Commit 44e9796c authored by Alain Takoudjou's avatar Alain Takoudjou

Add monitor2 to slaprunner software release

parent fd328019
......@@ -21,7 +21,7 @@ extends =
../../stack/slapos.cfg
../../stack/flask.cfg
../../stack/resilient/buildout.cfg
../../stack/monitor/buildout.cfg
../../stack/monitor2/buildout.cfg
# stacks are listed from most generic to most specific,
# to avoid versioning issues
......@@ -54,7 +54,7 @@ mode = 0644
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner.cfg
output = ${buildout:directory}/template-runner.cfg.in
md5sum = 61297b0882cc9d674f4099b8abdd413f
md5sum = 04f5cd311b452836b76808cf29f5a23d
mode = 0644
[template-runner-import-script]
......@@ -69,7 +69,7 @@ mode = 0644
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner-import.cfg.in
output = ${buildout:directory}/instance-runner-import.cfg
md5sum = 6c0a0b0bf28cbcb63831a818edbd6a5d
md5sum = 8ae80f9a9d5523219e1c9065f1cab6d8
mode = 0644
[template-runner-export-script]
......@@ -84,13 +84,13 @@ mode = 0644
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner-export.cfg.in
output = ${buildout:directory}/instance-runner-export.cfg
md5sum = 994e355d713f90bcc17e4b54da65f354
md5sum = d2c374858d421247dfabcf38589a904f
mode = 0644
[template-resilient]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-resilient.cfg.jinja2
md5sum = aa9a99235571729ab93360c4712efa12
md5sum = 3a0559633e10c4f3013355550859ca94
filename = instance-resilient.cfg.jinja2
mode = 0644
......@@ -114,7 +114,7 @@ mode = 0644
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/httpd_conf.in
download-only = true
md5sum = b5d095f54f714d17dff12c0c5fe4afb7
md5sum = 61ac2dd5aeb5af9745d4c72d2571df8a
filename = httpd_conf.in
mode = 0644
......
PidFile "{{ parameters.path_pid }}"
ServerName example.com
ServerAdmin someone@email
<IfDefine !MonitorPort>
Listen [{{ parameters.global_ip }}]:{{ parameters.monitor_port }}
Define MonitorPort
</IfDefine>
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule mime_module modules/mod_mime.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule alias_module modules/mod_alias.so
LoadModule env_module modules/mod_env.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule headers_module modules/mod_headers.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule cache_module modules/mod_cache.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule setenvif_module modules/mod_setenvif.so
ErrorLog "{{ parameters.path_error_log }}"
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog "{{ parameters.path_access_log }}" common
# SSL Configuration
Define SSLConfigured
SSLCertificateFile {{ parameters.cert_file }}
SSLCertificateKeyFile {{ parameters.key_file }}
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLRandomSeed startup /dev/urandom 256
SSLRandomSeed connect builtin
SSLProtocol -ALL +SSLv3 +TLSv1
SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH
SSLEngine On
Include {{ parameters.httpd_cors_file }}
Header set Access-Control-Allow-Credentials "true"
Header set Access-Control-Allow-Methods "PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST"
Header set Access-Control-Allow-Headers "Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Authorization"
Alias /public {{ parameters.runner_home }}/public
Alias /web-public {{ parameters.runner_home }}/public
<Directory {{ parameters.runner_home }}/public>
Order Allow,Deny
Allow from all
......@@ -65,22 +17,19 @@ Alias /public {{ parameters.runner_home }}/public
</Files>
</Directory>
DavLockDB {{ parameters.var_dir }}/DavLock
Alias /share {{ parameters.runner_home }}
Alias /shared {{ parameters.runner_home }}
<Directory {{ parameters.runner_home }}>
DirectoryIndex disabled
DAV On
Options Indexes FollowSymLinks
AuthType Basic
AuthName "webdav"
AuthUserFile "{{ parameters.etc_dir }}/.htpasswd"
AuthUserFile "{{ parameters.etc_dir }}/monitor-htpasswd"
<LimitExcept OPTIONS>
Require valid-user
</LimitExcept>
</Directory>
ScriptSock {{ parameters.path_pid }}
SetEnv GIT_HTTP_EXPORT_ALL
ScriptAlias /git/ {{ parameters.git_http_backend }}/
......@@ -96,7 +45,7 @@ RewriteCond %{REQUEST_URI} /git-receive-pack$
AuthType Basic
AuthName "Git Access"
AuthUserFile "{{ parameters.etc_dir }}/.htpasswd"
AuthUserFile "{{ parameters.etc_dir }}/monitor-htpasswd"
Require valid-user
</LocationMatch>
......@@ -107,9 +56,8 @@ RewriteCond %{REQUEST_URI} /git-receive-pack$
AuthType Basic
AuthName "Git Access"
AuthUserFile "{{ parameters.etc_dir }}/.htpasswd"
AuthUserFile "{{ parameters.etc_dir }}/monitor-htpasswd"
Require valid-user
Satisfy any
</LocationMatch>
include {{ parameters.cgi_httpd_conf }}
......@@ -10,6 +10,10 @@
{% if number_of_instances > 2 %}
{% set number_of_instances = 2 %}
{% endif %}
{% set monitor_return = ['monitor-base-url', 'monitor-url', 'monitor-user', 'monitor-password'] -%}
{% set monitor_parameter = {'monitor-cors-domains': slapparameter_dict.pop('monitor-cors-domains', "")} -%}
{% set monitor_dict = {'parameter': monitor_parameter, 'return': monitor_return, 'set-monitor-url': True} -%}
{% set monitor_interface_url = slapparameter_dict.pop('monitor-interface-url', '') -%}
{% import 'parts' as parts %}
{% import 'replicated' as replicated %}
......@@ -24,11 +28,30 @@ parts +=
{{ parts.replicate("runner", number_of_instances + 1) }}
publish-connection-information
{{ replicated.replicate("runner", number_of_instances + 1, "runner-export", "runner-import", slapparameter_dict=slapparameter_dict) }}
[monitor-htpasswd]
recipe = slapos.cookbook:generate.password
storage-path = ${directory:etc}/.monitor_user
bytes = 8
username = admin
{% do monitor_parameter.__setitem__('monitor-username', slapparameter_dict.get('monitor-username', 'admin'))%}
{% do monitor_parameter.__setitem__('monitor-password', slapparameter_dict.get('monitor-password', '${monitor-htpasswd:passwd}'))%}
{{ replicated.replicate("runner", number_of_instances + 1, "runner-export", "runner-import", slapparameter_dict=slapparameter_dict, monitor_parameter_dict=monitor_dict) }}
[directory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
# XXX Monitoring Main Instane
[monitor-instance-parameter]
monitor-httpd-port = 8160
cors-domains = {{ monitor_parameter.get('monitor-cors-domains', '') }}
# Bubble up the parameters
[request-runner]
return = url ssh-public-key ssh-url notification-id ip backend_url url ssh_command access_url 1_info 2_info monitor_url monitor_backend_url webdav_url public_url git_public_url git_private_url
return = url ssh-public-key ssh-url notification-id ip backend_url url ssh_command access_url 1_info 2_info webdav_url public_url git_public_url git_private_url {{ monitor_return | join(' ') }}
[publish-connection-information]
recipe = slapos.cookbook:publish
......@@ -38,12 +61,16 @@ backend_url = ${request-runner:connection-backend_url}
access_url = ${request-runner:connection-access_url}
url = ${request-runner:connection-url}
ssh_command = ${request-runner:connection-ssh_command}
monitor_url = ${request-runner:connection-monitor_url}
monitor_backend_url = ${request-runner:connection-monitor_backend_url}
webdav_url = ${request-runner:connection-webdav_url}
public_url = ${request-runner:connection-public_url}
git_public_url = ${request-runner:connection-git_public_url}
git_private_url = ${request-runner:connection-git_private_url}
{% for key in monitor_return -%}
{{ key }} = ${request-runner:connection-{{ key }}}
{% endfor -%}
{% if monitor_interface_url -%}
monitor_setup_url = {{ monitor_interface_url }}/#page=settings_configurator&url=${request-runner:connection-monitor-url}
{% endif -%}
[slap-parameter]
# Default parameters for distributed deployment
......
......@@ -28,27 +28,7 @@ parts +=
minishell-cwd
supervisord-wrapper
## Monitoring part
###Parts to add for monitoring
cron
certificate-authority
cron-entry-monitor
cron-entry-rss
deploy-index
deploy-settings-cgi
deploy-status-cgi
deploy-status-history-cgi
setup-static-files
certificate-authority
zero-parameters
public-symlink
cgi-httpd-wrapper
cgi-httpd-graceful-wrapper
monitor-promise
monitor-instance-log-access
bash-profile
## Monitor for runner
monitor-current-log-access
monitor-deploy-cors-domain-cgi
monitor-check-resilient-feed-file
monitor-check-webrunner-internal-instance
......@@ -65,8 +45,12 @@ context =
raw shell_binary ${dash:location}/bin/dash
raw rsync_binary ${rsync:location}/bin/rsync
[monitor-promise]
url = $${monitor-frontend:config-url}/$${deploy-index-template:filename}
[monitor-instance-parameter]
monitor-httpd-port = 8437
# Pass some parameter to dispay in monitoring interface
instance-configuration =
file recovery-code $${recovery-code:storage-path}
raw webrunner-url https://$${request-frontend:connection-domain}
# Extends publish section with resilient parameters
[publish-connection-information]
......@@ -75,10 +59,10 @@ url = $${monitor-frontend:config-url}/$${deploy-index-template:filename}
[monitor-check-resilient-feed-file]
recipe = slapos.recipe.template:jinja2
template = ${template-monitor-check-resilient-feed:location}/${template-monitor-check-resilient-feed:filename}
rendered = $${monitor-directory:monitor-custom-scripts}/check-create-resilient-feed-files.py
rendered = $${monitor-directory:promises}/check-create-resilient-feed-files
mode = 700
context =
key input_feed_directory directory:notifier-feeds
key monitor_feed_directory monitor-directory:public-cgi
key monitor_feed_directory monitor-directory:public
raw base_url http://[$${notifier:host}]:$${notifier:port}/get/
raw python_executable ${buildout:executable}
......@@ -28,29 +28,6 @@ parts +=
importer-consistency-promise
# have to repeat the next one, as it's not inherited from pbsready-import
import-on-notification
## Monitoring part
###Parts to add for monitoring
cron
certificate-authority
cron-entry-monitor
cron-entry-rss
deploy-index
deploy-settings-cgi
deploy-status-cgi
deploy-status-history-cgi
setup-static-files
certificate-authority
zero-parameters
public-symlink
cgi-httpd-wrapper
cgi-httpd-graceful-wrapper
monitor-promise
monitor-instance-log-access
## Monitor for runner
monitor-current-log-access
monitor-backup-log-access
## Monitor for import runner
monitor-latest-restored-backup
# For the needs of importer, we run the full slaprunner
# In case both exporter and importer (aka main instance and clone instance)
......@@ -95,19 +72,29 @@ mode = 755
[slap-parameter]
auto-deploy-instance = false
auto-deploy = true
name = Webrunner import
monitor-cors-domains =
monitor-username = $${monitor-htpasswd:username}
monitor-password = $${monitor-htpasswd:passwd}
[resilient-publish-connection-parameter]
monitor-url = $${monitor-parameters:url}
monitor-base-url = $${publish:monitor-base-url}
monitor-url = $${publish:monitor-url}
monitor-user = $${publish:monitor-user}
monitor-password = $${publish:monitor-password}
[monitor-backup-log-access]
< = monitor-directory-access
source = $${directory:logrotate-backup}
[monitor-latest-restored-backup]
recipe = slapos.recipe.template:jinja2
command = if [ -f $${directory:etc}/.resilient-timestamp ]; then echo "$(date -d @$(cat $${directory:etc}/.resilient-timestamp) +%c)"; else echo "No backup timestamp found"; fi
rendered = $${monitor-directory:monitoring-cgi}/latest-restored-backup
template = ${template-wrapper:output}
mode = 744
context =
key content :command
[monitor-instance-parameter]
monitor-httpd-port = 8360
#monitor-title = $${slap-parameter:name}
#cors-domains = $${slap-parameter:monitor-cors-domains}
#username = $${slap-parameter:monitor-username}
#password = $${slap-parameter:monitor-password}
# Pass some parameter to dispay in monitoring interface
instance-configuration =
raw takeover-url http://[$${resilient-web-takeover-httpd-configuration-file:listening-ip}]:$${resilient-web-takeover-httpd-configuration-file:listening-port}/
raw takeover-password $${resilient-web-takeover-password:passwd}
[monitor-conf-parameters]
private-path-list +=
$${directory:logrotate-backup}
......@@ -31,29 +31,10 @@ parts =
custom-frontend-promise
{% endif %}
## Monitoring part
###Parts to add for monitoring
cron
certificate-authority
cron-entry-monitor
cron-entry-rss
deploy-index
deploy-settings-cgi
deploy-status-cgi
deploy-status-history-cgi
setup-static-files
certificate-authority
zero-parameters
public-symlink
cgi-httpd-wrapper
cgi-httpd-graceful-wrapper
monitor-promise
monitor-instance-log-access
## Monitor for runner
monitor-current-log-access
monitor-deploy-cors-domain-cgi
monitor-check-webrunner-internal-instance
extends = ${monitor-template:output}
extends = ${monitor2-template:rendered}
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
......@@ -179,7 +160,7 @@ debug = False
auto_deploy = $${slap-parameter:auto-deploy}
auto_deploy_instance = $${slap-parameter:auto-deploy-instance}
autorun = $${slap-parameter:autorun}
knowledge0_file = $${buildout:directory}/$${public:filename}
knowledge0_file = $${monitor-instance-parameter:configuration-file-path}
minishell_cwd_file = $${directory:etc}/.minishell-cwd
minishell_history_file = $${directory:etc}/.minishell_history
software_info_json = $${runnerdirectory:home}/software_info.json
......@@ -317,39 +298,39 @@ context =
section param_nginx_frontend nginx-frontend
[httpd-parameters]
path_pid = $${directory:run}/httpd.pid
path_error_log = $${directory:log}/httpd-error.log
path_access_log = $${directory:log}/httpd-access.log
key_file = $${ca-httpd:key-file}
cert_file = $${ca-httpd:cert-file}
#path_pid = $${directory:run}/httpd.pid
#path_error_log = $${directory:log}/httpd-error.log
#path_access_log = $${directory:log}/httpd-access.log
#key_file = $${ca-httpd:key-file}
#cert_file = $${ca-httpd:cert-file}
global_ip = $${slap-network-information:global-ipv6}
global_port = $${slaprunner:runner_port}
monitor_port = $${monitor-parameters:port}
monitor_index = $${deploy-index:rendered}
working_directory = $${slaprunner:working-directory}
dav_lock = $${directory:var}/DavLock
#monitor_index = $${deploy-index:rendered}
#working_directory = $${slaprunner:working-directory}
#dav_lock = $${directory:var}/DavLock
etc_dir = $${directory:etc}
var_dir = $${directory:var}
project_folder = $${directory:project}
#var_dir = $${directory:var}
#project_folder = $${directory:project}
project_private_folder = $${runnerdirectory:private-project}
project_public_folder = $${runnerdirectory:public-project}
runner_home = $${runnerdirectory:home}
git_http_backend = ${git:location}/libexec/git-core/git-http-backend
cgi_httpd_conf = $${monitor-httpd-configuration-file:rendered}
httpd_cors_file = $${monitor-httpd-cors:location}
#cgi_httpd_conf = $${monitor-httpd-configuration-file:rendered}
#httpd_cors_file = $${monitor-httpd-cors:location}
[httpd-conf]
recipe = slapos.recipe.template:jinja2
template = ${template_httpd_conf:location}/${template_httpd_conf:filename}
rendered = $${directory:etc}/httpd.conf
rendered = $${directory:etc}/httpd-part.conf
context =
section parameters httpd-parameters
[cgi-httpd-wrapper]
recipe = slapos.cookbook:wrapper
apache-executable = ${apache:location}/bin/httpd
wrapper-path = $${ca-httpd:executable}
command-line = $${:apache-executable} -f $${httpd-conf:rendered} -DFOREGROUND
#[cgi-httpd-wrapper]
#recipe = slapos.cookbook:wrapper
#apache-executable = ${apache:location}/bin/httpd
#wrapper-path = $${ca-httpd:executable}
#command-line = $${:apache-executable} -f $${httpd-conf:rendered} -DFOREGROUND
#--------------------
#--
......@@ -424,17 +405,6 @@ config-url = $${slaprunner:access-url}
config-domain = $${slap-parameter:frontend-domain}
return = site_url domain
[monitor-frontend]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = Monitor Frontend
# XXX We have hardcoded SR URL here.
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
slave = true
config-url = https://[$${monitor-httpd-configuration:listening-ip}]:$${monitor-parameters:port}
config-domain = $${slap-parameter:frontend-domain}
return = site_url domain
#--------------------------------------
#--
#-- Send information to SlapOS Master
......@@ -447,13 +417,17 @@ backend_url = $${slaprunner:access-url}
access_url = $${:url}/login
url = https://$${request-frontend:connection-domain}
ssh_command = ssh $${dropbear-runner-server:host} -p $${dropbear-runner-server:port}
monitor_url = https://$${monitor-frontend:connection-domain}
monitor_backend_url = https://[$${monitor-httpd-configuration:listening-ip}]:$${monitor-parameters:port}
webdav_url = $${:monitor_url}/share/
public_url = $${:monitor_url}/public/
webdav_url = $${:monitor-base-url}/shared/
public_url = $${:monitor-base-url}/web-public/
git_public_url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:monitor_port}/git-public/
git_private_url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:monitor_port}/git/
monitor-base-url = $${publish:monitor-base-url}
monitor-url = $${publish:monitor-url}
monitor-user = $${publish:monitor-user}
monitor-password = $${publish:monitor-password}
{% if slapparameter_dict.get('monitor-interface-url', '') -%}
monitor_setup_url = {{ slapparameter_dict['monitor-interface-url'] }}/#page=settings_configurator&url=$${publish:monitor-url}
{% endif -%}
#---------------------------
#--
#-- Deploy promises scripts
......@@ -497,7 +471,7 @@ slapos-reference = master
auto-deploy = false
auto-deploy-instance = true
autorun = false
monitor-port = 9684
monitor-port = 9687
instance-name =
[monitor-parameters]
......@@ -599,11 +573,6 @@ url = $${slap-connection:server-url}
key = $${slap-connection:key-file}
cert = $${slap-connection:cert-file}
[public]
recovery-code = $${recovery-code:passwd}
[zero-parameters]
[minishell-cwd]
recipe = plone.recipe.command
......@@ -692,11 +661,41 @@ path = $${directory:promises}/supervisord
hostname = $${slaprunner:ipv4}
port = $${supervisord:port}
# XXX Monitor
[monitor-instance-parameter]
monitor-httpd-port = $${slap-parameter:monitor-port}
{% if slapparameter_dict.get('name', '') -%}
monitor-title = {{ slapparameter_dict['name'] }}
{% endif -%}
cors-domains = {{ slapparameter_dict.get('monitor-cors-domains', '') }}
{% if slapparameter_dict.get('monitor-username', '') -%}
username = {{ slapparameter_dict['monitor-username'] }}
{% endif -%}
{% if slapparameter_dict.get('monitor-password', '') -%}
password = {{ slapparameter_dict['monitor-password'] }}
{% endif -%}
{% if slapparameter_dict.get('monitor-url-list', '') -%}
opml-url-list = {{ slapparameter_dict['monitor-url-list'] }}
{% endif -%}
{% if not slapparameter_dict.get('authorized-key', '') -%}
# Parameter for resilient
# Pass some parameter to dispay in monitoring interface
instance-configuration =
file recovery-code $${recovery-code:storage-path}
{% endif -%}
configuration-file-path = $${buildout:directory}/knowledge0.cfg
[monitor-current-log-access]
< = monitor-directory-access
source = $${directory:log}
[monitor-httpd-conf-parameter]
httpd-include-file = $${httpd-conf:rendered}
[monitor-check-webrunner-internal-instance]
recipe = slapos.recipe.template:jinja2
template = ${monitor-check-webrunner-internal-instance:location}/${monitor-check-webrunner-internal-instance:filename}
rendered = $${monitor-directory:promises}/$${:filename}
filename = monitor-check-webrunner-internal-instance
mode = 0744
# XXX -not needed for monitor2
[monitor-deploy-cors-domain-cgi]
recipe = slapos.recipe.template:jinja2
template = ${cors-domain-cgi:location}/${cors-domain-cgi:filename}
......@@ -712,14 +711,7 @@ context =
key this_file :filename
key httpd_graceful cgi-httpd-graceful-wrapper:rendered
[monitor-check-webrunner-internal-instance]
recipe = slapos.recipe.template:jinja2
template = ${monitor-check-webrunner-internal-instance:location}/${monitor-check-webrunner-internal-instance:filename}
rendered = $${monitor-directory:monitor-custom-scripts}/$${:filename}
filename = monitor-check-webrunner-internal-instance.py
mode = 0744
[monitor-httpd-cors]
[monitor-httpd-cors-xx]
recipe = plone.recipe.command
command = if [ ! -f $${:location} ]; then touch $${:location}; fi
location = $${directory:etc}/$${:filename}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment