cfg
+
 [runner-sshkeys-sshd]
 <= runner-sshkeys-authority
 recipe = slapos.cookbook:sshkeys_authority.request
@@ -298,7 +310,13 @@ type = rsa
 executable = $${runner-sshd-server:output}
 public-key = $${runner-sshd-raw-server:rsa-keyfile}.pub
 private-key = $${runner-sshd-raw-server:rsa-keyfile}
-wrapper = $${directory:services}/runner-sshd
+wrapper = $${directory:bin}/runner-sshd
+
+[runner-sshkeys-sshd-service]
+recipe = slapos.cookbook:wrapper
+command-line = $${runner-sshkeys-sshd:wrapper}
+wrapper-path = $${directory:services}/runner-sshd
+hash-files = $${buildout:directory}/software_release/buildout.cfg

 [runner-sshd-add-authorized-key]
 recipe = slapos.cookbook:dropbear.add_authorized_key
@@ -411,6 +429,7 @@ access-url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:global
 wait-for-files =
  $${ca-nginx:cert-file}
  $${ca-nginx:key-file}
+hash-files = $${buildout:directory}/software_release/buildout.cfg

 [logrotate-entry-apache-httpd]
 <= logrotate-entry-base
@@ -461,6 +480,7 @@ wrapper-path = $${gunicorn:bin_launcher}
 environment = PATH=$${shell-environment:path}
  RUNNER_CONFIG=$${slaprunner:slapos.cfg}
  LANG=en_GB.UTF-8
+hash-files = $${buildout:directory}/software_release/buildout.cfg

 [gunicorn-graceful]
 recipe = slapos.cookbook:wrapper
@@ -476,7 +496,7 @@ recipe = slapos.cookbook:certificate_authority
 openssl-binary = ${openssl:location}/bin/openssl
 ca-dir = $${directory:ca-dir}
 requests-directory = $${cadirectory:requests}
-wrapper = $${directory:services}/certificate_authority
+wrapper = $${directory:bin}/certificate_authority
 ca-private = $${cadirectory:private}
 ca-certs = $${cadirectory:certs}
 ca-newcerts = $${cadirectory:newcerts}
@@ -496,10 +516,22 @@ recipe = slapos.cookbook:certificate_authority.request
 key-file = $${cadirectory:certs}/nginx_frontend.key
 cert-file = $${cadirectory:certs}/nginx_frontend.crt
 executable = $${nginx-launcher:rendered}
-wrapper = $${directory:services}/nginx-frontend
+wrapper = $${directory:bin}/nginx-frontend
 # Put domain name
 name = example.com

+[ca-nginx-service]
+recipe = slapos.cookbook:wrapper
+command-line = $${directory:bin}/nginx-frontend
+wrapper-path = $${directory:services}/nginx-frontend
+hash-files = $${buildout:directory}/software_release/buildout.cfg
+
+[certificate-authority-service]
+recipe = slapos.cookbook:wrapper
+command-line = $${directory:bin}/certificate_authority
+wrapper-path = $${directory:services}/certificate_authority
+hash-files = $${buildout:directory}/software_release/buildout.cfg
+
 #--------------------
 #--
 #-- Request frontend
@@ -527,14 +559,14 @@ check-secure = 1
 [request-httpd-frontend]
 <= slap-connection
 recipe = slapos.cookbook:requestoptional
-# XXX - Unfortunately, we still call webrunner httpd frontend "Monitor Frontend" otherwise 
+# XXX - Unfortunately, we still call webrunner httpd frontend "Monitor Frontend" otherwise
 # buildout will ignore previous frontend that was created and create a new one (in case of upgrade)
 name = Monitor Frontend
 # XXX We have hardcoded SR URL here.
 software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
 slave = true
 config-url = $${apache-httpd:access-url}
-config-domain = 
+config-domain =
 return = secure_access domain

 [httpd-frontend-promise]
@@ -638,8 +670,8 @@ slaprunner-httpd-port = $${:monitor-port}
 # XXX - for backward compatibility, monitor-port was for slaprunner httpd server
 monitor-port = 9686
 instance-name =
-monitor-cors-domains = 
-monitor-interface-url = 
+monitor-cors-domains =
+monitor-interface-url =
 # XXX - define a new port for monitor here and use monitor-port for backward compatibility
 monitor-httpd-port = 8386

@@ -667,7 +699,7 @@ recipe = slapos.recipe.template:jinja2
 # We cannot use slapos.cookbook:wrapper here because this recipe escapes too much
 socket = $${directory:run}/siab.sock
 mode = 0700
-rendered = $${directory:services}/shellinaboxd
+rendered = $${directory:bin}/shellinaboxd
 template = inline:
  #!/bin/sh
  exec ${shellinabox:location}/bin/shellinaboxd \
@@ -676,6 +708,12 @@ template = inline:
    --unixdomain-only=$${:socket}:$(id -u):$(id -g):0600 \
    --service "/:$(id -u):$(id -g):HOME:$${shell-environment:shell} -l"

+[shellinabox-service]
+recipe = slapos.cookbook:wrapper
+command-line = $${directory:bin}/shellinaboxd
+wrapper-path = $${directory:services}/shellinaboxd
+hash-files = $${buildout:directory}/software_release/buildout.cfg
+
 [shell-environment]
 shell = ${bash:location}/bin/bash
 path = ${nano:location}/bin:${vim:location}/bin:${screen:location}/bin:${git:location}/bin:${curl:location}/bin:${python2.7:location}/bin:${tig:location}/bin:${zip:location}/bin:${mosh:location}/bin:${bash:location}/bin:$${buildout:directory}/bin/:/usr/bin:/bin/
@@ -743,7 +781,7 @@ context =
    raw shell $${shell-environment:shell}
    key instance_name slap-parameter:instance-name
    key workdir runnerdirectory:home
-    
+
 #---------------------------
 #--
 #-- supervisord managing slaprunner automation features
@@ -808,6 +846,7 @@ context =
 recipe = slapos.cookbook:wrapper
 command-line = $${buildout:directory}/bin/supervisord -c $${supervisord-conf:rendered} --nodaemon
 wrapper-path = $${directory:services}/supervisord
+hash-files = $${buildout:directory}/software_release/buildout.cfg

 [logrotate-entry-supervisord]
 <= logrotate-entry-base
@@ -826,7 +865,7 @@ path = $${directory:promises}/supervisord
 hostname = $${slaprunner:ipv4}
 port = $${supervisord:port}

-# XXX Monitor 
+# XXX Monitor
 [monitor-instance-parameter]
 monitor-httpd-port = $${slap-parameter:monitor-httpd-port}
 {% if slapparameter_dict.get('name', '') -%}