Ensure correct database handling; add SSH server.

78a00a52 · Viktor Horvath · 345114c0 · 78a00a52 · 78a00a52 · 78a00a52
Commit 78a00a52 authored Jan 10, 2013 by Viktor Horvath
4 changed files
--- a/slapos/recipe/mioga/instantiate.py
+++ b/slapos/recipe/mioga/instantiate.py
@@ -47,12 +47,6 @@ class Recipe(GenericBaseRecipe):
    if os.path.isfile(filepath):
      os.remove(filepath)

-  def install(self):
-    self.instantiate(True)
-
-  def update(self):
-    self.instantiate(False)
-
  def rsync_dir(self, src, target):
    if os.path.isdir(src) and not src.endswith('/'):
      src += '/'
@@ -62,7 +56,10 @@ class Recipe(GenericBaseRecipe):
    cmd.communicate()
    

-  def instantiate(self, isNewInstall):
+  # Even if there is a dedicated update(), this is still called sometimes.
+  # So better not trust that and decide for ourselves.
+  def install(self):
+    self.options['admin_password'] = 'test_for_programmatic_setting'
    # Copy the build/ and var/lib/Mioga2 folders into the instance
    mioga_location = self.options['mioga_location']

@@ -78,7 +75,7 @@ class Recipe(GenericBaseRecipe):
    vardir = self.options['var_directory']
    mioga_base = os.path.join(vardir, 'lib', 'Mioga2')
    fm = FileModifier('conf/Config.xml')
-    fm.modifyParameter('init_sql', 'yes' if isNewInstall else 'no')
+    fm.modifyParameter('init_sql', 'no') # force_init_sql is set manually everywhere
    fm.modifyParameter('install_dir', mioga_base)
    fm.modifyParameter('tmp_dir', os.path.join(mioga_base, 'tmp'))
    fm.modifyParameter('search_tmp_dir', os.path.join(mioga_base, 'mioga_search'))

--- a/software/mioga/instance-apacheperl.cfg
+++ b/software/mioga/instance-apacheperl.cfg
@@ -4,6 +4,9 @@ parts =
 #  apacheperl-promise
  mioga-instance
  cron-entry-crawler
+  sshkeys-dropbear
+  dropbear-server-add-authorized-key
+  sshkeys-authority
  publish-connection-information

 eggs-directory = ${buildout:eggs-directory}
@@ -27,6 +30,14 @@ htdocs = $${rootdirectory:srv}/htdocs
 cronstamps = $${rootdirectory:etc}/cronstamps/
 cron-entries = $${rootdirectory:etc}/cron.d/
 crontabs = $${rootdirectory:etc}/crontabs/
+sshkeys = $${rootdirectory:srv}/sshkeys
+ssh = $${rootdirectory:etc}/ssh
+
+[gen-passwd]
+recipe = slapos.cookbook:generate.password
+storage-path = $${rootdirectory:etc}/pw
+bytes = 8
+default = $${slap-parameter:password}

 [cron-simplelogger]
 recipe = slapos.cookbook:simplelogger
@@ -58,6 +69,8 @@ port = $${apacheperl-instance:port}
 [publish-connection-information]
 recipe = slapos.cookbook:publish
 apacheperl_url = http://[$${slap-network-information:global-ipv6}]:$${mioga-instance:public_ipv6_port}
+admin_password = $${mioga-instance:admin_password}
+ssh_command = ssh $${dropbear-server:host} -p $${dropbear-server:port}

 # Request Postgres instance and parse its URL
 [request-postgres]
@@ -79,6 +92,47 @@ recipe = cns.recipe.symlink
 symlink_target = $${rootdirectory:bin}
 symlink_base = ${postgresql:location}/bin

+[sshkeys-directory]
+recipe = slapos.cookbook:mkdirectory
+requests = $${basedirectory:sshkeys}/requests/
+keys = $${basedirectory:sshkeys}/keys/
+
+[sshkeys-authority]
+recipe = slapos.cookbook:sshkeys_authority
+request-directory = $${sshkeys-directory:requests}
+keys-directory = $${sshkeys-directory:keys}
+wrapper = $${basedirectory:services}/sshkeys_authority
+keygen-binary = ${dropbear:location}/bin/dropbearkey
+
+[dropbear-server]
+recipe = slapos.cookbook:dropbear
+host = $${slap-network-information:global-ipv6}
+port = 2222
+home = $${basedirectory:ssh}
+wrapper = $${rootdirectory:bin}/raw_sshd
+shell = /bin/bash
+rsa-keyfile = $${basedirectory:ssh}/server_key.rsa
+dropbear-binary = ${dropbear:location}/sbin/dropbear
+
+[sshkeys-dropbear]
+<= sshkeys-authority
+recipe = slapos.cookbook:sshkeys_authority.request
+name = dropbear
+type = rsa
+executable = $${dropbear-server:wrapper}
+public-key = $${dropbear-server:rsa-keyfile}.pub
+private-key = $${dropbear-server:rsa-keyfile}
+wrapper = $${basedirectory:services}/sshd
+
+[dropbear-server-add-authorized-key]
+<= dropbear-server
+recipe = slapos.cookbook:dropbear.add_authorized_key
+key = $${slap-parameter:authorized-key}
+
+[slap-parameter]
+# Default value if no ssh key is specified
+authorized-key =
+
 [mioga-instance]
 recipe = slapos.cookbook:mioga.instantiate
 # mioga_compile_dir = ${template-apacheperl:compile-directory}
@@ -115,4 +169,5 @@ error_log = $${rootdirectory:log}/error.log
 access_log = $${rootdirectory:log}/access.log
 bin_dir = $${rootdirectory:bin}
 log_dir = $${rootdirectory:log}
-site_perl = ${perl:siteprefix}
\ No newline at end of file
+site_perl = ${perl:siteprefix}
+admin_password = initial_nonsense
\ No newline at end of file
--- a/software/mioga/mioga-patch
+++ b/software/mioga/mioga-patch
--- a/software/mioga/software.cfg
+++ b/software/mioga/software.cfg
@@ -18,6 +18,7 @@ extends =
  ../../component/perl-Search-Xapian/buildout.cfg
  ../../component/libxslt/buildout.cfg
  ../../component/dcron/buildout.cfg
+  ../../component/dropbear/buildout.cfg
  ../../component/lxml-python/buildout.cfg
  ../../stack/slapos.cfg

@@ -55,7 +56,7 @@ modules =
  S/ST/STBEY/Date-Calc-6.3.tar.gz
  D/DC/DCOPPIT/Benchmark-Timer-0.7102.tar.gz
  R/RB/RBOW/Date-ICal-2.678.tar.gz
-  S/SB/SBECK/Date-Manip-6.34.tar.gz
+  S/SB/SBECK/Date-Manip-6.37.tar.gz
  G/GB/GBARR/TimeDate-1.20.tar.gz
  S/SH/SHLOMIF/Error-0.17018.tar.gz
  P/PA/PARDUS/File-MimeInfo/File-MimeInfo-0.16.tar.gz