more comments; changed superuser name
[slapos.git] / stack / lapp / postgres / instance-postgres.cfg.in
1 [buildout]
2 parts =
3   urls
4   postgres-instance
5   postgres-promise
6   stunnel
7   certificate-authority
8   ca-stunnel
9   logrotate
10   logrotate-entry-stunnel
11   logrotate-entry-cron
12   cron
13   cron-entry-logrotate
14   slapmonitor
15   slapmonitor-xml
16
17 gzip-binary = ${gzip:location}/bin/gzip
18
19 # Define egg directories to be the one from Software Release
20 # (/opt/slapgrid/...)
21 eggs-directory = ${buildout:eggs-directory}
22 develop-eggs-directory = ${buildout:develop-eggs-directory}
23 offline = true
24
25
26 #----------------
27 #--
28 #-- Creation of all needed directories.
29
30 [rootdirectory]
31 recipe = slapos.cookbook:mkdirectory
32 etc = $${buildout:directory}/etc
33 var = $${buildout:directory}/var
34 srv = $${buildout:directory}/srv
35 bin = $${buildout:directory}/bin
36
37 [basedirectory]
38 recipe = slapos.cookbook:mkdirectory
39 log = $${rootdirectory:var}/log
40 services = $${rootdirectory:etc}/service
41 run = $${rootdirectory:var}/run
42 script = $${rootdirectory:etc}/script
43 backup = $${rootdirectory:srv}/backup
44 promises = $${rootdirectory:etc}/promise
45
46 [directory]
47 recipe = slapos.cookbook:mkdirectory
48 cron-entries = $${rootdirectory:etc}/cron.d
49 crontabs = $${rootdirectory:etc}/crontabs
50 cronstamps = $${rootdirectory:etc}/cronstamps
51 ca-dir = $${rootdirectory:srv}/ssl
52 logrotate-backup = $${basedirectory:backup}/logrotate
53 report = $${rootdirectory:etc}/report
54 stunnel-conf = $${rootdirectory:etc}/stunnel
55 logrotate-entries = $${rootdirectory:etc}/logrotate.d
56 xml-report = $${rootdirectory:var}/xml_report
57
58
59 #----------------
60 #--
61 #-- Deploy cron.
62
63 [cron]
64 recipe = slapos.cookbook:cron
65 dcrond-binary = ${dcron:location}/sbin/crond
66 cron-entries = $${directory:cron-entries}
67 crontabs = $${directory:crontabs}
68 cronstamps = $${directory:cronstamps}
69 catcher = $${cron-simplelogger:wrapper}
70 binary = $${basedirectory:services}/crond
71
72 [cron-simplelogger]
73 recipe = slapos.cookbook:simplelogger
74 wrapper = $${rootdirectory:bin}/cron_simplelogger
75 log = $${basedirectory:log}/crond.log
76
77
78 #----------------
79 #--
80 #-- Deploy logrotate.
81
82 [cron-entry-logrotate]
83 <= cron
84 recipe = slapos.cookbook:cron.d
85 name = logrotate
86 frequency = 0 0 * * *
87 command = $${logrotate:wrapper}
88
89 [logrotate]
90 recipe = slapos.cookbook:logrotate
91 # Binaries
92 logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
93 gzip-binary = $${buildout:gzip-binary}
94 gunzip-binary = ${gzip:location}/bin/gunzip
95 # Directories
96 wrapper = $${rootdirectory:bin}/logrotate
97 conf = $${rootdirectory:etc}/logrotate.conf
98 logrotate-entries = $${directory:logrotate-entries}
99 backup = $${directory:logrotate-backup}
100 state-file = $${rootdirectory:srv}/logrotate.status
101
102 [logrotate-entry-stunnel]
103 <= logrotate
104 recipe = slapos.cookbook:logrotate.d
105 name = stunnel
106 log = $${stunnel:log-file}
107 frequency = daily
108 rotate-num = 30
109 notifempty = true
110 create = true
111 post = $${stunnel:post-rotate-script}
112
113 [logrotate-entry-cron]
114 <= logrotate
115 recipe =slapos.cookbook:logrotate.d
116 name = crond
117 log = $${cron-simplelogger:log}
118 frequency = daily
119 rotate-num = 30
120 notifempty = true
121 create = true
122
123
124 #----------------
125 #--
126 #-- Deploy stunnel.
127
128 [stunnel]
129 recipe = slapos.cookbook:stunnel
130 stunnel-binary = ${stunnel:location}/bin/stunnel
131 wrapper = $${rootdirectory:bin}/stunnel
132 log-file = $${basedirectory:log}/stunnel.log
133 config-file = $${directory:stunnel-conf}/stunnel.conf
134 key-file = $${directory:stunnel-conf}/stunnel.key
135 cert-file = $${directory:stunnel-conf}/stunnel.crt
136 pid-file = $${basedirectory:run}/stunnel.pid
137 local-host = $${instance-parameters:ipv4_random}
138 local-port = $${postgres-instance:port}
139 remote-host = $${instance-parameters:ipv6_random}
140 remote-port = 6446
141 client = false
142 post-rotate-script = $${rootdirectory:bin}/stunnel_post_rotate
143
144
145 #----------------
146 #--
147 #-- Certificate stuff.
148
149 [certificate-authority]
150 recipe = slapos.cookbook:certificate_authority
151 openssl-binary = ${openssl:location}/bin/openssl
152 ca-dir = $${directory:ca-dir}
153 requests-directory = $${cadirectory:requests}
154 wrapper = $${basedirectory:services}/ca
155 ca-private = $${cadirectory:private}
156 ca-certs = $${cadirectory:certs}
157 ca-newcerts = $${cadirectory:newcerts}
158 ca-crl = $${cadirectory:crl}
159
160 [cadirectory]
161 recipe = slapos.cookbook:mkdirectory
162 requests = $${directory:ca-dir}/requests/
163 private = $${directory:ca-dir}/private/
164 certs = $${directory:ca-dir}/certs/
165 newcerts = $${directory:ca-dir}/newcerts/
166 crl = $${directory:ca-dir}/crl/
167
168
169 #----------------
170 #--
171 #-- Creates a Postgres cluster, configuration files, and a database.
172
173 [postgres-instance]
174 recipe = slapos.cookbook:postgres
175 ipv6 = $${instance-parameters:ipv6}
176 ipv4 = $${instance-parameters:ipv4}
177 ipv6_random = $${instance-parameters:ipv6_random}
178 superuser = postgres
179 port = 5432
180 dbname = db
181 # pgdata_directory is created by initdb, and should not exist beforehand.
182 pgdata-directory = $${rootdirectory:var}/data
183 backup-directory = $${basedirectory:backup}/postgres
184 bin = $${rootdirectory:bin}
185 services = $${basedirectory:services}
186 dependency-symlinks = $${symlinks:recipe}
187
188 [ca-stunnel]
189 <= certificate-authority
190 recipe = slapos.cookbook:certificate_authority.request
191 executable = $${stunnel:wrapper}
192 wrapper = $${basedirectory:services}/stunnel
193 key-file = $${stunnel:key-file}
194 cert-file = $${stunnel:cert-file}
195
196
197 #----------------
198 #--
199 #-- Creates symlinks from the instance to the software release.
200
201 [symlinks]
202 recipe = cns.recipe.symlink
203 symlink_target = $${rootdirectory:bin}
204 symlink_base = ${postgresql:location}/bin
205
206
207 #----------------
208 #--
209 #-- Deploy slapmonitor.
210
211 [slapmonitor]
212 recipe = slapos.cookbook:slapmonitor
213 pid-file = $${postgres-instance:pgdata-directory}/postmaster.pid
214 database-path = $${basedirectory:log}/slapmonitor.db
215 slapmonitor-path = ${buildout:bin-directory}/slapmonitor
216 path = $${basedirectory:services}/slapmonitor
217
218 [slapmonitor-xml]
219 recipe = slapos.cookbook:slapmonitor-xml
220 database-path = $${basedirectory:log}/slapmonitor.db
221 slapmonitor-xml-path = ${buildout:bin-directory}/slapmonitor-xml
222 path = $${directory:report}/slapmonitor-xml
223
224
225 #----------------
226 #--
227 #-- Deploy promise scripts.
228
229 [postgres-promise]
230 recipe = slapos.cookbook:check_port_listening
231 path = $${basedirectory:promises}/postgres
232 hostname = $${instance-parameters:ipv6_random}
233 port = $${postgres-instance:port}
234
235
236 #----------------
237 #--
238 #-- Publish instance parameters.
239
240 [urls]
241 recipe = slapos.cookbook:publish
242 url = $${postgres-instance:url}
243 ip = $${instance-parameters:ipv6_random}
244
245
246 #----------------
247 #--
248 #-- Fetches parameters defined in SlapOS Master for this instance
249
250 [instance-parameters]
251 recipe = slapos.cookbook:slapconfiguration
252 computer = $${slap-connection:computer-id}
253 partition = $${slap-connection:partition-id}
254 url = $${slap-connection:server-url}
255 key = $${slap-connection:key-file}
256 cert = $${slap-connection:cert-file}
257