slaprunner: fix https for cloud9
[slapos.git] / software / slaprunner / instance-runner.cfg
1 [buildout]
2 parts =
3   nginx_conf
4   nginx-launcher
5   cloud9
6   certificate-authority
7   ca-nginx
8   ca-node-frontend
9   slaprunner
10   test-runner
11   sshkeys-dropbear-runner
12   dropbear-server-add-authorized-key
13   sshkeys-authority
14   publish-connection-informations
15   slaprunner-promise
16   slaprunner-frontend-promise
17   cloud9-promise
18   dropbear-promise
19   symlinks
20   request-cloud9-frontend
21   node-frontend-promise
22   nginx-promise
23
24 eggs-directory = ${buildout:eggs-directory}
25 develop-eggs-directory = ${buildout:develop-eggs-directory}
26 offline = true
27
28
29 # Create all needed directories
30 [directory]
31 recipe = slapos.cookbook:mkdirectory
32 etc = $${buildout:directory}/etc/
33 var = $${buildout:directory}/var/
34 srv = $${buildout:directory}/srv/
35 bin = $${buildout:directory}/bin/
36 tmp = $${buildout:directory}/tmp/
37
38 sshkeys = $${:srv}/sshkeys
39 services = $${:etc}/service/
40 scripts = $${:etc}/run/
41 ssh = $${:etc}/ssh/
42 log = $${:var}/log/
43 run = $${:var}/run/
44 backup = $${:srv}/backup/
45 promises = $${:etc}/promise/
46 test = $${:etc}/test/
47 nginx-data = $${directory:srv}/nginx
48 ca-dir = $${:srv}/ssl
49
50
51 [runnerdirectory]
52 recipe = slapos.cookbook:mkdirectory
53 home = $${directory:srv}/runner/
54 test = $${directory:srv}/test/
55 project = $${:home}/project
56 software-root = $${:home}/software
57 instance-root = $${:home}/instance
58 project-test = $${:test}/project
59 software-test = $${:test}/software
60 instance-test = $${:test}/instance
61 sessions = $${buildout:directory}/.sessions
62
63 #Create password recovery code for slaprunner
64 [recovery-code]
65 recipe = slapos.cookbook:generate.password
66 storage-path = $${directory:etc}/.rcode
67 bytes = 4
68
69 # Deploy cloud9 and slaprunner
70 [cloud9]
71 recipe = slapos.cookbook:cloud9
72 ip = $${slap-network-information:local-ipv4}
73 port = 4443
74 wrapper = $${directory:services}/cloud9
75 working-directory = $${runnerdirectory:home}
76 git-binary = ${git:location}/bin/git
77 node-binary = ${nodejs:location}/bin/node
78 cloud9 = ${cloud9:executable}
79
80 [slaprunner]
81 recipe = slapos.cookbook:slaprunner
82 slaprunner = ${buildout:directory}/bin/slaprunner
83 slapgrid_sr = ${buildout:directory}/bin/slapgrid-sr
84 slapgrid_cp = ${buildout:directory}/bin/slapgrid-cp
85 slapproxy = ${buildout:directory}/bin/slapproxy
86 supervisor = ${buildout:directory}/bin/slapgrid-supervisorctl
87 git-binary = ${git:location}/bin/git
88 slapos.cfg = $${directory:etc}/slapos.cfg
89 working-directory = $${runnerdirectory:home}
90 project-directory = $${runnerdirectory:project}
91 software-directory = $${runnerdirectory:software-root}
92 instance-directory = $${runnerdirectory:instance-root}
93 etc_dir = $${directory:etc}
94 log_dir =  $${directory:log}
95 run_dir = $${directory:run}
96 ssh_client = $${sshkeys-dropbear-runner:wrapper}
97 public_key = $${sshkeys-dropbear-runner:public-key}
98 private_key = $${sshkeys-dropbear-runner:private-key}
99 ipv4 = $${slap-network-information:local-ipv4}
100 ipv6 = $${slap-network-information:global-ipv6}
101 proxy_port = 50000
102 runner_port = 50000
103 partition-amount = $${slap-parameter:instance-amount}
104 cloud9-url = $${cloud9:access-url}
105 wrapper = $${directory:services}/slaprunner
106 debug = $${slap-parameter:debug}
107
108 [test-runner]
109 <= slaprunner
110 recipe = slapos.cookbook:slaprunner.test
111 slaprunnertest = ${buildout:directory}/bin/slaprunnertest
112 slapos.cfg = $${directory:etc}/slapos-test.cfg
113 working-directory = $${runnerdirectory:test}
114 project-directory = $${runnerdirectory:project-test}
115 software-directory = $${runnerdirectory:software-test}
116 instance-directory = $${runnerdirectory:instance-test}
117 proxy_port = 8602
118 wrapper = $${directory:bin}/runTestSuite
119 etc_dir = $${directory:test}
120
121
122 # Deploy dropbear (minimalist SSH server)
123 [sshkeys-directory]
124 recipe = slapos.cookbook:mkdirectory
125 requests = $${directory:sshkeys}/requests/
126 keys = $${directory:sshkeys}/keys/
127
128 [sshkeys-authority]
129 recipe = slapos.cookbook:sshkeys_authority
130 request-directory = $${sshkeys-directory:requests}
131 keys-directory = $${sshkeys-directory:keys}
132 wrapper = $${directory:services}/sshkeys_authority
133 keygen-binary = ${dropbear:location}/bin/dropbearkey
134
135 [dropbear-runner-server]
136 recipe = slapos.cookbook:dropbear
137 host = $${slap-network-information:global-ipv6}
138 port = 22222
139 home = $${directory:ssh}
140 wrapper = $${directory:bin}/runner_sshd
141 shell = ${bash:location}/bin/bash
142 rsa-keyfile = $${directory:ssh}/server_key.rsa
143 dropbear-binary = ${dropbear:location}/sbin/dropbear
144
145 [sshkeys-dropbear-runner]
146 <= sshkeys-authority
147 recipe = slapos.cookbook:sshkeys_authority.request
148 name = dropbear
149 type = rsa
150 executable = $${dropbear-runner-server:wrapper}
151 public-key = $${dropbear-runner-server:rsa-keyfile}.pub
152 private-key = $${dropbear-runner-server:rsa-keyfile}
153 wrapper = $${directory:services}/runner_sshd
154
155 [dropbear-server-add-authorized-key]
156 <= dropbear-runner-server
157 recipe = slapos.cookbook:dropbear.add_authorized_key
158 key = $${slap-parameter:authorized-key}
159
160 #---------------------
161 #--
162 #-- Set node frontend
163
164 [node-frontend]
165 launcher = $${directory:bin}/node-frontend
166 ip = $${slap-network-information:global-ipv6}
167 port = $${cloud9:port}
168 access-url = https://[$${:ip}]:$${:port}
169
170 [node-frontend-launcher]
171 recipe = slapos.recipe.template:jinja2
172 template = ${node-frontend-template:location}/${node-frontend-template:filename}
173 rendered = $${node-frontend:launcher}
174 mode = 700
175 context =
176         key ip node-frontend:ip
177         key port node-frontend:port
178         key key ca-node-frontend:key-file
179         key certificate ca-node-frontend:cert-file
180         key backend_ip nginx-frontend:ip
181         key backend_port nginx-frontend:port
182         raw shell_path ${bash:location}/bin/bash
183         raw node_env ${buildout:parts-directory}:${npm-modules:location}/node_modules
184         raw node_path ${nodejs:location}/bin/node
185         raw conf_path ${simple-proxy:location}/${simple-proxy:filename}
186
187 #---------------------------
188 #--
189 #-- Set nginx frontend
190
191 [tempdirectory]
192 recipe = slapos.cookbook:mkdirectory
193 client_body_temp_path = $${directory:tmp}/client_body_temp_path
194 proxy_temp_path = $${directory:tmp}/proxy_temp_path
195 fastcgi_temp_path = $${directory:tmp}/fastcgi_temp_path
196 uwsgi_temp_path = $${directory:tmp}/uwsgi_temp_path
197 scgi_temp_path = $${directory:tmp}/scgi_temp_path
198
199 [nginx-frontend]
200 # Options
201 nb_workers = 2
202 # Network
203 ip = $${slap-network-information:local-ipv4}
204 port = 30001
205 # Backend
206 backend-ip = $${cloud9:ip}
207 backend-port = $${cloud9:port}
208 # SSL
209 ssl-certificate = $${ca-nginx:cert-file}
210 ssl-key = $${ca-nginx:key-file}
211 # Log
212 path_pid = $${directory:run}/nginx.pid
213 path_log = $${directory:log}/nginx.log
214 path_access_log = $${directory:log}/nginx.access.log
215 path_error_log = $${directory:log}/nginx.error.log
216 path_tmp = $${buildout:directory}/tmp
217 # Config files
218 path_nginx_conf = $${directory:etc}/nginx.conf
219 # Executables
220 bin_nginx = ${nginx:location}/sbin/nginx
221 bin_launcher = $${directory:bin}/launcher
222 # Utils
223 path_shell = ${dash:location}/bin/dash
224 # Misc.
225 etc_dir = $${directory:etc}
226
227
228 [nginx_conf]
229 recipe = slapos.recipe.template:jinja2
230 template = ${template_nginx_conf:location}/${template_nginx_conf:filename}
231 rendered = $${nginx-frontend:path_nginx_conf}
232 context =
233     section param_nginx_frontend nginx-frontend
234     section param_tempdir tempdirectory
235
236 [nginx-launcher]
237 recipe = slapos.recipe.template:jinja2
238 template = ${template_launcher:location}/${template_launcher:filename}
239 rendered = $${nginx-frontend:bin_launcher}
240 mode = 700
241 context =
242     section param_nginx_frontend nginx-frontend
243
244 #--------------------
245 #--
246 #-- ssl certificates
247
248 [certificate-authority]
249 recipe = slapos.cookbook:certificate_authority
250 openssl-binary = ${openssl:location}/bin/openssl
251 ca-dir = $${directory:ca-dir}
252 requests-directory = $${cadirectory:requests}
253 wrapper = $${directory:services}/certificate_authority
254 ca-private = $${cadirectory:private}
255 ca-certs = $${cadirectory:certs}
256 ca-newcerts = $${cadirectory:newcerts}
257 ca-crl = $${cadirectory:crl}
258
259 [cadirectory]
260 recipe = slapos.cookbook:mkdirectory
261 requests = $${directory:ca-dir}/requests/
262 private = $${directory:ca-dir}/private/
263 certs = $${directory:ca-dir}/certs/
264 newcerts = $${directory:ca-dir}/newcerts/
265 crl = $${directory:ca-dir}/crl/
266
267 [ca-nginx]
268 <= certificate-authority
269 recipe = slapos.cookbook:certificate_authority.request
270 key-file = $${cadirectory:certs}/nginx_frontend.key
271 cert-file = $${cadirectory:certs}/nginx_frontend.crt
272 executable = $${nginx-launcher:rendered}
273 wrapper = $${directory:services}/nginx-frontend
274 # Put domain name
275 name = example.com
276
277 [ca-node-frontend]
278 <= certificate-authority
279 recipe = slapos.cookbook:certificate_authority.request
280 key-file = $${cadirectory:certs}/nodejs.key
281 cert-file = $${cadirectory:certs}/nodejs.crt
282 executable = $${node-frontend-launcher:rendered}
283 wrapper = $${directory:services}/node-frontend
284 # Put domain name
285 name = example.com
286
287 #--------------------
288 #--
289 #-- Request frontend
290
291 [request-frontend]
292 <= slap-connection
293 recipe = slapos.cookbook:requestoptional
294 name = SlapRunner Frontend
295 # XXX We have hardcoded SR URL here.
296 software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
297 slave = true
298 config = url
299 config-url = $${slaprunner:access-url}
300 return = site_url
301
302 [request-cloud9-frontend]
303 <= slap-connection
304 recipe = slapos.cookbook:requestoptional
305 name = Cloud9 Frontend
306 software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
307 slave = true
308 config = url https-only
309 config-url = $${node-frontend:access-url}
310 config-https-only = true
311 return = site_url domain
312
313 #--------------------------------------
314 #--
315 #-- Send informations to SlapOS Master
316
317 [publish-connection-informations]
318 recipe = slapos.cookbook:publish
319 1_info = Set your passord in slaprunner in order to access cloud9
320 backend_url = $${slaprunner:access-url}
321 url =  $${request-frontend:connection-site_url}
322 cloud9_backend_url = $${node-frontend:access-url}
323 cloud9_url = https://$${request-cloud9-frontend:connection-domain}
324 ssh_command = ssh $${dropbear-runner-server:host} -p $${dropbear-runner-server:port}
325 password_recovery_code = $${recovery-code:passwd}
326
327 #---------------------------
328 #--
329 #-- Deploy promises scripts
330
331 [slaprunner-promise]
332 recipe = slapos.cookbook:check_port_listening
333 path = $${directory:promises}/slaprunner
334 hostname = $${slaprunner:ipv6}
335 port = $${slaprunner:runner_port}
336
337 [slaprunner-frontend-promise]
338 recipe = slapos.cookbook:check_url_available
339 path = $${directory:promises}/slaprunner_frontend
340 url = $${request-frontend:connection-site_url}
341 dash_path = ${dash:location}/bin/dash
342 curl_path = ${curl:location}/bin/curl
343
344 [cloud9-promise]
345 recipe = slapos.cookbook:check_url_available
346 path = $${directory:promises}/cloud9
347 url = http://$${cloud9:ip}:$${cloud9:port}
348 dash_path = ${dash:location}/bin/dash
349 curl_path = ${curl:location}/bin/curl
350
351 [node-frontend-promise]
352 recipe = slapos.cookbook:check_port_listening
353 path = $${directory:promises}/node-frontend
354 hostname = $${node-frontend:ip}
355 port = $${node-frontend:port}
356
357 [nginx-promise]
358 recipe = slapos.cookbook:check_port_listening
359 path = $${directory:promises}/nginx
360 hostname = $${nginx-frontend:ip}
361 port = $${nginx-frontend:port}
362
363 [dropbear-promise]
364 recipe = slapos.cookbook:check_port_listening
365 path = $${directory:promises}/dropbear
366 hostname = $${dropbear-runner-server:host}
367 port = $${dropbear-runner-server:port}
368
369 [symlinks]
370 recipe = cns.recipe.symlink
371 symlink_target = $${directory:bin}
372 symlink_base = ${buildout:directory}/bin
373
374 [slap-parameter]
375 # Default value if no ssh key is specified
376 authorized-key =
377 # Default value of instances number in slaprunner
378 instance-amount = 10
379 debug = false