Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Titouan Soulard
slapos
Commits
d36b2da7
Commit
d36b2da7
authored
Jan 11, 2019
by
Guillaume Hervier
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
stack/monitor: Add auto-restart on certificate-authority section
/reviewed-on
nexedi/slapos!499
parent
139a2d9c
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
20 additions
and
14 deletions
+20
-14
stack/monitor/buildout.hash.cfg
stack/monitor/buildout.hash.cfg
+1
-1
stack/monitor/instance-monitor.cfg.jinja2.in
stack/monitor/instance-monitor.cfg.jinja2.in
+19
-13
No files found.
stack/monitor/buildout.hash.cfg
View file @
d36b2da7
...
@@ -14,4 +14,4 @@
...
@@ -14,4 +14,4 @@
# not need these here).
# not need these here).
[monitor2-template]
[monitor2-template]
filename = instance-monitor.cfg.jinja2.in
filename = instance-monitor.cfg.jinja2.in
md5sum =
0713a3987d11dc60649d8105ec9746f4
md5sum =
3b3acb2291fc7458bb11efc80a5aba27
stack/monitor/instance-monitor.cfg.jinja2.in
View file @
d36b2da7
...
@@ -51,12 +51,18 @@ recipe = slapos.cookbook:certificate_authority
...
@@ -51,12 +51,18 @@ recipe = slapos.cookbook:certificate_authority
openssl-binary = {{ openssl_executable_location }}
openssl-binary = {{ openssl_executable_location }}
ca-dir = ${ca-directory:root}
ca-dir = ${ca-directory:root}
requests-directory = ${ca-directory:requests}
requests-directory = ${ca-directory:requests}
wrapper = ${directory:
services
}/certificate_authority
wrapper = ${directory:
bin
}/certificate_authority
ca-private = ${ca-directory:private}
ca-private = ${ca-directory:private}
ca-certs = ${ca-directory:certs}
ca-certs = ${ca-directory:certs}
ca-newcerts = ${ca-directory:newcerts}
ca-newcerts = ${ca-directory:newcerts}
ca-crl = ${ca-directory:crl}
ca-crl = ${ca-directory:crl}
[certificate-authority-service]
recipe = slapos.cookbook:wrapper
command-line = ${certificate-authority:wrapper}
wrapper-path = ${directory:services}/certificate_authority
hash-files = ${buildout:directory}/software_release/buildout.cfg
[ca-monitor-httpd]
[ca-monitor-httpd]
<= certificate-authority
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
recipe = slapos.cookbook:certificate_authority.request
...
@@ -84,12 +90,12 @@ log-folder = ${monitor-directory:log}
...
@@ -84,12 +90,12 @@ log-folder = ${monitor-directory:log}
document-folder = ${monitor-directory:documents}
document-folder = ${monitor-directory:documents}
pid-file = ${monitor-directory:pids}/monitor-bootstrap.pid
pid-file = ${monitor-directory:pids}/monitor-bootstrap.pid
public-path-list =
public-path-list =
private-path-list = ${directory:log}
private-path-list = ${directory:log}
monitor-url-list = ${monitor-instance-parameter:monitor-url-list}
monitor-url-list = ${monitor-instance-parameter:monitor-url-list}
parameter-file-path = ${monitor-instance-parameter:configuration-file-path}
parameter-file-path = ${monitor-instance-parameter:configuration-file-path}
parameter-list =
parameter-list =
raw monitor-user ${monitor-instance-parameter:username}
raw monitor-user ${monitor-instance-parameter:username}
htpasswd monitor-password ${httpd-monitor-htpasswd:password-file} ${monitor-instance-parameter:username} ${httpd-monitor-htpasswd:htpasswd-path}
htpasswd monitor-password ${httpd-monitor-htpasswd:password-file} ${monitor-instance-parameter:username} ${httpd-monitor-htpasswd:htpasswd-path}
file min-free-disk-MB ${promise-check-free-disk-space:config-threshold-file}
file min-free-disk-MB ${promise-check-free-disk-space:config-threshold-file}
...
@@ -144,8 +150,8 @@ stop-on-error = true
...
@@ -144,8 +150,8 @@ stop-on-error = true
password-file = ${directory:etc}/.monitor_pwd
password-file = ${directory:etc}/.monitor_pwd
htpasswd-path = ${monitor-directory:etc}/monitor-htpasswd
htpasswd-path = ${monitor-directory:etc}/monitor-htpasswd
# Keep multiple lines as password can end with newline char.
# Keep multiple lines as password can end with newline char.
command =
command =
if [ ! -s "${:htpasswd-path}" ]; then
if [ ! -s "${:htpasswd-path}" ]; then
{{ apache_location }}/bin/htpasswd -cb ${:htpasswd-path} ${:user} ${:password}
{{ apache_location }}/bin/htpasswd -cb ${:htpasswd-path} ${:user} ${:password}
fi
fi
if [ ! -s "${:password-file}" ]; then echo "${monitor-instance-parameter:password}" > ${:password-file}; fi
if [ ! -s "${:password-file}" ]; then echo "${monitor-instance-parameter:password}" > ${:password-file}; fi
...
@@ -170,7 +176,7 @@ key-file = ${ca-directory:certs}/httpd.key
...
@@ -170,7 +176,7 @@ key-file = ${ca-directory:certs}/httpd.key
htpasswd-file = ${httpd-monitor-htpasswd:htpasswd-path}
htpasswd-file = ${httpd-monitor-htpasswd:htpasswd-path}
url = https://[${monitor-instance-parameter:monitor-httpd-ipv6}]:${:port}
url = https://[${monitor-instance-parameter:monitor-httpd-ipv6}]:${:port}
httpd-cors-config-file = ${monitor-httpd-cors:rendered}
httpd-cors-config-file = ${monitor-httpd-cors:rendered}
httpd-include-file =
httpd-include-file =
[monitor-httpd-conf]
[monitor-httpd-conf]
recipe = slapos.recipe.template:jinja2
recipe = slapos.recipe.template:jinja2
...
@@ -224,7 +230,7 @@ mode = 700
...
@@ -224,7 +230,7 @@ mode = 700
[promise-monitor-httpd-is-process-older-than-dependency-set]
[promise-monitor-httpd-is-process-older-than-dependency-set]
recipe = slapos.cookbook:wrapper
recipe = slapos.cookbook:wrapper
command-line = {{ bin_directory }}/is-process-older-than-dependency-set ${monitor-httpd-conf-parameter:pid-file}
command-line = {{ bin_directory }}/is-process-older-than-dependency-set ${monitor-httpd-conf-parameter:pid-file}
wrapper-path = ${directory:promises}/promise-monitor-httpd-is-process-older-than-dependency-set
wrapper-path = ${directory:promises}/promise-monitor-httpd-is-process-older-than-dependency-set
[monitor-globalstate-wrapper]
[monitor-globalstate-wrapper]
...
@@ -362,7 +368,7 @@ recipe = slapos.cookbook:promise.plugin
...
@@ -362,7 +368,7 @@ recipe = slapos.cookbook:promise.plugin
eggs =
eggs =
slapos.toolbox
slapos.toolbox
file = ${monitor-conf-parameters:promise-output-file}
file = ${monitor-conf-parameters:promise-output-file}
content =
content =
from slapos.promise.plugin.monitor_bootstrap_status import RunPromise
from slapos.promise.plugin.monitor_bootstrap_status import RunPromise
output = ${directory:plugins}/monitor-bootstrap-status.py
output = ${directory:plugins}/monitor-bootstrap-status.py
mode = 600
mode = 600
...
@@ -375,7 +381,7 @@ recipe = slapos.cookbook:promise.plugin
...
@@ -375,7 +381,7 @@ recipe = slapos.cookbook:promise.plugin
eggs =
eggs =
slapos.toolbox
slapos.toolbox
output = ${directory:plugins}/buildout-${slap-connection:partition-id}-status.py
output = ${directory:plugins}/buildout-${slap-connection:partition-id}-status.py
content =
content =
from slapos.promise.plugin.check_partition_deployment_state import RunPromise
from slapos.promise.plugin.check_partition_deployment_state import RunPromise
config-monitor-url = ${monitor-instance-parameter:monitor-base-url}
config-monitor-url = ${monitor-instance-parameter:monitor-base-url}
mode = 600
mode = 600
...
@@ -385,7 +391,7 @@ recipe = slapos.cookbook:promise.plugin
...
@@ -385,7 +391,7 @@ recipe = slapos.cookbook:promise.plugin
eggs =
eggs =
slapos.toolbox
slapos.toolbox
output = ${directory:plugins}/check-free-disk-space.py
output = ${directory:plugins}/check-free-disk-space.py
content =
content =
from slapos.promise.plugin.check_free_disk_space import RunPromise
from slapos.promise.plugin.check_free_disk_space import RunPromise
mode = 600
mode = 600
config-collectordb = ${monitor-instance-parameter:collector-db}
config-collectordb = ${monitor-instance-parameter:collector-db}
...
@@ -396,7 +402,7 @@ config-threshold-file = ${directory:etc}/min-free-disk-size
...
@@ -396,7 +402,7 @@ config-threshold-file = ${directory:etc}/min-free-disk-size
# create dependencies between required monitor parts
# create dependencies between required monitor parts
recipe = plone.recipe.command
recipe = plone.recipe.command
command = true
command = true
update-command =
update-command =
base-url = ${monitor-conf-parameters:base-url}
base-url = ${monitor-conf-parameters:base-url}
depends =
depends =
${monitor-globalstate-cron-entry:name}
${monitor-globalstate-cron-entry:name}
...
@@ -404,7 +410,7 @@ depends =
...
@@ -404,7 +410,7 @@ depends =
${monitor-collect-cron-entry:name}
${monitor-collect-cron-entry:name}
${cron-entry-logrotate:name}
${cron-entry-logrotate:name}
${logrotate-entry-cron:name}
${logrotate-entry-cron:name}
${certificate-authority:wrapper}
${certificate-authority
-service
:wrapper}
${monitor-conf:rendered}
${monitor-conf:rendered}
${start-monitor:wrapper-path}
${start-monitor:wrapper-path}
${ca-monitor-httpd-service:wrapper-path}
${ca-monitor-httpd-service:wrapper-path}
...
@@ -424,5 +430,5 @@ monitor-setup-url = ${monitor-instance-parameter:interface-url}/#page=settings_c
...
@@ -424,5 +430,5 @@ monitor-setup-url = ${monitor-instance-parameter:interface-url}/#page=settings_c
[buildout]
[buildout]
extends =
extends =
{{ template_logrotate_base }}
{{ template_logrotate_base }}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment