slaprunner: version up slapos.toolbox.
[slapos.git] / software / slapos-in-partition / instance.cfg.jinja2
1 [buildout]
2 parts =
3   slapos-configuration-file
4   cron-entry-slapos
5   slapos-node-status-wrapper
6   slapos-node-format-wrapper-script
7
8   httpd-wrapper
9
10   cron
11   logrotate
12   logrotate-entry-httpd
13   logrotate-entry-slapos
14
15   sshkeys-dropbear
16   dropbear-server-add-authorized-key
17   sshkeys-authority
18   publish-connection-informations
19
20   dropbear-promise
21   httpd-promise
22   slapos-promise
23
24
25 eggs-directory = {{ eggs_directory }}
26 develop-eggs-directory = {{ develop_eggs_directory }}
27 offline = true
28
29 [instance-parameter]
30 recipe = slapos.cookbook:slapconfiguration
31 computer = ${slap_connection:computer_id}
32 partition = ${slap_connection:partition_id}
33 url = ${slap_connection:server_url}
34 key = ${slap_connection:key_file}
35 cert = ${slap_connection:cert_file}
36
37 configuration.master-url = https://slap.vifib.com
38 configuration.authorized-key =
39
40 # Create all needed directories
41 [directory]
42 recipe = slapos.cookbook:mkdirectory
43 mode = 0750
44
45 etc = ${buildout:directory}/etc/
46 var = ${buildout:directory}/var/
47 srv = ${buildout:directory}/srv/
48 bin = ${buildout:directory}/bin/
49
50 sshkeys = ${:srv}/sshkeys
51 service = ${:etc}/service/
52 script = ${:etc}/run/
53 ssh = ${:etc}/ssh/
54 log = ${:var}/log/
55 run = ${:var}/run/
56 backup = ${:srv}/backup/
57 promises = ${:etc}/promise/
58
59 slapos-partitions-certificate-repository = ${:var}/pki
60 software-root = ${:srv}/slapos-software
61 instance-root = ${:srv}/slapos-instance
62 slapos-log = ${:log}/slapos
63
64 {% for i in range(0,10) %}
65 slappart{{i}} = ${:instance-root}/slappart{{i}}
66 {% endfor %}
67
68 cron-entries = ${:etc}/cron.d
69 crontabs = ${:etc}/crontabs
70 cronstamps = ${:etc}/cronstamps
71
72 logrotate-entries = ${:etc}/logrotate.d
73 logrotate-backup = ${:backup}/logrotate
74
75 httpd-log = ${:log}/httpd
76
77
78 ########
79 # Deploy slapos.cfg, computer certificates and slapos node wrapper
80 ########
81 [slapos-computer-certificate-file]
82 recipe = collective.recipe.template
83 input = inline:${instance-parameter:configuration.computer-certificate}
84 output = ${directory:var}/slapos-computer.crt
85
86 [slapos-computer-key-file]
87 recipe = collective.recipe.template
88 input = inline:${instance-parameter:configuration.computer-key}
89 output = ${directory:var}/slapos-computer.key
90
91 [computer-definition-file]
92 recipe = collective.recipe.template
93 input = inline:
94   [computer]
95 {% for i in range(0,10|int) %}
96   [partition_{{i}}]
97   address = ${instance-parameter:ipv4-random}/255.255.255.0 ${instance-parameter:ipv6-random}/64
98   pathname = slappart{{i}}
99   user = dummy
100   network_interface = dummy
101 {% endfor %}
102 output = ${directory:etc}/slapos-computer-definition.cfg
103
104 [slapos-configuration-file]
105 recipe = slapos.recipe.template
106 url = {{ slapos_configuration_file_template_path }}
107 output = ${directory:etc}/slapos.cfg
108 #md5sum = 4861be4a581686feef9f9edea865d7ee
109 software-root = ${directory:software-root}
110 instance-root = ${directory:instance-root}
111 master-url = ${instance-parameter:configuration.master-url}
112 computer-id = ${instance-parameter:configuration.computer-id}
113 # XXX should be a parameter
114 partition-amount = 10
115 computer-definition-file = ${computer-definition-file:output}
116 computer-xml = ${directory:var}/slapos.xml
117 computer-key-file = ${slapos-computer-key-file:output}
118 computer-certificate-file = ${slapos-computer-certificate-file:output}
119 certificate-repository-path = ${directory:slapos-partitions-certificate-repository}
120
121 [slapos-node-instance-wrapper]
122 recipe = slapos.cookbook:wrapper
123 command-line = {{ bin_directory }}/slapos node instance --cfg ${slapos-configuration-file:output} --pidfile ${directory:run}/slapos-instance.pid --logfile ${directory:slapos-log}/slapos-instance.log
124 wrapper-path = ${directory:bin}/slapos-node-instance
125 parameters-extra = true
126
127 [slapos-node-software-wrapper]
128 recipe = slapos.cookbook:wrapper
129 command-line = {{ bin_directory }}/slapos node software --cfg ${slapos-configuration-file:output} --pidfile ${directory:run}/slapos-software.pid --logfile ${directory:slapos-log}/slapos-software.log
130 wrapper-path = ${directory:bin}/slapos-node-software
131 parameters-extra = true
132
133 [slapos-node-report-wrapper]
134 recipe = slapos.cookbook:wrapper
135 command-line = {{ bin_directory }}/slapos node report --cfg ${slapos-configuration-file:output} --pidfile ${directory:run}/slapos-report.pid --logfile ${directory:slapos-log}/slapos-report.log
136 wrapper-path = ${directory:bin}/slapos-node-report
137 parameters-extra = true
138
139 [slapos-node-status-wrapper]
140 recipe = slapos.cookbook:wrapper
141 command-line = {{ bin_directory }}/slapos node status --cfg ${slapos-configuration-file:output}
142 wrapper-path = ${directory:bin}/slapos-node-status
143 parameters-extra = true
144
145 [slapos-node-format-wrapper]
146 recipe = slapos.cookbook:wrapper
147 command-line = {{ bin_directory }}/slapos node format --cfg ${slapos-configuration-file:output} --logfile=${directory:slapos-log}/slapos-node-format.log --now
148 wrapper-path = ${directory:bin}/slapos-node-format
149 parameters-extra = true
150
151 [slapos-node-format-wrapper-script]
152 # Create a wrapper of the wrapper in etc/run
153 recipe = collective.recipe.template
154 input = inline:#!{{ bash_executable }}
155   false
156   while [ ! $? -eq 0 ]; do
157     ${slapos-node-format-wrapper:wrapper-path}
158   done
159 output = ${directory:script}/slapos-node-format
160 mode = 700
161
162
163 #########
164 # Deploy some http server to see logs online
165 #########
166 # XXX could it be something lighter?
167 [httpd-configuration-file]
168 recipe = slapos.recipe.template
169 url = {{ httpd_configuration_file_template_path }}
170 output = ${directory:etc}/httpd.conf
171 # md5sum =
172 listening-ip = ${instance-parameter:ipv6-random}
173 listening-port = 8080
174 htdocs = ${directory:log}
175 pid-file = ${directory:run}/httpd.pid
176 access-log = ${directory:httpd-log}/access-log
177 error-log = ${directory:httpd-log}/error-log
178 document-root = ${directory:log}
179
180 # XXX logrotate for httpd
181
182 [httpd-wrapper]
183 recipe = slapos.cookbook:wrapper
184 apache-executable = {{ httpd_executable }}
185 command-line = ${:apache-executable} -f ${httpd-configuration-file:output} -DFOREGROUND
186 wrapper-path = ${directory:service}/httpd
187 # generated parameter containing url to use for other sections
188 url = http://[${httpd-configuration-file:listening-ip}]/
189
190
191 #########
192 # Deploy logrotate
193 #########
194 [logrotate]
195 recipe = slapos.cookbook:logrotate
196 # Binaries
197 logrotate-binary = {{ logrotate_executable }}
198 gzip-binary = {{ gzip_executable }}
199 gunzip-binary = {{ gunzip_executable }}
200 # Directories
201 wrapper = ${directory:bin}/logrotate
202 conf = ${directory:etc}/logrotate.conf
203 logrotate-entries = ${directory:logrotate-entries}
204 backup = ${directory:logrotate-backup}
205 state-file = ${directory:srv}/logrotate.status
206
207 [logrotate-entry-httpd]
208 <= logrotate
209 recipe = slapos.cookbook:logrotate.d
210 name = httpd
211 log = ${httpd-configuration-file:access-log} ${httpd-configuration-file:error-log}
212 frequency = daily
213 rotate-num = 30
214 post = {{ bin_directory }}/killpidfromfile $${apache-configuration:pid-file} SIGUSR1
215 sharedscripts = true
216 notifempty = true
217 create = true
218
219 [logrotate-entry-slapos]
220 <= logrotate
221 recipe = slapos.cookbook:logrotate.d
222 name = slapos
223 log = ${directory:slapos-log}/*.log
224 frequency = daily
225 rotate-num = 30
226 #post = {{ bin_directory }}/killpidfromfile ${nginx-configuration:pid-file} SIGUSR1
227 sharedscripts = true
228 notifempty = true
229 create = true
230
231 ###########
232 # Deploy cron and configure it
233 ###########
234 [cron-simplelogger]
235 recipe = slapos.cookbook:simplelogger
236 wrapper = ${directory:bin}/cron_simplelogger
237 log = ${directory:log}/crond.log
238
239 [cron]
240 recipe = slapos.cookbook:cron
241 dcrond-binary = {{ dcron_executable }}
242 cron-entries = ${directory:cron-entries}
243 crontabs = ${directory:crontabs}
244 cronstamps = ${directory:cronstamps}
245 catcher = ${cron-simplelogger:wrapper}
246 binary = ${directory:service}/crond
247
248 [cron-entry-slapos]
249 recipe = collective.recipe.template
250 # Add current PATH to environment, otherwise, gcc is not able to find its own cc1.
251 # We don't add it in the top of the script, because dcron disallow it.
252 # XXX: maybe it works if we take PATH from instance, not software.
253 input = inline:
254   * * * * * PATH={{ path }} ${slapos-node-instance-wrapper:wrapper-path} > /dev/null 2>&1
255   * * * * * PATH={{ path }} ${slapos-node-software-wrapper:wrapper-path} > /dev/null 2>&1
256   * * * * * PATH={{ path }} ${slapos-node-report-wrapper:wrapper-path} > /dev/null 2>&1
257 output = ${directory:cron-entries}/slapos
258
259 [cron-entry-logrotate]
260 <= cron
261 recipe = slapos.cookbook:cron.d
262 name = logrotate
263 frequency = 0 0 * * *
264 command = $${logrotate:wrapper}
265
266
267
268 # XXX what to do for slapformat?
269
270 #########
271 # Deploy dropbear (minimalist SSH server)
272 #########
273 [sshkeys-directory]
274 recipe = slapos.cookbook:mkdirectory
275 requests = ${directory:sshkeys}/requests/
276 keys = ${directory:sshkeys}/keys/
277
278 [sshkeys-authority]
279 recipe = slapos.cookbook:sshkeys_authority
280 request-directory = ${sshkeys-directory:requests}
281 keys-directory = ${sshkeys-directory:keys}
282 wrapper = ${directory:service}/sshkeys_authority
283 keygen-binary = {{ dropbearkey_executable }}
284
285 [dropbear-server]
286 recipe = slapos.cookbook:dropbear
287 host = ${instance-parameter:ipv6-random}
288 port = 2222
289 home = ${directory:ssh}
290 wrapper = ${directory:bin}/raw_sshd
291 shell = {{ bash_executable }}
292 rsa-keyfile = ${directory:ssh}/server_key.rsa
293 dropbear-binary = {{ dropbear_executable }}
294
295 [sshkeys-dropbear]
296 <= sshkeys-authority
297 recipe = slapos.cookbook:sshkeys_authority.request
298 name = dropbear
299 type = rsa
300 executable = ${dropbear-server:wrapper}
301 public-key = ${dropbear-server:rsa-keyfile}.pub
302 private-key = ${dropbear-server:rsa-keyfile}
303 wrapper = ${directory:service}/sshd
304
305 [dropbear-server-add-authorized-key]
306 <= dropbear-server
307 recipe = slapos.cookbook:dropbear.add_authorized_key
308 key = ${instance-parameter:configuration.authorized-key}
309
310
311 #########
312 # Send informations to SlapOS Master
313 #########
314 [publish-connection-informations]
315 recipe = slapos.cookbook:publish
316 log-viewer-url = http://[${httpd-configuration-file:listening-ip}]:${httpd-configuration-file:listening-port}
317 ssh_command = ssh ${dropbear-server:host} -p ${dropbear-server:port}
318
319 #########
320 # Deploy promises scripts
321 #########
322 [dropbear-promise]
323 recipe = slapos.cookbook:check_port_listening
324 path = ${directory:promises}/dropbear
325 hostname = ${dropbear-server:host}
326 port = ${dropbear-server:port}
327
328 [httpd-promise]
329 recipe = slapos.cookbook:check_port_listening
330 path = ${directory:promises}/httpd
331 hostname = ${httpd-configuration-file:listening-ip}
332 port = ${httpd-configuration-file:listening-port}
333
334 [slapos-promise]
335 recipe = collective.recipe.template
336 input = inline:#!/{{ bash_executable }}
337   {{ bin_directory }}/slapgrid-supervisorctl ${slapos-configuration-file:output} status watchdog | grep RUNNING
338 output = ${directory:promises}/slapos
339 mode = 0700
340