software/slapos-in-partition/instance.cfg.jinja2

   1 [buildout]
   2 parts =
   3   slapos-configuration-file
   4   cron-entry-slapos
   5   slapos-node-format-wrapper-script
   6
   7   httpd-wrapper
   8
   9   cron
  10   logrotate
  11   logrotate-entry-httpd
  12   logrotate-entry-slapos
  13
  14   sshkeys-dropbear
  15   dropbear-server-add-authorized-key
  16   sshkeys-authority
  17   publish-connection-informations
  18   dropbear-promise
  19
  20
  21 eggs-directory = {{ eggs_directory }}
  22 develop-eggs-directory = {{ develop_eggs_directory }}
  23 offline = true
  24
  25 [instance-parameter]
  26 recipe = slapos.cookbook:slapconfiguration
  27 computer = ${slap_connection:computer_id}
  28 partition = ${slap_connection:partition_id}
  29 url = ${slap_connection:server_url}
  30 key = ${slap_connection:key_file}
  31 cert = ${slap_connection:cert_file}
  32
  33 configuration.master-url = https://slap.vifib.com
  34 configuration.authorized-key =
  35
  36 # Create all needed directories
  37 [directory]
  38 recipe = slapos.cookbook:mkdirectory
  39 mode = 0750
  40
  41 etc = ${buildout:directory}/etc/
  42 var = ${buildout:directory}/var/
  43 srv = ${buildout:directory}/srv/
  44 bin = ${buildout:directory}/bin/
  45
  46 sshkeys = ${:srv}/sshkeys
  47 service = ${:etc}/service/
  48 script = ${:etc}/run/
  49 ssh = ${:etc}/ssh/
  50 log = ${:var}/log/
  51 run = ${:var}/run/
  52 backup = ${:srv}/backup/
  53 promises = ${:etc}/promise/
  54
  55 slapos-partitions-certificate-repository = ${:var}/pki
  56 software-root = ${:srv}/slapos-software
  57 instance-root = ${:srv}/slapos-instance
  58 slapos-log = ${:log}/slapos
  59
  60 {% for i in range(0,10) %}
  61 slappart{{i}} = ${:instance-root}/slappart{{i}}
  62 {% endfor %}
  63
  64 cron-entries = ${:etc}/cron.d
  65 crontabs = ${:etc}/crontabs
  66 cronstamps = ${:etc}/cronstamps
  67
  68 logrotate-entries = ${:etc}/logrotate.d
  69 logrotate-backup = ${:backup}/logrotate
  70
  71 httpd-log = ${:log}/httpd
  72
  73
  74 ########
  75 # Deploy slapos.cfg, computer certificates and slapos node wrapper
  76 ########
  77 [slapos-computer-certificate-file]
  78 recipe = collective.recipe.template
  79 input = inline:${instance-parameter:configuration.computer-certificate}
  80 output = ${directory:var}/slapos-computer.crt
  81
  82 [slapos-computer-key-file]
  83 recipe = collective.recipe.template
  84 input = inline:${instance-parameter:configuration.computer-key}
  85 output = ${directory:var}/slapos-computer.key
  86
  87 [computer-definition-file]
  88 recipe = collective.recipe.template
  89 input = inline:
  90   [computer]
  91 {% for i in range(0,10|int) %}
  92   [partition_{{i}}]
  93   address = ${instance-parameter:ipv4-random}/255.255.255.0 ${instance-parameter:ipv6-random}/64
  94   pathname = slappart{{i}}
  95   user = dummy
  96   network_interface = dummy
  97 {% endfor %}
  98 output = ${directory:etc}/slapos-computer-definition.cfg
  99
 100 [slapos-configuration-file]
 101 recipe = slapos.recipe.template
 102 url = {{ slapos_configuration_file_template_path }}
 103 output = ${directory:etc}/slapos.cfg
 104 #md5sum = 4861be4a581686feef9f9edea865d7ee
 105 software-root = ${directory:software-root}
 106 instance-root = ${directory:instance-root}
 107 master-url = ${instance-parameter:configuration.master-url}
 108 computer-id = ${instance-parameter:configuration.computer-id}
 109 # XXX should be a parameter
 110 partition-amount = 10
 111 computer-definition-file = ${computer-definition-file:output}
 112 computer-xml = ${directory:var}/slapos.xml
 113 computer-key-file = ${slapos-computer-key-file:output}
 114 computer-certificate-file = ${slapos-computer-certificate-file:output}
 115 certificate-repository-path = ${directory:slapos-partitions-certificate-repository}
 116
 117 [slapos-node-instance-wrapper]
 118 recipe = slapos.cookbook:wrapper
 119 command-line = {{ bin_directory }}/slapos node instance --cfg ${slapos-configuration-file:output} --pidfile ${directory:run}/slapos-instance.pid --logfile ${directory:slapos-log}/slapos-instance.cfg
 120 wrapper-path = ${directory:bin}/slapos-node-instance
 121 parameters-extra = true
 122
 123 [slapos-node-software-wrapper]
 124 recipe = slapos.cookbook:wrapper
 125 command-line = {{ bin_directory }}/slapos node software --cfg ${slapos-configuration-file:output} --pidfile ${directory:run}/slapos-software.pid --logfile ${directory:slapos-log}/slapos-software.cfg
 126 wrapper-path = ${directory:bin}/slapos-node-software
 127 parameters-extra = true
 128
 129 [slapos-node-report-wrapper]
 130 recipe = slapos.cookbook:wrapper
 131 command-line = {{ bin_directory }}/slapos node report --cfg ${slapos-configuration-file:output} --pidfile ${directory:run}/slapos-report.pid --logfile ${directory:slapos-log}/slapos-report.cfg
 132 wrapper-path = ${directory:bin}/slapos-node-report
 133 parameters-extra = true
 134
 135 [slapos-node-format-wrapper]
 136 recipe = slapos.cookbook:wrapper
 137 command-line = {{ bin_directory }}/slapos node format --cfg ${slapos-configuration-file:output} --logfile=${directory:slapos-log}/slapos-node-format.log --now
 138 wrapper-path = ${directory:bin}/slapos-node-format
 139 parameters-extra = true
 140
 141 [slapos-node-format-wrapper-script]
 142 # Create a wrapper of the wrapper in etc/run
 143 recipe = collective.recipe.template
 144 input = inline:#!{{ bash_executable }}
 145   false
 146   while [ ! $? -eq 0 ]; do
 147     ${slapos-node-format-wrapper:wrapper-path}
 148   done
 149 output = ${directory:script}/slapos-node-format
 150 mode = 700
 151
 152
 153 #########
 154 # Deploy some http server to see logs online
 155 #########
 156 # XXX could it be something lighter?
 157 [httpd-configuration-file]
 158 recipe = slapos.recipe.template
 159 url = {{ httpd_configuration_file_template_path }}
 160 output = ${directory:etc}/httpd.conf
 161 # md5sum =
 162 listening-ip = ${instance-parameter:ipv6-random}
 163 listening-port = 8080
 164 htdocs = ${directory:log}
 165 pid-file = ${directory:run}/httpd.pid
 166 access-log = ${directory:httpd-log}/access-log
 167 error-log = ${directory:httpd-log}/error-log
 168 document-root = ${directory:log}
 169
 170 # XXX logrotate for httpd
 171
 172 [httpd-wrapper]
 173 recipe = slapos.cookbook:wrapper
 174 apache-executable = {{ httpd_executable }}
 175 command-line = ${:apache-executable} -f ${httpd-configuration-file:output} -DFOREGROUND
 176 wrapper-path = ${directory:service}/httpd
 177 # generated parameter containing url to use for other sections
 178 url = http://[${httpd-configuration-file:listening-ip}]/
 179
 180 #[httpd-wrapper]
 181 #recipe = collective.recipe.template
 182 #input = inline:
 183 #  #!${buildout:executable}
 184 #  import SimpleHTTPServer
 185 #  import SocketServer
 186 #  PORT = ${:listening-port}
 187 #  LISTENING_IP = '${:listening-ip}'
 188 #  Handler = SimpleHTTPServer.SimpleHTTPRequestHandler
 189 #  httpd = SocketServer.TCPServer((LISTENING_IP, PORT), Handler)
 190 #  print "serving at port", PORT
 191 #  httpd.serve_forever()
 192 #output = ${directory:service}/httpd
 193 #listening-ip = ${instance-parameter:ipv6-random}
 194 #listening-port = 8080
 195 #mode = 755
 196
 197
 198 #########
 199 # Deploy logrotate
 200 #########
 201 [logrotate]
 202 recipe = slapos.cookbook:logrotate
 203 # Binaries
 204 logrotate-binary = {{ logrotate_executable }}
 205 gzip-binary = {{ gzip_executable }}
 206 gunzip-binary = {{ gunzip_executable }}
 207 # Directories
 208 wrapper = ${directory:bin}/logrotate
 209 conf = ${directory:etc}/logrotate.conf
 210 logrotate-entries = ${directory:logrotate-entries}
 211 backup = ${directory:logrotate-backup}
 212 state-file = ${directory:srv}/logrotate.status
 213
 214 [logrotate-entry-httpd]
 215 <= logrotate
 216 recipe = slapos.cookbook:logrotate.d
 217 name = httpd
 218 log = ${httpd-configuration-file:access-log} ${httpd-configuration-file:error-log}
 219 frequency = daily
 220 rotate-num = 30
 221 post = {{ bin_directory }}/killpidfromfile $${apache-configuration:pid-file} SIGUSR1
 222 sharedscripts = true
 223 notifempty = true
 224 create = true
 225
 226 [logrotate-entry-slapos]
 227 <= logrotate
 228 recipe = slapos.cookbook:logrotate.d
 229 name = slapos
 230 log = ${directory:slapos-log}/*.log
 231 frequency = daily
 232 rotate-num = 30
 233 #post = {{ bin_directory }}/killpidfromfile ${nginx-configuration:pid-file} SIGUSR1
 234 sharedscripts = true
 235 notifempty = true
 236 create = true
 237
 238 ###########
 239 # Deploy cron and configure it
 240 ###########
 241 [cron-simplelogger]
 242 recipe = slapos.cookbook:simplelogger
 243 wrapper = ${directory:bin}/cron_simplelogger
 244 log = ${directory:log}/crond.log
 245
 246 [cron]
 247 recipe = slapos.cookbook:cron
 248 dcrond-binary = {{ dcron_executable }}
 249 cron-entries = ${directory:cron-entries}
 250 crontabs = ${directory:crontabs}
 251 cronstamps = ${directory:cronstamps}
 252 catcher = ${cron-simplelogger:wrapper}
 253 binary = ${directory:service}/crond
 254
 255 [cron-entry-slapos]
 256 recipe = collective.recipe.template
 257 # Add current PATH to environment, otherwise, gcc is not able to find its own cc1.
 258 # We don't add it in the top of the script, because dcron disallow it.
 259 # XXX: maybe it works if we take PATH from instance, not software.
 260 input = inline:
 261   * * * * * PATH={{ path }} ${slapos-node-instance-wrapper:wrapper-path} > /dev/null 2>&1
 262   * * * * * PATH={{ path }} ${slapos-node-software-wrapper:wrapper-path} > /dev/null 2>&1
 263   * * * * * PATH={{ path }} ${slapos-node-report-wrapper:wrapper-path} > /dev/null 2>&1
 264 output = ${directory:cron-entries}/slapos
 265
 266 [cron-entry-logrotate]
 267 <= cron
 268 recipe = slapos.cookbook:cron.d
 269 name = logrotate
 270 frequency = 0 0 * * *
 271 command = $${logrotate:wrapper}
 272
 273
 274
 275 # XXX what to do for slapformat?
 276
 277 #########
 278 # Deploy dropbear (minimalist SSH server)
 279 #########
 280 [sshkeys-directory]
 281 recipe = slapos.cookbook:mkdirectory
 282 requests = ${directory:sshkeys}/requests/
 283 keys = ${directory:sshkeys}/keys/
 284
 285 [sshkeys-authority]
 286 recipe = slapos.cookbook:sshkeys_authority
 287 request-directory = ${sshkeys-directory:requests}
 288 keys-directory = ${sshkeys-directory:keys}
 289 wrapper = ${directory:service}/sshkeys_authority
 290 keygen-binary = {{ dropbearkey_executable }}
 291
 292 [dropbear-server]
 293 recipe = slapos.cookbook:dropbear
 294 host = ${instance-parameter:ipv6-random}
 295 port = 2222
 296 home = ${directory:ssh}
 297 wrapper = ${directory:bin}/raw_sshd
 298 shell = {{ bash_executable }}
 299 rsa-keyfile = ${directory:ssh}/server_key.rsa
 300 dropbear-binary = {{ dropbear_executable }}
 301
 302 [sshkeys-dropbear]
 303 <= sshkeys-authority
 304 recipe = slapos.cookbook:sshkeys_authority.request
 305 name = dropbear
 306 type = rsa
 307 executable = ${dropbear-server:wrapper}
 308 public-key = ${dropbear-server:rsa-keyfile}.pub
 309 private-key = ${dropbear-server:rsa-keyfile}
 310 wrapper = ${directory:service}/sshd
 311
 312 [dropbear-server-add-authorized-key]
 313 <= dropbear-server
 314 recipe = slapos.cookbook:dropbear.add_authorized_key
 315 key = ${instance-parameter:configuration.authorized-key}
 316
 317
 318 # Deploy a frontend for log
 319 # XXX TODO
 320
 321 #########
 322 # Send informations to SlapOS Master
 323 #########
 324 [publish-connection-informations]
 325 recipe = slapos.cookbook:publish
 326 log-viewer-url = http://[${httpd-configuration-file:listening-ip}]:${httpd-configuration-file:listening-port}
 327
 328 #########
 329 # Deploy promises scripts
 330 #########
 331 [dropbear-promise]
 332 recipe = slapos.cookbook:check_port_listening
 333 path = ${directory:promises}/dropbear
 334 hostname = ${dropbear-server:host}
 335 port = ${dropbear-server:port}
 336