instance-apache-replicate.cfg.in 9.04 KB
Newer Older
1
{% if slap_software_type in software_type %}
2 3 4 5 6 7 8

[jinja2-template-base]
recipe = slapos.recipe.template:jinja2
rendered = ${buildout:directory}/${:filename}
extra-context =
context =
    import json_module json
9
    raw common_profile {{ common_profile }}
10 11
    ${:extra-context}

12
{% set popen = functools_module.partial(subprocess_module.Popen, stdout=subprocess_module.PIPE, stderr=subprocess_module.STDOUT, stdin=subprocess_module.PIPE) %}
13
{% set part_list = [] %}
14 15
{% set single_type_key = 'single-' %}
{% if slap_software_type == "replicate" %}
16 17 18 19 20 21 22 23
{%   set frontend_type = slapparameter_dict.pop('-frontend-type', 'single-default') %}
{% elif slap_software_type in ['default', 'RootSoftwareInstance'] %}
{%   set frontend_type = "%s%s" % (single_type_key, 'custom-personal') %}
{% else %}
{%   set frontend_type = "%s%s" % (single_type_key, slap_software_type) %}
{% endif %}
{% set frontend_quantity = slapparameter_dict.pop('-frontend-quantity', '1') | int %}
{% set slave_list_name = 'extra_slave_instance_list' %}
24 25 26
{% set frontend_list = [] %}
{% set frontend_section_list = [] %}
{% set request_dict = {} %}
27
{% set namebase = 'caddy-frontend' %}
28
# XXX Dirty hack, not possible to define default value before
29 30 31 32
{% set sla_computer_caddy_1_key = '-sla-1-computer_guid' %}
{% if not sla_computer_caddy_1_key in slapparameter_dict %}
{%   do slapparameter_dict.__setitem__(sla_computer_caddy_1_key, '${slap-connection:computer-id}') %}
{% endif %}
33

34
# Here we request individually each frontend.
35
# The presence of sla parameters is checked and added if found
36 37 38 39
{% for i in range(1, frontend_quantity + 1) %}
{%   set frontend_name = "%s-%s" % (namebase, i) %}
{%   set request_section_title = 'request-%s' % frontend_name %}
{%   set sla_key = "-sla-%s-" % i %}
40 41 42 43 44 45 46 47 48
{%   set sla_key_length = sla_key | length %}
{%   set sla_dict = {} %}
{%   set config_key = "-frontend-config-%s-" % i %}
{%   set config_key_length = config_key | length %}
{%   set config_dict = {} %}
{%   for key in slapparameter_dict.keys() %}
{%     if key.startswith(sla_key) %}
{%       do sla_dict.__setitem__(key[sla_key_length:], slapparameter_dict.pop(key)) %}
# We check for specific configuration regarding the frontend
49
{%     elif key.startswith(config_key) %}
50
{%       do config_dict.__setitem__(key[config_key_length:], slapparameter_dict.pop(key)) %}
51 52 53 54 55
{%     endif %}
{%   endfor %}
{%   do frontend_list.append(frontend_name) %}
{%   do frontend_section_list.append(request_section_title) %}
{%   do part_list.append(request_section_title) %}
56 57 58 59 60 61 62 63 64
# Filling request dict for slave
{%   set state_key = "-frontend-%s-state" % i %}
{%   do request_dict.__setitem__(request_section_title,
                                  {
                                  'config': config_dict,
                                  'name': frontend_name,
                                  'sla': sla_dict,
                                  'state': slapparameter_dict.pop(state_key, None)
                                  }) %}
65
{% endfor %}
66

67
{% set authorized_slave_string = slapparameter_dict.pop('-frontend-authorized-slave-string', '') %}
68 69
{% set authorized_slave_list = [] %}
{% set rejected_slave_list = [] %}
70
{% set used_host_list = [] %}
71
{% for slave in slave_instance_list %}
72 73
{%   set slave_dict = {'state': True} %}
{#   BBB: apache_custom_https AND apache_custom_http #}
74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92
{%   set custom_domain = slave.get('custom_domain') %}
{%   if custom_domain and custom_domain in used_host_list %}
{%      do slave_dict.__setitem__('state', False) %}
{%   else %}
{%      do used_host_list.append(custom_domain) %}
{%   endif %}
{%   if slave.get('server-alias') %}
{%     for slave_alias in slave['server-alias'].split() %}
{%       if not validators.domain(slave_alias) %}
{%         do slave_dict.__setitem__('state', False) %}
{%       else %}
{%         if slave_alias in used_host_list %}
{%           do slave_dict.__setitem__('state', False) %}
{%         else %}
{%           do used_host_list.append(slave_alias) %}
{%         endif %}
{%       endif %}
{%     endfor %}
{%   endif %}
93 94 95
{%   for key in ['caddy_custom_http', 'caddy_custom_https', 'apache_custom_http', 'apache_custom_https'] %}
{%     if slave.get(key) %}
{%       if not slave.get('slave_reference') in authorized_slave_string %}
96
{%         do slave_dict.__setitem__('state', False) %}
97 98
{%       elif subprocess_module.call([caddy_custom_http_validator, slave[key]]) == 1 %}
{%         do slave_dict.__setitem__('state', False) %}
99 100
{%       endif %}
{%     endif %}
101
{%   endfor %} {# for key in ['caddy_custom_http', 'caddy_custom_https', 'apache_custom_http', 'apache_custom_https'] #}
102 103 104
{%   if slave.get('url') %}
{%     if subprocess_module.call([caddy_backend_url_validator, slave['url']]) == 1 %}
{%       do slave_dict.__setitem__('state', False) %}
105
{%     endif %}
106 107 108 109
{%   endif %}
{%   if slave.get('https-url') %}
{%     if subprocess_module.call([caddy_backend_url_validator, slave['https-url']]) == 1 %}
{%       do slave_dict.__setitem__('state', False) %}
110
{%     endif %}
111 112 113 114 115 116 117 118
{%   endif %}
{%   if slave.get('ssl_key') and slave.get('ssl_crt') %}
{%     set key_popen = popen([openssl, 'rsa', '-noout', '-modulus']) %}
{%     set crt_popen = popen([openssl, 'x509', '-noout', '-modulus']) %}
{%     set key_modulus = key_popen.communicate(slave['ssl_key'])[0] | trim %}
{%     set crt_modulus = crt_popen.communicate(slave['ssl_crt'])[0] | trim %}
{%     if not key_modulus or key_modulus != crt_modulus  %}
{%       do slave_dict.__setitem__('state', False) %}
119
{%     endif %}
120 121 122 123
{%   endif %}
{%   if slave.get('custom_domain') %}
{%     if not validators.domain(slave['custom_domain']) %}
{%       do slave_dict.__setitem__('state', False) %}
124
{%     endif %}
125 126 127
{%   endif %}
{%   if slave_dict['state'] %}
{%     do authorized_slave_list.append(slave) %}
128 129 130
{%   else %}
{%     do rejected_slave_list.append(slave.get('slave_reference')) %}
{%   endif %}
131
{% endfor %}
132

133 134 135
[monitor-instance-parameter]
monitor-httpd-port = {{ slapparameter_dict.get('monitor-httpd-port', '8196') }}

136 137
[replicate]
<= slap-connection
138
recipe = slapos.cookbook:requestoptional.serialised
139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158
config-monitor-cors-domains = {{ slapparameter_dict.get('monitor-cors-domains', 'monitor.app.officejs.com') }}
config-monitor-username = ${monitor-instance-parameter:username}
config-monitor-password = ${monitor-htpasswd:passwd}

{% set frontend_software_url_key = "-frontend-software-release-url" %}
{% if slapparameter_dict.has_key(frontend_software_url_key) %}
software-url = {{ slapparameter_dict.pop(frontend_software_url_key) }}
{% else %}
software-url = ${slap-connection:software-release-url}
{% endif %}
software-type = {{frontend_type}}
return = private-ipv4 public-ipv4 slave-instance-information-list monitor-base-url

{% for section, frontend_request in request_dict.iteritems() %}
[{{section}}]
<= replicate
name = {{ frontend_request.get('name') }}
{%   if frontend_request.get('state') %}
state = {{ frontend_request.get('state') }}
{%   endif%}
159 160
{%   set slave_configuration_dict = slapparameter_dict %}
{%   do slave_configuration_dict.update(frontend_request.get('config')) %}
161 162
{%   do slave_configuration_dict.__setitem__(slave_list_name, json_module.dumps(authorized_slave_list)) %}
{%   do slave_configuration_dict.__setitem__("frontend-name", frontend_request.get('name')) %}
163 164 165
{%-   for config_key, config_value in slave_configuration_dict.iteritems() %}
config-{{ config_key }} = {{ dumps(config_value) }}
{%   endfor -%}
166
{%   if frontend_request.get('sla') %}
167
{%     for parameter, value in frontend_request.get('sla').iteritems() %}
168
sla-{{ parameter }} = {{ value }}
169 170 171
{%     endfor %}
{%   endif %}
{% endfor %}
172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194


[publish-information]
<= monitor-publish
recipe = slapos.cookbook:publish
domain = {{ slapparameter_dict.get('domain') }}
slave-amount = {{ slave_instance_list | length }}
accepted-slave-amount = {{ authorized_slave_list | length }}
rejected-slave-amount = {{ rejected_slave_list | length }}
rejected-slave-list = {{ json_module.dumps(rejected_slave_list) }}

#----------------------------
#--
#-- Publish slave information
[publish-slave-information]
recipe = slapos.cookbook:softwaretype
default = ${dynamic-publish-slave-information:rendered}
RootSoftwareInstance = ${dynamic-publish-slave-information:rendered}
replicate = ${dynamic-publish-slave-information:rendered}
custom-personal = ${dynamic-publish-slave-information:rendered}
custom-group = ${dynamic-publish-slave-information:rendered}

[slave-information]
195
{% for frontend_section in frontend_section_list %}
196
{{ frontend_section }} = {{ "${%s:connection-slave-instance-information-list}" % frontend_section }}
197
{% endfor %}
198 199 200 201 202 203 204 205 206 207 208 209 210

[dynamic-publish-slave-information]
< = jinja2-template-base
template = {{ template_publish_slave_information }}
filename = dynamic-publish-slave-information.cfg
extensions = jinja2.ext.do
extra-context =
    section slave_information slave-information

[monitor-conf-parameters]
monitor-url-list +=
{% for frontend in frontend_section_list %}
{{ '  ${' + frontend + ':connection-monitor-base-url}' }}
211
{% endfor %}
212 213

[buildout]
214 215 216
extends =
  {{ common_profile }}
  {{ template_monitor }}
217 218 219 220
parts =
  monitor-base
  publish-slave-information
  publish-information
221
{% for part in part_list %}
222
{{ '  %s' % part }}
223
{% endfor %}
224
#      publish-information
225
{% endif %}