Commit 40695801 authored by Cédric Le Ninivin's avatar Cédric Le Ninivin

apache-runner: add log access and publish monitoring url

parent 264b43dc
......@@ -48,7 +48,9 @@ parts =
zero-parameters
public-symlink
cgi-httpd-wrapper
## Monitor for apache
monitor-current-log-access
monitor-backup-log-access
extends = ${monitor-template:output}
......@@ -119,6 +121,14 @@ apache-directory = ${apache-2.2:location}
apache-ipv6 = $${instance-parameter:ipv6-random}
apache-https-port = $${instance-parameter:configuration.port}
[monitor-current-log-access]
< = monitor-directory-access
source = $${directory:log}
[monitor-backup-log-access]
< = monitor-directory-access
source = $${directory:logrotate-backup}
[jinja2-template-base]
recipe = slapos.recipe.template:jinja2
rendered = $${buildout:directory}/$${:filename}
......
......@@ -59,20 +59,24 @@ sla-{{ parameter }} = {{ slapparameter_dict.pop( sla_key + parameter ) }}
[replicate]
<= slap-connection
recipe = slapos.cookbook:request
recipe = slapos.cookbook:requestoptional
software-url = ${slap-connection:software-release-url}
software-type = {{frontend_type}}
return = private-ipv4 public-ipv4 slave-instance-information-list
return = private-ipv4 public-ipv4 slave-instance-information-list monitor_url
config = {{ ' '.join(slapparameter_dict.keys()) + ' ' + slave_list_name }}
{% for parameter, value in slapparameter_dict.iteritems() -%}
config-{{parameter}} = {{ value }}
{% endfor -%}
config-{{ slave_list_name }} = {{ json_module.dumps(slave_instance_list) }}
connection-monitor_url =
[publish-information]
recipe = slapos.cookbook:publish
domain = {{ slapparameter_dict.get('domain') }}
slave-amount = {{ slave_instance_list | length }}
{% for frontend in frontend_section_list %}
{{ frontend }}-monitor-url = {{ '${' + frontend + ':connection-monitor_url}' }}
{% endfor -%}
{% for frontend in frontend_list -%}
#{{frontend}}-private-ipv4 = ${request-{{frontend}}:private-ipv4}
{% endfor -%}
......
......@@ -7,20 +7,23 @@ key = $${slap-connection:key-file}
cert = $${slap-connection:cert-file}
[monitor-parameters]
monitor-dir = $${directory:var}/monitor
monitor-dir = $${monitor-directory:var}/monitor
result-dir = $${:monitor-dir}/bool
json-filename = monitor.json
json-path = $${:monitor-dir}/$${:json-filename}
rss-path = $${:public-cgi}/$${:rss-filename}
rss-filename = rssfeed.html
executable = $${directory:bin}/monitor.py
cgi-bin = $${directory:cgi-bin}
monitoring-cgi = $${directory:monitoring-cgi}
knowledge0-cgi = $${directory:knowledge0-cgi}
public-cgi = $${directory:public-cgi}
executable = $${monitor-directory:bin}/monitor.py
cgi-bin = $${monitor-directory:cgi-bin}
monitoring-cgi = $${monitor-directory:monitoring-cgi}
knowledge0-cgi = $${monitor-directory:knowledge0-cgi}
public-cgi = $${monitor-directory:public-cgi}
port = 9685
private-directory = $${monitor-directory:monitor-private-directory}
htaccess-file = $${monitor-htaccess:htaccess-path}
[directory]
[monitor-directory]
recipe = slapos.cookbook:mkdirectory
home = $${buildout:directory}
etc = $${:home}/etc
bin = $${:home}/bin
......@@ -37,34 +40,35 @@ crontabs = $${:etc}/crontabs
cronstamps = $${:etc}/cronstamps
log = $${:var}/log
monitor = $${:etc}/monitor
monitor-result = $${monitor-parameters:monitor-dir}
monitor-result-bool = $${monitor-parameters:result-dir}
monitor-result = $${:var}/monitor
monitor-result-bool = $${:var}/monitor
promise = $${:etc}/promise
public-cgi = $${:cgi-bin}/public
run = $${:var}/run
service = $${:etc}/service/
tmp = $${:home}/tmp
www = $${:var}/www
monitor-private-directory = $${:srv}/monitor-private
[public-symlink]
recipe = cns.recipe.symlink
symlink = $${monitor-parameters:public-cgi} = $${directory:www}/public
symlink = $${monitor-parameters:public-cgi} = $${monitor-directory:www}/public
autocreate = true
[cron]
recipe = slapos.cookbook:cron
dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps}
cron-entries = $${monitor-directory:cron-entries}
crontabs = $${monitor-directory:crontabs}
cronstamps = $${monitor-directory:cronstamps}
catcher = $${cron-simplelogger:wrapper}
binary = $${directory:service}/crond
binary = $${monitor-directory:service}/crond
# Add log to cron
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = $${directory:bin}/cron_simplelogger
log = $${directory:log}/cron.log
wrapper = $${monitor-directory:bin}/cron_simplelogger
log = $${monitor-directory:log}/cron.log
[cron-entry-monitor]
<= cron
......@@ -84,14 +88,14 @@ command = $${make-rss:output}
recipe = hexagonit.recipe.download
url = ${download-static-files:destination}/${download-static-files:filename}
filename = static
destination = $${directory:www}
destination = $${monitor-directory:www}
ignore-existing = true
mode = 0644
[deploy-index]
recipe = slapos.recipe.template:jinja2
template = ${index:location}/${index:filename}
rendered = $${directory:www}/$${:filename}
rendered = $${monitor-directory:www}/$${:filename}
filename = index.cgi
mode = 0744
context =
......@@ -104,7 +108,7 @@ context =
[deploy-index-template]
recipe = hexagonit.recipe.download
url = ${index-template:location}/$${:filename}
destination = $${directory:www}
destination = $${monitor-directory:www}
filename = ${index-template:filename}
download-only = true
mode = 0644
......@@ -138,7 +142,7 @@ template = ${monitor-bin:location}/${monitor-bin:filename}
rendered = $${monitor-parameters:executable}
mode = 0744
context =
section directory directory
section directory monitor-directory
key monitoring_file_json monitor-parameters:json-path
key monitoring_folder_bool monitor-parameters:result-dir
raw python_executable ${buildout:executable}
......@@ -146,7 +150,7 @@ context =
[deploy-rss-script]
recipe = hexagonit.recipe.download
url = ${rss-bin:destination}/${rss-bin:filename}
destination = $${directory:bin}
destination = $${monitor-directory:bin}
filename = ${rss-bin:filename}
mode = 0744
download-only = true
......@@ -154,23 +158,34 @@ download-only = true
[make-rss]
recipe = slapos.recipe.template
url = ${make-rss-script:output}
output = $${directory:bin}/make-rss.sh
output = $${monitor-directory:bin}/make-rss.sh
mode = 0744
[monitor-htaccess]
recipe = plone.recipe.command
stop-on-error = true
htaccess-path = $${monitor-directory:monitor}/.htaccess
command = ${apache:location}/bin/htpasswd -cb $${:htaccess-path} admin $${zero-parameters:monitor-password}
[monitor-directory-access]
recipe = plone.recipe.command
command = ln -s $${:source} $${monitor-directory:monitor-private-directory}
source =
[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:ca-dir}/requests/
private = $${directory:ca-dir}/private/
certs = $${directory:ca-dir}/certs/
newcerts = $${directory:ca-dir}/newcerts/
crl = $${directory:ca-dir}/crl/
requests = $${monitor-directory:ca-dir}/requests/
private = $${monitor-directory:ca-dir}/private/
certs = $${monitor-directory:ca-dir}/certs/
newcerts = $${monitor-directory:ca-dir}/newcerts/
crl = $${monitor-directory:ca-dir}/crl/
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${directory:ca-dir}
ca-dir = $${monitor-directory:ca-dir}
requests-directory = $${cadirectory:requests}
wrapper = $${directory:service}/certificate_authority
wrapper = $${monitor-directory:service}/certificate_authority
ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts}
......@@ -181,8 +196,8 @@ ca-crl = $${cadirectory:crl}
recipe = slapos.cookbook:certificate_authority.request
key-file = $${cadirectory:certs}/httpd.key
cert-file = $${cadirectory:certs}/httpd.crt
executable = $${directory:bin}/cgi-httpd
wrapper = $${directory:service}/cgi-httpd
executable = $${monitor-directory:bin}/cgi-httpd
wrapper = $${monitor-directory:service}/cgi-httpd
# Put domain name
name = example.com
......@@ -214,11 +229,18 @@ input = inline:
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule mime_module modules/mod_mime.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule dir_module modules/mod_dir.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule alias_module modules/mod_alias.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authn_file_module modules/mod_authn_file.so
# SSL Configuration
<IfDefine !SSLConfigured>
Define SSLConfigured
......@@ -243,14 +265,29 @@ input = inline:
AddHandler cgi-script .cgi
DirectoryIndex $${deploy-index:filename}
</Directory>
output = $${directory:etc}/cgi-httpd.conf
Alias /private/ $${monitor-parameters:private-directory}/
<Directory $${monitor-parameters:private-directory}>
Order Deny,Allow
Deny from env=AUTHREQUIRED
<Files ".??*">
Order Allow,Deny
Deny from all
</Files>
AuthType Basic
AuthName "Private access"
AuthUserFile "$${monitor-parameters:htaccess-file}"
Require valid-user
Options Indexes FollowSymLinks
Satisfy all
</Directory>
output = $${monitor-directory:etc}/cgi-httpd.conf
listening-ip = $${slap-parameters:ipv6-random}
# XXX: randomize-me
htdocs = $${directory:www}
pid-file = $${directory:run}/cgi-httpd.pid
cgid-pid-file = $${directory:run}/cgi-httpd-cgid.pid
document-root = $${directory:www}
error-log = $${directory:log}/cgi-httpd-error-log
htdocs = $${monitor-directory:www}
pid-file = $${monitor-directory:run}/cgi-httpd.pid
cgid-pid-file = $${monitor-directory:run}/cgi-httpd-cgid.pid
document-root = $${monitor-directory:www}
error-log = $${monitor-directory:log}/cgi-httpd-error-log
[cgi-httpd-wrapper]
recipe = slapos.cookbook:wrapper
......@@ -260,7 +297,7 @@ wrapper-path = $${ca-httpd:executable}
[monitor-promise]
recipe = slapos.cookbook:check_url_available
path = $${directory:promises}/monitor
path = $${monitor-directory:promises}/monitor
url = https://[$${cgi-httpd-configuration-file:listening-ip}]:$${monitor-parameters:port}/$${deploy-index:filename}
check-secure = 1
dash_path = ${dash:location}/bin/dash
......
......@@ -17,6 +17,8 @@
<li><a href="{{ category }}/{{ script }}" class="script">{{ script }}</a></li>
{% endfor %}
{% endfor %}
<li class="pure-menu-heading category">Files</li>
<li><a href="./private/" class="link"> User: admin</br> Password is yours</a></li>
</ul>
</div>
</div>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment