manual port of changes on lapp-resilient over this new branch
[slapos.git] / stack / lapp / apache / instance-apache-backup.cfg.in
1 [buildout]
2
3 parts =
4   urls
5   apache-proxy
6   logrotate
7   logrotate-entry-apache
8   cron
9   cron-entry-logrotate
10   sshkeys-authority
11   sshkeys-dropbear
12   dropbear-server
13   dropbear-server-pbs-authorized-key
14
15 eggs-directory = ${buildout:eggs-directory}
16 develop-eggs-directory = ${buildout:develop-eggs-directory}
17 offline = true
18
19
20 #----------------
21 #--
22 #-- Creation of all needed directories.
23
24 [rootdirectory]
25 recipe = slapos.cookbook:mkdirectory
26 etc = $${buildout:directory}/etc
27 var = $${buildout:directory}/var
28 srv = $${buildout:directory}/srv
29 bin = $${buildout:directory}/bin
30 tmp = $${buildout:directory}/tmp
31
32 [basedirectory]
33 recipe = slapos.cookbook:mkdirectory
34 log = $${rootdirectory:var}/log
35 services = $${rootdirectory:etc}/run
36 run = $${rootdirectory:var}/run
37 backup = $${rootdirectory:srv}/backup
38 promises = $${rootdirectory:etc}/promise
39
40 [directory]
41 recipe = slapos.cookbook:mkdirectory
42 htdocs = $${rootdirectory:srv}/www
43 logrotate-entries = $${rootdirectory:etc}/logrotate.d
44 logrotate-backup = $${basedirectory:backup}/logrotate
45 cronstamps = $${rootdirectory:etc}/cronstamps
46 cron-entries = $${rootdirectory:etc}/cron.d
47 crontabs = $${rootdirectory:etc}/crontabs
48 ssh = $${rootdirectory:etc}/ssh
49 sshkeys = $${rootdirectory:srv}/sshkeys
50 httpd-log = $${basedirectory:log}/apache
51
52
53 #----------------
54 #--
55 #-- Deploy cron.
56
57 [cron]
58 recipe = slapos.cookbook:cron
59 dcrond-binary = ${dcron:location}/sbin/crond
60 cron-entries = $${directory:cron-entries}
61 crontabs = $${directory:crontabs}
62 cronstamps = $${directory:cronstamps}
63 catcher = $${cron-simplelogger:wrapper}
64 binary = $${basedirectory:services}/crond
65
66 [cron-simplelogger]
67 recipe = slapos.cookbook:simplelogger
68 wrapper = $${rootdirectory:bin}/cron_simplelogger
69 log = $${basedirectory:log}/crond.log
70
71
72 #----------------
73 #--
74 #-- Deploy logrotate.
75
76 [cron-entry-logrotate]
77 <= cron
78 recipe = slapos.cookbook:cron.d
79 name = logrotate
80 frequency = 0 0 * * *
81 command = $${logrotate:wrapper}
82
83 [logrotate]
84 recipe = slapos.cookbook:logrotate
85 # Binaries
86 logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
87 gzip-binary = ${gzip:location}/bin/gzip
88 gunzip-binary = ${gzip:location}/bin/gunzip
89 # Directories
90 wrapper = $${rootdirectory:bin}/logrotate
91 conf = $${rootdirectory:etc}/logrotate.conf
92 logrotate-entries = $${directory:logrotate-entries}
93 backup = $${directory:logrotate-backup}
94 state-file = $${rootdirectory:srv}/logrotate.status
95
96
97 #----------------
98 #--
99 #-- sshkeys
100
101 [sshkeys-directory]
102 recipe = slapos.cookbook:mkdirectory
103 requests = $${directory:sshkeys}/requests
104 keys = $${directory:sshkeys}/keys
105
106 [sshkeys-authority]
107 recipe = slapos.cookbook:sshkeys_authority
108 request-directory = $${sshkeys-directory:requests}
109 keys-directory = $${sshkeys-directory:keys}
110 wrapper = $${basedirectory:services}/sshkeys_authority
111 keygen-binary = ${dropbear:location}/bin/dropbearkey
112
113 [sshkeys-dropbear]
114 <= sshkeys-authority
115 recipe = slapos.cookbook:sshkeys_authority.request
116 name = dropbear
117 type = rsa
118 executable = $${dropbear-server:wrapper}
119 public-key = $${dropbear-server:rsa-keyfile}.pub
120 private-key = $${dropbear-server:rsa-keyfile}
121 wrapper = $${basedirectory:services}/sshd
122
123
124 #----------------
125 #--
126 #-- Dropbear.
127
128 [dropbear-server]
129 recipe = slapos.cookbook:dropbear
130 host = $${slap-network-information:global-ipv6}
131 port = 2222
132 home = $${directory:ssh}
133 wrapper = $${rootdirectory:bin}/raw_sshd
134 shell = $${rdiff-backup-server:wrapper}
135 rsa-keyfile = $${directory:ssh}/server_key.rsa
136 dropbear-binary = ${dropbear:location}/sbin/dropbear
137
138 [dropbear-server-pbs-authorized-key]
139 <= dropbear-server
140 recipe = slapos.cookbook:dropbear.add_authorized_key
141 key = $${slap-parameter:authorized-key}
142
143
144 #----------------
145 #--
146 #-- rdiff
147
148 [rdiff-backup-server]
149 recipe = slapos.cookbook:pbs
150 client = false
151 path = $${directory:htdocs}
152 wrapper = $${rootdirectory:bin}/rdiffbackup-server
153 rdiffbackup-binary = ${buildout:bin-directory}/rdiff-backup
154
155
156 #----------------
157 #--
158 #-- Apache Proxy.
159
160 [apache-proxy]
161 recipe = slapos.cookbook:apacheproxy
162 url = $${slap-parameter:proxy-url}
163 pid-file = $${basedirectory:run}/apache.pid
164 lock-file = $${basedirectory:run}/apache.lock
165 ip = $${slap-network-information:global-ipv6}
166 port = 8080
167 error-log = $${directory:httpd-log}/error.log
168 access-log = $${directory:httpd-log}/access.log
169 httpd-conf = $${rootdirectory:etc}/apache.conf
170 wrapper = $${basedirectory:services}/apache
171
172 promise = $${basedirectory:promises}/apache
173
174 httpd-binary = ${apache:location}/bin/httpd
175
176 [logrotate-entry-apache]
177 <= logrotate
178 recipe = slapos.cookbook:logrotate.d
179 name = apache
180 log = $${apache-proxy:error-log} $${apache-proxy:access-log}
181 frequency = daily
182 rotate-num = 30
183 sharedscripts = true
184 notifempty = true
185 create = true
186
187
188 #----------------
189 #--
190 #-- Publish instance parameters.
191
192 [urls]
193 recipe = slapos.cookbook:publish
194 url = http://[$${apache-proxy:ip}]:$${apache-proxy:port}/
195 ssh-public-key = $${sshkeys-dropbear:public-key-value}
196 ssh-url = ssh://nobody@[$${dropbear-server:host}]:$${dropbear-server:port}/$${rdiff-backup-server:path}
197