PROJECT_MOVED -> https://lab.nexedi.com/nexedi/slapos
[slapos.git] / stack / resilient / instance-pull-backup.cfg.in
1 [buildout]
2
3 parts =
4   publish-connection-information
5   pbs
6   logrotate
7   cron
8   cron-entry-logrotate
9   sshkeys-authority
10   sshkeys-dropbear
11 ## Monitoring part
12 ###Parts to add for monitoring
13   certificate-authority
14   cron-entry-monitor
15   cron-entry-rss
16   deploy-index
17   deploy-settings-cgi
18   deploy-status-cgi
19   deploy-status-history-cgi
20   setup-static-files
21   certificate-authority
22   zero-parameters
23   public-symlink
24   cgi-httpd-wrapper
25   cgi-httpd-graceful-wrapper
26   monitor-promise
27   monitor-instance-log-access
28 ## Monitor for pbs
29   monitor-current-log-access
30   monitor-backup-log-access
31   monitor-check-resilient-feed-file
32
33 extends = ${monitor-template:output}
34 eggs-directory = ${buildout:eggs-directory}
35 develop-eggs-directory = ${buildout:develop-eggs-directory}
36 offline = true
37
38
39 #----------------
40 #--
41 #-- Creation of all needed directories.
42
43 [rootdirectory]
44 recipe = slapos.cookbook:mkdirectory
45 etc = $${buildout:directory}/etc
46 home = $${buildout:directory}/home
47 srv = $${buildout:directory}/srv
48 bin = $${buildout:directory}/bin
49 tmp = $${buildout:directory}/tmp
50 var = $${buildout:directory}/var
51
52 [basedirectory]
53 recipe = slapos.cookbook:mkdirectory
54 log = $${rootdirectory:var}/log
55 services = $${rootdirectory:etc}/service
56 run = $${rootdirectory:var}/run
57 backup = $${rootdirectory:srv}/backup
58 promises = $${rootdirectory:etc}/promise
59 ssh-home = $${rootdirectory:home}/ssh
60 notifier = $${rootdirectory:etc}/notifier
61
62 [directory]
63 recipe = slapos.cookbook:mkdirectory
64 logrotate-entries = $${rootdirectory:etc}/logrotate.d
65 logrotate-backup = $${basedirectory:backup}/logrotate
66 cronstamps = $${rootdirectory:etc}/cronstamps
67 cron-entries = $${rootdirectory:etc}/cron.d
68 crontabs = $${rootdirectory:etc}/crontabs
69 cronoutput = $${basedirectory:log}/cron-ouput
70 pbs-backup = $${basedirectory:backup}/pbs
71 sshkeys = $${rootdirectory:srv}/sshkeys
72 pbs-wrappers = $${rootdirectory:bin}/pbs
73 dot-ssh = $${basedirectory:ssh-home}/.ssh
74 notifier-feeds = $${basedirectory:notifier}/feeds
75 notifier-callbacks = $${basedirectory:notifier}/callbacks
76
77
78
79 #----------------
80 #--
81 #-- Set up the equeue and notifier.
82
83 [equeue]
84 recipe = slapos.cookbook:equeue
85 socket = $${basedirectory:run}/equeue.sock
86 lockfile = $${basedirectory:run}/equeue.lock
87 log = $${basedirectory:log}/equeue.log
88 database = $${rootdirectory:srv}/equeue.db
89 wrapper = $${basedirectory:services}/equeue
90 equeue-binary = ${buildout:bin-directory}/equeue
91
92 # notifier.notify adds the [exporter, notifier] to the execution queue
93 # notifier.notify.callback sets up a callback
94 [notifier]
95 recipe = slapos.recipe.template:jinja2
96 template = ${template-wrapper:output}
97 rendered = $${:wrapper}
98 wrapper = $${basedirectory:services}/notifier
99 mode = 0700
100 command = ${buildout:bin-directory}/pubsubserver --callbacks $${directory:notifier-callbacks} --feeds $${directory:notifier-feeds} --equeue-socket $${equeue:socket} --logfile $${basedirectory:log}/notifier.log $${:host} $${:port}
101 host = $${slap-network-information:global-ipv6}
102 port = 8088
103 context =
104   key content notifier:command
105
106
107 [logrotate-entry-equeue]
108 <= logrotate
109 recipe = slapos.cookbook:logrotate.d
110 name = equeue
111 log = $${equeue:log}
112 frequency = daily
113 rotate-num = 30
114
115
116 #----------------
117 #--
118 #-- The pull-backup-server contains every backup (incremental)
119 #-- to prevent a corrupt dump from destroying everything.
120
121 [pbs]
122 <= notifier
123 recipe = slapos.cookbook:pbs
124 client = true
125 feeds = $${directory:notifier-feeds}
126 callbacks = $${directory:notifier-callbacks}
127 equeue-socket = $${equeue:socket}
128 notifier-binary = ${buildout:bin-directory}/pubsubnotifier
129 rdiffbackup-binary = ${buildout:bin-directory}/rdiff-backup
130 sshclient-binary = $${dropbear-client:wrapper}
131 known-hosts = $${directory:dot-ssh}/known_hosts
132 promises-directory = $${basedirectory:promises}
133 directory = $${directory:pbs-backup}
134 cron-entries = $${cron:cron-entries}
135 wrappers-directory = $${directory:pbs-wrappers}
136 run-directory = $${basedirectory:run}
137 # XXX: this should be named "notifier-host"
138 notifier-url = http://[$${notifier:host}]:$${notifier:port}
139 slave-instance-list = $${slap-parameter:slave_instance_list}
140 ignore-known-hosts-file = $${slap-parameter:ignore-known-hosts-file}
141
142
143 #----------------
144 #--
145 #-- Deploy cron.
146
147 [cron]
148 recipe = slapos.cookbook:cron
149 dcrond-binary = ${dcron:location}/sbin/crond
150 cron-entries = $${directory:cron-entries}
151 crontabs = $${directory:crontabs}
152 cronstamps = $${directory:cronstamps}
153 catcher = $${cron-simplelogger:wrapper}
154 binary = $${basedirectory:services}/crond
155
156 [cron-simplelogger]
157 recipe = slapos.cookbook:simplelogger
158 wrapper = $${rootdirectory:bin}/cron_simplelogger
159 log = $${basedirectory:log}/crond.log
160
161
162 #----------------
163 #--
164 #-- Deploy logrotate.
165
166 [cron-entry-logrotate]
167 <= cron
168 recipe = slapos.cookbook:cron.d
169 name = logrotate
170 frequency = 0 0 * * *
171 command = $${logrotate:wrapper}
172
173 [logrotate]
174 recipe = slapos.cookbook:logrotate
175 # Binaries
176 logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
177 gzip-binary = ${gzip:location}/bin/gzip
178 gunzip-binary = ${gzip:location}/bin/gunzip
179 # Directories
180 wrapper = $${rootdirectory:bin}/logrotate
181 conf = $${rootdirectory:etc}/logrotate.conf
182 logrotate-entries = $${directory:logrotate-entries}
183 backup = $${directory:logrotate-backup}
184 state-file = $${rootdirectory:srv}/logrotate.status
185
186 [logrotate-entry-cron]
187 <= logrotate
188 recipe = slapos.cookbook:logrotate.d
189 name = cron
190 log = $${cron-simplelogger:log}
191 frequency = daily
192 rotate-num = 30
193
194
195 #----------------
196 #--
197 #-- sshkeys
198
199 [sshkeys-directory]
200 recipe = slapos.cookbook:mkdirectory
201 requests = $${directory:sshkeys}/requests
202 keys = $${directory:sshkeys}/keys
203
204 [sshkeys-authority]
205 recipe = slapos.cookbook:sshkeys_authority
206 request-directory = $${sshkeys-directory:requests}
207 keys-directory = $${sshkeys-directory:keys}
208 wrapper = $${basedirectory:services}/sshkeys_authority
209 keygen-binary = ${dropbear:location}/bin/dropbearkey
210
211 [sshkeys-dropbear]
212 <= sshkeys-authority
213 recipe = slapos.cookbook:sshkeys_authority.request
214 name = pbs
215 type = rsa
216 executable = $${dropbear-client:wrapper}
217 public-key = $${dropbear-client:identity-file}.pub
218 private-key = $${dropbear-client:identity-file}
219 wrapper = $${rootdirectory:bin}/do_backup
220
221
222 #----------------
223 #--
224 #-- Dropbear.
225
226 [dropbear-client]
227 recipe = slapos.cookbook:dropbear.client
228 dbclient-binary = ${dropbear:location}/bin/dbclient
229 wrapper = $${rootdirectory:bin}/ssh
230 home = $${basedirectory:ssh-home}
231 identity-file = $${basedirectory:ssh-home}/id_rsa
232
233
234 #----------------
235 #--
236 #-- Slave instance list (empty default).
237
238 [slap-parameter]
239 slave_instance_list = []
240 ignore-known-hosts-file = false
241
242
243
244 #----------------
245 #--
246 #-- Publish instance parameters.
247
248 [publish-connection-information]
249 recipe = slapos.cookbook:publish
250 ssh-key = $${sshkeys-dropbear:public-key-value}
251 notification-url = http://[$${notifier:host}]:$${notifier:port}/notify
252 feeds-url = http://[$${notifier:host}]:$${notifier:port}/get/
253
254
255 #----------------
256 #--
257 #-- Monitor
258
259 [monitor-backup-log-access]
260 < = monitor-directory-access
261 source = $${directory:logrotate-backup}
262
263 [monitor-current-log-access]
264 < = monitor-directory-access
265 source = $${basedirectory:log}
266
267 [monitor-check-resilient-feed-file]
268 recipe = slapos.recipe.template:jinja2
269 template = ${template-monitor-check-resilient-feed:location}/${template-monitor-check-resilient-feed:filename}
270 rendered = $${monitor-directory:monitor-custom-scripts}/check-create-resilient-feed-files.py
271 mode = 700
272 context =
273   key input_feed_directory directory:notifier-feeds
274   key monitor_feed_directory monitor-directory:public-cgi
275   key base_url publish-connection-information:feeds-url
276   raw python_executable ${buildout:executable}