slapos-in-partition SR: fix partition number.
[slapos.git] / software / slapos-in-partition / instance.cfg.jinja2
1 [buildout]
2 parts =
3   slapos-configuration-file
4   cron-entry-slapos
5   slapos-node-format-wrapper
6
7   httpd-wrapper
8
9   cron
10   logrotate
11   logrotate-entry-httpd
12   logrotate-entry-slapos
13
14   sshkeys-dropbear
15   dropbear-server-add-authorized-key
16   sshkeys-authority
17   publish-connection-informations
18   dropbear-promise
19
20
21 eggs-directory = {{ eggs_directory }}
22 develop-eggs-directory = {{ develop_eggs_directory }}
23 offline = true
24
25 [instance-parameter]
26 recipe = slapos.cookbook:slapconfiguration
27 computer = ${slap_connection:computer_id}
28 partition = ${slap_connection:partition_id}
29 url = ${slap_connection:server_url}
30 key = ${slap_connection:key_file}
31 cert = ${slap_connection:cert_file}
32
33 configuration.master-url = https://slap.vifib.com
34 configuration.authorized-key =
35
36 # Create all needed directories
37 [directory]
38 recipe = slapos.cookbook:mkdirectory
39 mode = 0750
40
41 etc = ${buildout:directory}/etc/
42 var = ${buildout:directory}/var/
43 srv = ${buildout:directory}/srv/
44 bin = ${buildout:directory}/bin/
45
46 sshkeys = ${:srv}/sshkeys
47 service = ${:etc}/service/
48 scripts = ${:etc}/run/
49 ssh = ${:etc}/ssh/
50 log = ${:var}/log/
51 run = ${:var}/run/
52 backup = ${:srv}/backup/
53 promises = ${:etc}/promise/
54
55 slapos-partitions-certificate-repository = ${:var}/pki
56 software-root = ${:srv}/slapos-software
57 instance-root = ${:srv}/slapos-instance
58 slapos-log = ${:log}/slapos
59
60 {% for i in range(0,10) %}
61 slappart{{i}} = ${:instance-root}/slappart{{i}}
62 {% endfor %}
63
64 cron-entries = ${:etc}/cron.d
65 crontabs = ${:etc}/crontabs
66 cronstamps = ${:etc}/cronstamps
67
68 logrotate-entries = ${:etc}/logrotate.d
69 logrotate-backup = ${:backup}/logrotate
70
71 httpd-log = ${:log}/httpd
72
73
74 ########
75 # Deploy slapos.cfg, computer certificates and slapos node wrapper
76 ########
77 [slapos-computer-certificate-file]
78 recipe = collective.recipe.template
79 input = inline:${instance-parameter:configuration.computer-certificate}
80 output = ${directory:var}/slapos-computer.crt
81
82 [slapos-computer-key-file]
83 recipe = collective.recipe.template
84 input = inline:${instance-parameter:configuration.computer-key}
85 output = ${directory:var}/slapos-computer.key
86
87 [computer-definition-file]
88 recipe = collective.recipe.template
89 input = inline:
90   [computer]
91 {% for i in range(0,10|int) %}
92   [partition_{{i}}]
93   address = ${instance-parameter:ipv4-random}/255.255.255.0 ${instance-parameter:ipv6-random}/64
94   pathname = slappart{{i}}
95   user = dummy
96   network_interface = dummy
97 {% endfor %}
98 output = ${directory:etc}/slapos-computer-definition.cfg
99
100 [slapos-configuration-file]
101 recipe = slapos.recipe.template
102 url = {{ slapos_configuration_file_template_path }}
103 output = ${directory:etc}/slapos.cfg
104 #md5sum = 4861be4a581686feef9f9edea865d7ee
105 software-root = ${directory:software-root}
106 instance-root = ${directory:instance-root}
107 master-url = ${instance-parameter:configuration.master-url}
108 computer-id = ${instance-parameter:configuration.computer-id}
109 # XXX should be a parameter
110 partition-amount = 10
111 computer-definition-file = ${computer-definition-file:output}
112 computer-xml = ${directory:var}/slapos.xml
113 computer-key-file = ${slapos-computer-key-file:output}
114 computer-certificate-file = ${slapos-computer-certificate-file:output}
115 certificate-repository-path = ${directory:slapos-partitions-certificate-repository}
116
117 [slapos-node-format-wrapper]
118 recipe = slapos.cookbook:wrapper
119 command-line = {{ bin_directory }}/slapos node format --cfg ${slapos-configuration-file:output} --logfile=${directory:slapos-log}/slapos-node-format.log --now
120 wrapper-path = ${directory:scripts}/slapos-node-format
121 parameters-extra = true
122
123 [slapos-node-instance-wrapper]
124 recipe = slapos.cookbook:wrapper
125 command-line = {{ bin_directory }}/slapos node instance --cfg ${slapos-configuration-file:output} --pidfile ${directory:run}/slapos-instance.pid --logfile ${directory:slapos-log}/slapos-instance.cfg
126 wrapper-path = ${buildout:bin-directory}/slapos-node-instance
127 parameters-extra = true
128
129 [slapos-node-software-wrapper]
130 recipe = slapos.cookbook:wrapper
131 command-line = {{ bin_directory }}/slapos node software --cfg ${slapos-configuration-file:output} --pidfile ${directory:run}/slapos-software.pid --logfile ${directory:slapos-log}/slapos-software.cfg
132 wrapper-path = ${buildout:bin-directory}/slapos-node-software
133 parameters-extra = true
134
135 [slapos-node-report-wrapper]
136 recipe = slapos.cookbook:wrapper
137 command-line = {{ bin_directory }}/slapos node report --cfg ${slapos-configuration-file:output} --pidfile ${directory:run}/slapos-report.pid --logfile ${directory:slapos-log}/slapos-report.cfg
138 wrapper-path = ${buildout:bin-directory}/slapos-node-report
139 parameters-extra = true
140
141 #########
142 # Deploy some http server to see logs online
143 #########
144 # XXX could it be something lighter?
145 [httpd-configuration-file]
146 recipe = slapos.recipe.template
147 url = {{ httpd_configuration_file_template_path }}
148 output = ${directory:etc}/httpd.conf
149 # md5sum =
150 listening-ip = ${instance-parameter:ipv6-random}
151 listening-port = 8080
152 htdocs = ${directory:log}
153 pid-file = ${directory:run}/httpd.pid
154 access-log = ${directory:httpd-log}/access-log
155 error-log = ${directory:httpd-log}/error-log
156 document-root = ${directory:log}
157
158 # XXX logrotate for httpd
159
160 [httpd-wrapper]
161 recipe = slapos.cookbook:wrapper
162 apache-executable = {{ httpd_executable }}
163 command-line = ${:apache-executable} -f ${httpd-configuration-file:output} -DFOREGROUND
164 wrapper-path = ${directory:service}/httpd
165 # generated parameter containing url to use for other sections
166 url = http://[${httpd-configuration-file:listening-ip}]/
167
168 #[httpd-wrapper]
169 #recipe = collective.recipe.template
170 #input = inline:
171 #  #!${buildout:executable}
172 #  import SimpleHTTPServer
173 #  import SocketServer
174 #  PORT = ${:listening-port}
175 #  LISTENING_IP = '${:listening-ip}'
176 #  Handler = SimpleHTTPServer.SimpleHTTPRequestHandler
177 #  httpd = SocketServer.TCPServer((LISTENING_IP, PORT), Handler)
178 #  print "serving at port", PORT
179 #  httpd.serve_forever()
180 #output = ${directory:service}/httpd
181 #listening-ip = ${instance-parameter:ipv6-random}
182 #listening-port = 8080
183 #mode = 755
184
185
186 #########
187 # Deploy logrotate
188 #########
189 [logrotate]
190 recipe = slapos.cookbook:logrotate
191 # Binaries
192 logrotate-binary = {{ logrotate_executable }}
193 gzip-binary = {{ gzip_executable }}
194 gunzip-binary = {{ gunzip_executable }}
195 # Directories
196 wrapper = ${directory:bin}/logrotate
197 conf = ${directory:etc}/logrotate.conf
198 logrotate-entries = ${directory:logrotate-entries}
199 backup = ${directory:logrotate-backup}
200 state-file = ${directory:srv}/logrotate.status
201
202 [logrotate-entry-httpd]
203 <= logrotate
204 recipe = slapos.cookbook:logrotate.d
205 name = httpd
206 log = ${httpd-configuration-file:access-log} ${httpd-configuration-file:error-log}
207 frequency = daily
208 rotate-num = 30
209 post = {{ bin_directory }}/killpidfromfile $${apache-configuration:pid-file} SIGUSR1
210 sharedscripts = true
211 notifempty = true
212 create = true
213
214 [logrotate-entry-slapos]
215 <= logrotate
216 recipe = slapos.cookbook:logrotate.d
217 name = slapos
218 log = ${directory:slapos-log}/*.log
219 frequency = daily
220 rotate-num = 30
221 #post = {{ bin_directory }}/killpidfromfile ${nginx-configuration:pid-file} SIGUSR1
222 sharedscripts = true
223 notifempty = true
224 create = true
225
226 ###########
227 # Deploy cron and configure it
228 ###########
229 [cron-simplelogger]
230 recipe = slapos.cookbook:simplelogger
231 wrapper = ${directory:bin}/cron_simplelogger
232 log = ${directory:log}/crond.log
233
234 [cron]
235 recipe = slapos.cookbook:cron
236 dcrond-binary = {{ dcron_executable }}
237 cron-entries = ${directory:cron-entries}
238 crontabs = ${directory:crontabs}
239 cronstamps = ${directory:cronstamps}
240 catcher = ${cron-simplelogger:wrapper}
241 binary = ${directory:service}/crond
242
243 [cron-entry-slapos]
244 recipe = collective.recipe.template
245 # Add current PATH to environment, otherwise, gcc is not able to find its own cc1.
246 # We don't add it in the top of the script, because dcron disallow it.
247 # XXX: maybe it works if we take PATH from instance, not software.
248 input = inline:
249   * * * * * PATH={{ path }} ${slapos-node-instance-wrapper:wrapper-path} > /dev/null 2>&1
250   * * * * * PATH={{ path }} ${slapos-node-software-wrapper:wrapper-path} > /dev/null 2>&1
251   * * * * * PATH={{ path }} ${slapos-node-report-wrapper:wrapper-path} > /dev/null 2>&1
252 output = ${directory:cron-entries}/slapos
253
254 [cron-entry-logrotate]
255 <= cron
256 recipe = slapos.cookbook:cron.d
257 name = logrotate
258 frequency = 0 0 * * *
259 command = $${logrotate:wrapper}
260
261
262
263 # XXX what to do for slapformat?
264
265 #########
266 # Deploy dropbear (minimalist SSH server)
267 #########
268 [sshkeys-directory]
269 recipe = slapos.cookbook:mkdirectory
270 requests = ${directory:sshkeys}/requests/
271 keys = ${directory:sshkeys}/keys/
272
273 [sshkeys-authority]
274 recipe = slapos.cookbook:sshkeys_authority
275 request-directory = ${sshkeys-directory:requests}
276 keys-directory = ${sshkeys-directory:keys}
277 wrapper = ${directory:service}/sshkeys_authority
278 keygen-binary = {{ dropbearkey_executable }}
279
280 [dropbear-server]
281 recipe = slapos.cookbook:dropbear
282 host = ${instance-parameter:ipv6-random}
283 port = 2222
284 home = ${directory:ssh}
285 wrapper = ${directory:bin}/raw_sshd
286 shell = {{ bash_executable }}
287 rsa-keyfile = ${directory:ssh}/server_key.rsa
288 dropbear-binary = {{ dropbear_executable }}
289
290 [sshkeys-dropbear]
291 <= sshkeys-authority
292 recipe = slapos.cookbook:sshkeys_authority.request
293 name = dropbear
294 type = rsa
295 executable = ${dropbear-server:wrapper}
296 public-key = ${dropbear-server:rsa-keyfile}.pub
297 private-key = ${dropbear-server:rsa-keyfile}
298 wrapper = ${directory:service}/sshd
299
300 [dropbear-server-add-authorized-key]
301 <= dropbear-server
302 recipe = slapos.cookbook:dropbear.add_authorized_key
303 key = ${instance-parameter:configuration.authorized-key}
304
305
306 # Deploy a frontend for log
307 # XXX TODO
308
309 #########
310 # Send informations to SlapOS Master
311 #########
312 [publish-connection-informations]
313 recipe = slapos.cookbook:publish
314 log-viewer-url = http://[${httpd-configuration-file:listening-ip}]:${httpd-configuration-file:listening-port}
315
316 #########
317 # Deploy promises scripts
318 #########
319 [dropbear-promise]
320 recipe = slapos.cookbook:check_port_listening
321 path = ${directory:promises}/dropbear
322 hostname = ${dropbear-server:host}
323 port = ${dropbear-server:port}
324