manual port of changes on lapp-resilient over this new branch
[slapos.git] / stack / lapp / postgres / instance-postgres.cfg.in
1 [buildout]
2 parts =
3   urls
4   postgres-instance
5   postgres-promise
6   stunnel
7   certificate-authority
8   ca-stunnel
9   logrotate
10   logrotate-entry-stunnel
11   logrotate-entry-cron
12   cron
13   cron-entry-logrotate
14   slapmonitor
15   slapreport
16
17 gzip-binary = ${gzip:location}/bin/gzip
18
19 # Define egg directories to be the one from Software Release
20 # (/opt/slapgrid/...)
21 eggs-directory = ${buildout:eggs-directory}
22 develop-eggs-directory = ${buildout:develop-eggs-directory}
23 offline = true
24
25
26 #----------------
27 #--
28 #-- Creation of all needed directories.
29
30 [rootdirectory]
31 recipe = slapos.cookbook:mkdirectory
32 etc = $${buildout:directory}/etc
33 var = $${buildout:directory}/var
34 srv = $${buildout:directory}/srv
35 bin = $${buildout:directory}/bin
36
37 [basedirectory]
38 recipe = slapos.cookbook:mkdirectory
39 log = $${rootdirectory:var}/log
40 services = $${rootdirectory:etc}/run
41 run = $${rootdirectory:var}/run
42 script = $${rootdirectory:etc}/script
43 backup = $${rootdirectory:srv}/backup
44 promises = $${rootdirectory:etc}/promise
45
46 [directory]
47 recipe = slapos.cookbook:mkdirectory
48 cron-entries = $${rootdirectory:etc}/cron.d
49 crontabs = $${rootdirectory:etc}/crontabs
50 cronstamps = $${rootdirectory:etc}/cronstamps
51 ca-dir = $${rootdirectory:srv}/ssl
52 logrotate-backup = $${basedirectory:backup}/logrotate
53 stunnel-conf = $${rootdirectory:etc}/stunnel
54 logrotate-entries = $${rootdirectory:etc}/logrotate.d
55
56
57 #----------------
58 #--
59 #-- Deploy cron.
60
61 [cron]
62 recipe = slapos.cookbook:cron
63 dcrond-binary = ${dcron:location}/sbin/crond
64 cron-entries = $${directory:cron-entries}
65 crontabs = $${directory:crontabs}
66 cronstamps = $${directory:cronstamps}
67 catcher = $${cron-simplelogger:wrapper}
68 binary = $${basedirectory:services}/crond
69
70 [cron-simplelogger]
71 recipe = slapos.cookbook:simplelogger
72 wrapper = $${rootdirectory:bin}/cron_simplelogger
73 log = $${basedirectory:log}/crond.log
74
75
76 #----------------
77 #--
78 #-- Deploy logrotate.
79
80 [cron-entry-logrotate]
81 <= cron
82 recipe = slapos.cookbook:cron.d
83 name = logrotate
84 frequency = 0 0 * * *
85 command = $${logrotate:wrapper}
86
87 [logrotate]
88 recipe = slapos.cookbook:logrotate
89 # Binaries
90 logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
91 gzip-binary = $${buildout:gzip-binary}
92 gunzip-binary = ${gzip:location}/bin/gunzip
93 # Directories
94 wrapper = $${rootdirectory:bin}/logrotate
95 conf = $${rootdirectory:etc}/logrotate.conf
96 logrotate-entries = $${directory:logrotate-entries}
97 backup = $${directory:logrotate-backup}
98 state-file = $${rootdirectory:srv}/logrotate.status
99
100 [logrotate-entry-stunnel]
101 <= logrotate
102 recipe = slapos.cookbook:logrotate.d
103 name = stunnel
104 log = $${stunnel:log-file}
105 frequency = daily
106 rotate-num = 30
107 notifempty = true
108 create = true
109 post = $${stunnel:post-rotate-script}
110
111 [logrotate-entry-cron]
112 <= logrotate
113 recipe =slapos.cookbook:logrotate.d
114 name = crond
115 log = $${cron-simplelogger:log}
116 frequency = daily
117 rotate-num = 30
118 notifempty = true
119 create = true
120
121 #----------------
122 #--
123 #-- Deploy stunnel.
124 #-- XXX This is actually not needed with Postgres.
125
126 [stunnel]
127 recipe = slapos.cookbook:stunnel
128 stunnel-binary = ${stunnel:location}/bin/stunnel
129 wrapper = $${rootdirectory:bin}/stunnel
130 log-file = $${basedirectory:log}/stunnel.log
131 config-file = $${directory:stunnel-conf}/stunnel.conf
132 key-file = $${directory:stunnel-conf}/stunnel.key
133 cert-file = $${directory:stunnel-conf}/stunnel.crt
134 pid-file = $${basedirectory:run}/stunnel.pid
135 local-host = $${postgres-instance:ip}            # XXX we don't need tunnel
136 local-port = $${postgres-instance:port}          # XXX we don't need tunnel
137 remote-host = $${slap-network-information:global-ipv6}
138 remote-port = 6446
139 client = false
140 post-rotate-script = $${rootdirectory:bin}/stunnel_post_rotate
141
142
143 #----------------
144 #--
145 #-- Certificate stuff.
146
147 [certificate-authority]
148 recipe = slapos.cookbook:certificate_authority
149 openssl-binary = ${openssl:location}/bin/openssl
150 ca-dir = $${directory:ca-dir}
151 requests-directory = $${cadirectory:requests}
152 wrapper = $${basedirectory:services}/ca
153 ca-private = $${cadirectory:private}
154 ca-certs = $${cadirectory:certs}
155 ca-newcerts = $${cadirectory:newcerts}
156 ca-crl = $${cadirectory:crl}
157
158 [cadirectory]
159 recipe = slapos.cookbook:mkdirectory
160 requests = $${directory:ca-dir}/requests/
161 private = $${directory:ca-dir}/private/
162 certs = $${directory:ca-dir}/certs/
163 newcerts = $${directory:ca-dir}/newcerts/
164 crl = $${directory:ca-dir}/crl/
165
166 #----------------
167 #--
168 #-- Creates a Postgres cluster, configuration files, and a database.
169
170 [postgres-instance]
171 recipe = slapos.cookbook:postgres
172 ipv6_host = $${slap-network-information:global-ipv6}
173 user = postgres
174 port = 5432
175 dbname = db
176 # XXX the next line is required by stunnel, not by us
177 ip = $${slap-network-information:local-ipv4}
178 # pgdata_directory is created by initdb, and should not exist beforehand.
179 pgdata-directory = $${rootdirectory:var}/data
180 backup-directory = $${basedirectory:backup}
181 services = $${basedirectory:services}
182 bin = $${rootdirectory:bin}
183
184 dependency-symlinks = $${symlinks:recipe}
185 [ca-stunnel]
186 <= certificate-authority
187 recipe = slapos.cookbook:certificate_authority.request
188 executable = $${stunnel:wrapper}
189 wrapper = $${basedirectory:services}/stunnel
190 key-file = $${stunnel:key-file}
191 cert-file = $${stunnel:cert-file}
192
193 #----------------
194 #--
195 #-- Creates symlinks from the instance to the software release.
196
197 [symlinks]
198 recipe = cns.recipe.symlink
199 symlink_target = $${rootdirectory:bin}
200 symlink_base = ${postgresql:location}/bin
201
202
203 #----------------
204 #--
205 #-- Deploy slapmonitor.
206
207 [slapmonitor]
208 recipe = slapos.cookbook:slapmonitor
209 pid-file = $${basedirectory:run}/mariadb.pid
210 database-path = $${basedirectory:log}/slapmonitor.db
211 shell-path = ${dash:location}/bin/dash
212 slapmonitor-path = ${buildout:bin-directory}/slapmonitor
213 path = $${basedirectory:services}/slapmonitor
214
215 [slapreport]
216 recipe = slapos.cookbook:slapreport
217 pid-file = $${basedirectory:run}/mariadb.pid
218 database-path = $${basedirectory:log}/slapmonitor.db
219 consumption-log-path = $${basedirectory:log}/instance_consumption.log
220 logbox-ip = 87.98.152.12
221 logbox-port = 5122
222 logbox-user = admin
223 logbox-passwd = passer
224 shell-path = ${dash:location}/bin/dash
225 slapreport-path = ${buildout:bin-directory}/slapreport
226 path = $${basedirectory:services}/slapreport
227
228
229 #----------------
230 #--
231 #-- Deploy promise scripts.
232
233 [postgres-promise]
234 recipe = slapos.cookbook:check_port_listening
235 path = $${basedirectory:promises}/postgres
236 hostname = $${slap-network-information:global-ipv6}
237 port = $${postgres-instance:port}
238
239
240 #----------------
241 #--
242 #-- Publish instance parameters.
243
244 [urls]
245 recipe = slapos.cookbook:publishurl
246 url = $${postgres-instance:url}
247
248 #----------------
249 #--
250 #-- Fetches parameters defined in SlapOS Master for this instance
251
252 [instance-parameters]
253 recipe = slapos.cookbook:slapconfiguration
254 computer = $${slap-connection:computer-id}
255 partition = $${slap-connection:partition-id}
256 url = $${slap-connection:server-url}
257 key = $${slap-connection:key-file}
258 cert = $${slap-connection:cert-file}
259