- public version of recipe to instantiate ERP5 using slapos

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@43912 20353a03-c40f-0410-a6d1-a30d3c3de9de

slapos/recipe/erp5/CHANGES.txt

+Changelog
+=========
+
+1.0 (unreleased)
+----------------

slapos/recipe/erp5/MANIFEST.in

+include CHANGES.txt
+recursive-include src/slapos/recipe/erp5 *.in

slapos/recipe/erp5/README.txt

+The slapos.recipe.erp5 aims to instanciate an ERP5 environnment
+===============================================================
+
+SLAP parameters
+---------------
+
+zope_amount
+~~~~~~~~~~~
+
+:Optional: Yes
+:Type: integer
+:Default: None
+:Description: If present switches to Zope/ZEO configuration and configures this amount of Zopes connected to ZEO. If not present only one Zope with own ZODB is created.
+
+ca_*
+~~~~
+
+:Optional: Yes
+:Name: ca_country_code, ca_email, ca_state, ca_city, ca_company
+:Type: string
+:Default: XX, xx@example.com, State, City, Company
+:Description: Certificate Authority configuration.
+
+key_auth_path
+~~~~~~~~~~~~~
+
+:Optional: Yes
+:Type: string
+:Default: /erp5/portal_slap
+:Description: Path where connections using PKI authorisation will be directed.

slapos/recipe/erp5/setup.cfg

+[egg_info]
+tag_build = .dev
+tag_svn_revision = 1

slapos/recipe/erp5/setup.py

+from setuptools import setup, find_packages
+
+name = "slapos.recipe.erp5"
+version = '1.0'
+
+def read(name):
+  return open(name).read()
+
+long_description=( read('README.txt')
+                   + '\n' +
+                   read('CHANGES.txt')
+                 )
+
+setup(
+    name = name,
+    version = version,
+    description = "ZC Buildout recipe for create an erp5 instance",
+    long_description=long_description,
+    license = "GPLv3",
+    keywords = "buildout slapos erp5",
+    classifiers=[
+        "Framework :: Buildout :: Recipe",
+        "Programming Language :: Python",
+    ],
+    packages = find_packages('src'),
+    package_dir = {'': 'src'},
+    include_package_data=True,
+    install_requires = [
+      'zc.recipe.egg',
+      'setuptools',
+      'slapos.lib.recipe >= 1.0.dev-r4554',
+      ],
+    namespace_packages = ['slapos', 'slapos.recipe'],
+    entry_points = {'zc.buildout': ['default = %s:Recipe' % name]},
+    )

slapos/recipe/erp5/src/slapos/__init__.py

+# See http://peak.telecommunity.com/DevCenter/setuptools#namespace-packages
+try:
+    __import__('pkg_resources').declare_namespace(__name__)
+except ImportError:
+    from pkgutil import extend_path
+    __path__ = extend_path(__path__, __name__) 

slapos/recipe/erp5/src/slapos/recipe/__init__.py

+# See http://peak.telecommunity.com/DevCenter/setuptools#namespace-packages
+try:
+    __import__('pkg_resources').declare_namespace(__name__)
+except ImportError:
+    from pkgutil import extend_path
+    __path__ = extend_path(__path__, __name__) 

slapos/recipe/erp5/src/slapos/recipe/erp5/apache.py

+import os
+import sys
+import time
+
+def runApache(args):
+  sleep = 60
+  conf = args[0]
+  while True:
+    ready = True
+    for f in conf['required_path_list']:
+      if not os.path.exists(f):
+        print 'File %r does not exists, sleeping for %s' % (f, sleep)
+        ready = False
+    if ready:
+      break
+    time.sleep(sleep)
+  apache_wrapper_list = [conf['binary'], '-f', conf['config'], '-DFOREGROUND']
+  apache_wrapper_list.extend(sys.argv[1:])
+  sys.stdout.flush()
+  sys.stderr.flush()
+  os.execl(apache_wrapper_list[0], *apache_wrapper_list)

slapos/recipe/erp5/src/slapos/recipe/erp5/certificate_authority.py

+import os
+import subprocess
+import time
+
+def popenCommunicate(command_list, input=None):
+  subprocess_kw = dict(stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
+  if input is not None:
+    subprocess_kw.update(stdin=subprocess.PIPE)
+  popen = subprocess.Popen(command_list, **subprocess_kw)
+  result = popen.communicate(input)[0]
+  if popen.returncode is None:
+    popen.kill()
+  if popen.returncode != 0:
+    raise ValueError('Issue during calling %r, result was:\n%s' % (command_list,
+      result))
+  return result
+
+def checkCertificateAuthority(ca_conf):
+  file_list = [
+      ca_conf['ca_key'],
+      ca_conf['ca_certificate'],
+  ]
+  ca_ready = True
+  for f in file_list:
+    if not os.path.exists(f):
+      ca_ready = False
+      break
+  if ca_ready:
+    return
+  for f in file_list:
+    if os.path.exists(f):
+      os.unlink(f)
+  try:
+    # no CA, let us create new one
+    popenCommunicate([ca_conf['openssl_binary'], 'req', '-nodes', '-config',
+        ca_conf['openssl_configuration'], '-new', '-x509', '-extensions',
+        'v3_ca', '-keyout', ca_conf['ca_key'], '-out',
+        ca_conf['ca_certificate'], '-days',
+        '10950'], 'Automatic Certificate Authority\n')
+  except:
+    try:
+      for f in file_list:
+        if os.path.exists(f):
+          os.unlink(f)
+    except:
+      # do not raise during cleanup
+      pass
+    raise
+
+def checkCertificate(common_name, key, certificate, ca_conf):
+  file_list = [ key, certificate ]
+  ready = True
+  for f in file_list:
+    if not os.path.exists(f):
+      ready = False
+      break
+  if ready:
+    return
+  for f in file_list:
+    if os.path.exists(f):
+      os.unlink(f)
+  csr = certificate + '.csr'
+  try:
+    popenCommunicate([ca_conf['openssl_binary'], 'req', '-config',
+      ca_conf['openssl_configuration'], '-nodes', '-new', '-keyout',
+      key, '-out', csr, '-days', '3650'],
+      common_name + '\n')
+    try:
+      popenCommunicate([ca_conf['openssl_binary'], 'ca', '-batch', '-config',
+        ca_conf['openssl_configuration'], '-out', certificate,
+        '-infiles', csr])
+    finally:
+      if os.path.exists(csr):
+        os.unlink(csr)
+  except:
+    try:
+      for f in file_list:
+        if os.path.exists(f):
+          os.unlink(f)
+    except:
+      # do not raise during cleanup
+      pass
+    raise
+
+
+def checkLoginCertificate(ca_conf):
+  checkCertificate('Login Based Access', ca_conf['login_key'],
+      ca_conf['login_certificate'], ca_conf)
+
+def checkKeyAuthCertificate(ca_conf):
+  checkCertificate('Key Based Access', ca_conf['key_auth_key'],
+      ca_conf['key_auth_certificate'], ca_conf)
+
+def runCertificateAuthority(args):
+  ca_conf = args[0]
+  while True:
+    checkCertificateAuthority(ca_conf)
+    checkLoginCertificate(ca_conf)
+    checkKeyAuthCertificate(ca_conf)
+    time.sleep(60)

slapos/recipe/erp5/src/slapos/recipe/erp5/execute.py

+import os
+def execute(args):
+  """Portable execution with process replacement"""
+  # Note: Candidate for slapos.lib.recipe
+  os.execv(args[0], args)

slapos/recipe/erp5/src/slapos/recipe/erp5/mysql.py

+import os
+import subprocess
+import sys
+import time
+
+def runMysql(args):
+  sleep = 60
+  initialise_command_list = args[0]
+  mysql_conf = args[1]
+  mysql_wrapper_list = [mysql_conf['mysqld_binary'],
+      '--defaults-file=%s'%mysql_conf['configuration_file']]
+  while True:
+    # XXX: Protect with proper root password
+    popen = subprocess.Popen(initialise_command_list,
+      stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
+    result = popen.communicate()[0]
+    if popen.returncode is None or popen.returncode != 0:
+      print "Failed to initialise server.\nThe error was: %s" % result
+      print "Waiting for %ss and retrying" % sleep
+      time.sleep(sleep)
+    else:
+      print "Mysql properly initialised"
+      break
+  sys.stdout.flush()
+  sys.stderr.flush()
+  os.execl(mysql_wrapper_list[0], *mysql_wrapper_list)
+
+def updateMysql(args):
+  mysql_command_list = args[0]
+  mysql_script = args[1]
+  sleep = 30
+  while True:
+    mysql = subprocess.Popen(mysql_command_list, stdin=subprocess.PIPE,
+        stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
+    result = mysql.communicate(mysql_script)[0]
+    if mysql.returncode is None:
+      mysql.kill()
+    if mysql.returncode != 0:
+      print 'Script failed with: %s' % result
+      print 'Sleeping for %ss and retrying' % sleep
+    else:
+      print 'Script succesfully run on database, exiting'
+    time.sleep(sleep)

slapos/recipe/erp5/src/slapos/recipe/erp5/template/apache.zope.conf.in

+# Apache configuration file for Zope
+# Automatically generated
+
+# Basic server configuration
+PidFile "%(pid_file)s"
+LockFile "%(lock_file)s"
+Listen %(ip)s:%(port)s
+ServerAdmin %(server_admin)s
+DefaultType text/plain
+TypesConfig conf/mime.types
+AddType application/x-compress .Z
+AddType application/x-gzip .gz .tgz
+
+# As backend is trusting REMOTE_USER header unset it always
+RequestHeader unset REMOTE_USER
+
+# SSL Configuration
+%(ssl_snippet)s
+
+# Log configuration
+ErrorLog "%(error_log)s"
+LogLevel warn
+LogFormat "%%h %%{REMOTE_USER}i %%l %%u %%t \"%%r\" %%>s %%b \"%%{Referer}i\" \"%%{User-Agent}i\"" combined
+LogFormat "%%h %%{REMOTE_USER}i %%l %%u %%t \"%%r\" %%>s %%b" common
+CustomLog "%(access_log)s" common
+
+# Directory protection
+<Directory />
+    Options FollowSymLinks
+    AllowOverride None
+    Order deny,allow
+    Deny from all
+</Directory>
+
+%(path_enable)s
+
+# Magic of Zope related rewrite
+RewriteEngine On
+%(rewrite_rule)s
+
+# List of modules
+LoadModule authz_host_module modules/mod_authz_host.so
+LoadModule log_config_module modules/mod_log_config.so
+LoadModule setenvif_module modules/mod_setenvif.so
+LoadModule version_module modules/mod_version.so
+LoadModule proxy_module modules/mod_proxy.so
+LoadModule proxy_http_module modules/mod_proxy_http.so
+LoadModule ssl_module modules/mod_ssl.so
+LoadModule mime_module modules/mod_mime.so
+LoadModule dav_module modules/mod_dav.so
+LoadModule dav_fs_module modules/mod_dav_fs.so
+LoadModule negotiation_module modules/mod_negotiation.so
+LoadModule rewrite_module modules/mod_rewrite.so
+LoadModule headers_module modules/mod_headers.so
+LoadModule antiloris_module modules/mod_antiloris.so

slapos/recipe/erp5/src/slapos/recipe/erp5/template/apache.zope.conf.path.in

+# Path enabled
+<Location %(path)s>
+  Order Allow,Deny
+  Allow from all
+</Location>

slapos/recipe/erp5/src/slapos/recipe/erp5/template/cloudooo.cfg.in

+[app:main]
+use = egg:cloudooo
+#
+## System config
+#
+debug_mode = True
+# Folder where pid files, lock files and virtual frame buffer mappings
+# are stored. In this folder is necessary create a folder tmp, because this
+# folder is used to create all temporary documents.
+working_path = %(working_path)s
+# Folder where UNO library is installed
+uno_path = %(uno_path)s
+# Folder where soffice.bin is installed
+office_binary_path = %(office_binary_path)s
+#
+## Monitor Settings
+#
+# Limit to use the Openoffice Instance. if pass of the limit, the instance is
+# stopped and another is started.
+limit_number_request = 100
+# Interval to check the factory
+monitor_interval = 10
+timeout_response = 180
+enable_memory_monitor = True
+# Set the limit in MB
+# e.g 1000 = 1 GB, 100 = 100 MB
+limit_memory_used = 3000
+#
+## OOFactory Settings
+#
+# The pool consist of several OpenOffice.org instances
+application_hostname = localhost
+# OpenOffice Port
+openoffice_port = %(openoffice_port)s
+# LD_LIBRARY_PATH passed to OpenOffice
+env-LD_LIBRARY_PATH = %(LD_LIBRARY_PATH)s
+
+[server:main]
+use = egg:PasteScript#wsgiutils
+host = %(ip)s
+port = %(port)s

slapos/recipe/erp5/src/slapos/recipe/erp5/template/frontend.conf.in

+# Apache configuration file for Zope
+# Automatically generated
+
+# Basic server configuration
+PidFile "%(pid_file)s"
+LockFile "%(lock_file)s"
+Listen [%(ip)s]:%(port)s
+ServerAdmin %(server_admin)s
+ServerName %(server_name)s
+DefaultType text/plain
+TypesConfig conf/mime.types
+AddType application/x-compress .Z
+AddType application/x-gzip .gz .tgz
+
+SSLCertificateFile %(certificate)s
+SSLCertificateKeyFile %(key)s
+SSLRandomSeed startup builtin
+SSLRandomSeed connect builtin
+
+# Log configuration
+ErrorLog "%(error_log)s"
+LogLevel warn
+LogFormat "%%h %%{REMOTE_USER}i %%l %%u %%t \"%%r\" %%>s %%b \"%%{Referer}i\" \"%%{User-Agent}i\"" combined
+LogFormat "%%h %%{REMOTE_USER}i %%l %%u %%t \"%%r\" %%>s %%b" common
+CustomLog "%(access_log)s" common
+
+# Directory protection
+<Directory />
+    Options FollowSymLinks
+    AllowOverride None
+    Order deny,allow
+    Deny from all
+</Directory>
+
+# Magic of Zope related rewrite
+RewriteEngine On
+%(rewrite_rule)s
+
+# List of modules
+LoadModule authz_host_module modules/mod_authz_host.so
+LoadModule log_config_module modules/mod_log_config.so
+LoadModule setenvif_module modules/mod_setenvif.so
+LoadModule version_module modules/mod_version.so
+LoadModule proxy_module modules/mod_proxy.so
+LoadModule proxy_http_module modules/mod_proxy_http.so
+LoadModule ssl_module modules/mod_ssl.so
+LoadModule mime_module modules/mod_mime.so
+LoadModule dav_module modules/mod_dav.so
+LoadModule dav_fs_module modules/mod_dav_fs.so
+LoadModule negotiation_module modules/mod_negotiation.so
+LoadModule rewrite_module modules/mod_rewrite.so
+LoadModule headers_module modules/mod_headers.so

slapos/recipe/erp5/src/slapos/recipe/erp5/template/haproxy.cfg.in

+defaults
+  mode  tcp
+  option redispatch
+  timeout server 3000s
+  timeout queue 5s
+  timeout connect 10s
+  timeout client 3600s
+
+%(listen_list)s

slapos/recipe/erp5/src/slapos/recipe/erp5/template/initmysql.sql.in

+CREATE DATABASE IF NOT EXISTS %(mysql_database)s;
+GRANT ALL PRIVILEGES ON %(mysql_database)s.* TO %(mysql_user)s@'%%' IDENTIFIED BY '%(mysql_password)s';
+CREATE DATABASE IF NOT EXISTS %(mysql_test_database)s;
+GRANT ALL PRIVILEGES ON %(mysql_test_database)s.* TO %(mysql_test_user)s@'%%' IDENTIFIED BY '%(mysql_test_password)s';
+EXIT

slapos/recipe/erp5/src/slapos/recipe/erp5/template/kumo_gateway.in

+#!/bin/sh
+exec %(kumo_gateway_binary)s -F -E -m %(kumo_manager_ip)s:%(kumo_manager_port)s -t %(kumo_gateway_ip)s:%(kumo_gateway_port)s -o %(kumo_gateway_log)s

slapos/recipe/erp5/src/slapos/recipe/erp5/template/kumo_manager.in

+#!/bin/sh
+exec %(kumo_manager_binary)s -a -l %(kumo_manager_ip)s:%(kumo_manager_port)s -o %(kumo_manager_log)s

slapos/recipe/erp5/src/slapos/recipe/erp5/template/kumo_server.in

+#!/bin/sh
+exec %(kumo_server_binary)s -l %(kumo_server_ip)s:%(kumo_server_port)s -L %(kumo_server_listen_port)s -m %(kumo_manager_ip)s:%(kumo_manager_port)s -s %(kumo_server_storage)s -o %(kumo_server_log)s

slapos/recipe/erp5/src/slapos/recipe/erp5/template/memcached.in

+#!/bin/sh
+exec %(memcached_binary)s -p %(memcached_port)s -U %(memcached_port)s -l %(memcached_ip)s -m %(memcached_mem_limit)s

slapos/recipe/erp5/src/slapos/recipe/erp5/template/my.cnf.in

+# ERP5 buildout my.cnf template based on my-huge.cnf shipped with mysql
+# The MySQL server
+[mysqld]
+# ERP5 by default requires InnoDB storage. MySQL by default fallbacks to using
+# different engine, like MyISAM. Such behaviour generates problems only, when
+# tables requested as InnoDB are silently created with MyISAM engine.
+#
+# Loud fail is really required in such case.
+sql-mode="NO_ENGINE_SUBSTITUTION"
+
+skip-show-database
+port = %(tcp_port)s
+bind-address = %(ip)s
+socket = %(socket)s
+datadir = %(data_directory)s
+pid-file = %(pid_file)s
+log-error = %(error_log)s
+log-slow-queries = %(slow_query_log)s
+long_query_time = 5
+max_allowed_packet = 128M
+query_cache_size = 32M
+
+plugin-load = ha_innodb_plugin.so
+
+# The following are important to configure and depend a lot on to the size of
+# your database and the available resources.
+#innodb_buffer_pool_size = 4G
+#innodb_log_file_size = 256M
+#innodb_log_buffer_size = 8M
+
+# Some dangerous settings you may want to uncomment if you only want
+# performance or less disk access. Useful for unit tests.
+#innodb_flush_log_at_trx_commit = 0
+#innodb_flush_method = nosync
+#innodb_doublewrite = 0
+#sync_frm = 0
+
+# Uncomment the following if you need binary logging, which is recommended
+# on production instances (either for replication or incremental backups).
+#log-bin=mysql-bin
+
+# Force utf8 usage
+collation_server = utf8_unicode_ci
+character_set_server = utf8
+default-character-set = utf8
+skip-character-set-client-handshake
+
+[mysql]
+no-auto-rehash
+socket = %(socket)s
+
+[mysqlhotcopy]
+interactive-timeout

slapos/recipe/erp5/src/slapos/recipe/erp5/template/openssl.cnf.in

+####################################################################
+[ req ]
+default_bits		= 1024
+default_keyfile 	= privkey.pem
+distinguished_name	= req_distinguished_name
+attributes		= req_attributes
+x509_extensions	= v3_ca	# The extentions to add to the self signed cert
+
+# Passwords for private keys if not present they will be prompted for
+# input_password = secret
+# output_password = secret
+
+# This sets a mask for permitted string types. There are several options. 
+# default: PrintableString, T61String, BMPString.
+# pkix	 : PrintableString, BMPString (PKIX recommendation before 2004)
+# utf8only: only UTF8Strings (PKIX recommendation after 2004).
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
+string_mask = utf8only
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+[ req_distinguished_name ]
+countryName			= Country Name (2 letter code)
+countryName_default		= XX
+countryName_min			= 2
+countryName_max			= 2
+
+stateOrProvinceName		= State or Province Name (full name)
+stateOrProvinceName_default	= Somewhere
+
+localityName			= Locality Name (eg, city)
+
+0.organizationName		= Organization Name (eg, company)
+0.organizationName_default	= erp5.recipe.apache autogeneration
+
+# we can do this but it is not needed normally :-)
+#1.organizationName		= Second Organization Name (eg, company)
+#1.organizationName_default	= World Wide Web Pty Ltd
+
+organizationalUnitName		= Organization Unit Name
+organizationalUnitName_default	= Unknown
+
+commonName			= Common Name
+commonName_default	= %(server_name)s
+commonName_max			= 64
+
+emailAddress			= Email Address
+emailAddress_max		= 64
+
+# SET-ex3			= SET extension number 3
+
+[ req_attributes ]
+challengePassword		= A challenge password
+challengePassword_min		= 4
+challengePassword_max		= 20
+
+unstructuredName		= An optional company name
+
+[ v3_ca ]
+
+
+# Extensions for a typical CA
+
+
+# PKIX recommendation.
+
+subjectKeyIdentifier=hash
+
+authorityKeyIdentifier=keyid:always,issuer
+
+# This is what PKIX recommends but some broken software chokes on critical
+# extensions.
+#basicConstraints = critical,CA:true
+# So we do this instead.
+basicConstraints = CA:true
+
+# Key usage: this is typical for a CA certificate. However since it will
+# prevent it being used as an test self-signed certificate it is best
+# left out by default.
+# keyUsage = cRLSign, keyCertSign
+
+# Some might want this also
+# nsCertType = sslCA, emailCA
+
+# Include email address in subject alt name: another PKIX recommendation
+# subjectAltName=email:copy
+# Copy issuer details
+# issuerAltName=issuer:copy
+
+# DER hex encoding of an extension: beware experts only!
+# obj=DER:02:03
+# Where 'obj' is a standard or added object
+# You can even override a supported extension:
+# basicConstraints= critical, DER:30:03:01:01:FF

slapos/recipe/erp5/src/slapos/recipe/erp5/template/zeo.conf.in

+# ZEO configuration file generated by SlapOS
+<zeo>
+  address %(zeo_ip)s:%(zeo_port)s
+  read-only false
+  invalidation-queue-size 100
+  pid-filename %(zeo_pid)s
+</zeo>
+
+<filestorage %(zeo_storagename)s>
+  path %(zeo_zodb)s
+</filestorage>
+
+<eventlog>
+  <logfile>
+    path %(zeo_event_log)s
+  </logfile>
+</eventlog>

slapos/recipe/erp5/src/slapos/recipe/erp5/template/zope.conf.in

+## Zope 2 configuration file generated by SlapOS
+
+# Some defines
+%%define INSTANCE %(instance)s
+instancehome $INSTANCE
+
+# Used products
+%(products)s
+
+# Environment override
+<environment>
+  TMP %(tmp_directory)s
+  TMPDIR %(tmp_directory)s
+  HOME %(tmp_directory)s
+  PATH %(path)s
+</environment>
+
+# No need to debug
+debug-mode off
+
+# One thread is safe enough
+zserver-threads 1
+
+# File location
+pid-filename %(pid-filename)s
+lock-filename %(lock-filename)s
+
+# Logging configuration
+<eventlog>
+  <logfile>
+    path %(event_log)s
+  </logfile>
+</eventlog>
+<logger access>
+  <logfile>
+    path %(z2_log)s
+  </logfile>
+</logger>
+
+# Serving configuration
+<http-server>
+  address %(address)s
+</http-server>
+
+# ZODB configuration
+<zodb_db main>
+  mount-point /
+  <zeoclient>
+    server %(zeo_ip)s:%(zeo_port)s
+    storage %(zeo_storagename)s
+    name %(zeo_storagename)s
+  </zeoclient>
+</zodb_db>
+<zoperunner>
+    program $INSTANCE/bin/runzope
+</zoperunner>
+
+# ERP5 Timer Service
+%%import timerserver
+<timer-server>
+  interval 5
+</timer-server>

slapos/recipe/erp5/src/slapos/recipe/erp5/template/zope.conf.simple.in

+## Zope 2 configuration file generated by SlapOS
+
+# Some defines
+%%define INSTANCE %(instance)s
+instancehome $INSTANCE
+
+# Used products
+%(products)s
+
+# Environment override
+<environment>
+  TMP %(tmp_directory)s
+  TMPDIR %(tmp_directory)s
+  HOME %(tmp_directory)s
+  PATH %(path)s
+</environment>
+
+# No need to debug
+debug-mode off
+
+# One thread is safe enough
+zserver-threads 1
+
+# File location
+pid-filename %(pid-filename)s
+lock-filename %(lock-filename)s
+
+# Logging configuration
+<eventlog>
+  <logfile>
+    path %(event_log)s
+  </logfile>
+</eventlog>
+<logger access>
+  <logfile>
+    path %(z2_log)s
+  </logfile>
+</logger>
+
+# Serving configuration
+<http-server>
+  address %(address)s
+</http-server>
+
+# ZODB configuration
+<zodb_db root>
+    # Main FileStorage database
+    <filestorage>
+      # See .../ZODB/component.xml for directives (sectiontype
+      # "filestorage").
+      path %(zodb_root_path)s
+    </filestorage>
+    mount-point /
+</zodb_db>
+<zoperunner>
+    program $INSTANCE/bin/runzope
+</zoperunner>
+
+# ERP5 Timer Service
+%%import timerserver
+<timer-server>
+  interval 5
+</timer-server>

slapos/recipe/erp5/src/slapos/recipe/erp5/testrunner.py

+import os
+import sys
+def runUnitTest(args):
+  env = os.environ.copy()
+  d = args[0]
+  env['OPENSSL_BINARY'] = d['openssl_binary']
+  env['TEST_CA_PATH'] = d['test_ca_path']
+  env['PATH'] = ':'.join([d['prepend_path']] + os.environ['PATH'].split(':'))
+  env['INSTANCE_HOME'] = d['instance_home']
+  env['REAL_INSTANCE_HOME'] = d['instance_home']
+  os.execve(d['call_list'][0], d['call_list'] + sys.argv[1:], env)