Slapos-in-partition SR: Add slapos node status wrapper.
[slapos.git] / software / slapos-in-partition / instance.cfg.jinja2
1 [buildout]
2 parts =
3   slapos-configuration-file
4   cron-entry-slapos
5   slapos-node-status-wrapper
6   slapos-node-format-wrapper-script
7
8   httpd-wrapper
9
10   cron
11   logrotate
12   logrotate-entry-httpd
13   logrotate-entry-slapos
14
15   sshkeys-dropbear
16   dropbear-server-add-authorized-key
17   sshkeys-authority
18   publish-connection-informations
19   dropbear-promise
20
21
22 eggs-directory = {{ eggs_directory }}
23 develop-eggs-directory = {{ develop_eggs_directory }}
24 offline = true
25
26 [instance-parameter]
27 recipe = slapos.cookbook:slapconfiguration
28 computer = ${slap_connection:computer_id}
29 partition = ${slap_connection:partition_id}
30 url = ${slap_connection:server_url}
31 key = ${slap_connection:key_file}
32 cert = ${slap_connection:cert_file}
33
34 configuration.master-url = https://slap.vifib.com
35 configuration.authorized-key =
36
37 # Create all needed directories
38 [directory]
39 recipe = slapos.cookbook:mkdirectory
40 mode = 0750
41
42 etc = ${buildout:directory}/etc/
43 var = ${buildout:directory}/var/
44 srv = ${buildout:directory}/srv/
45 bin = ${buildout:directory}/bin/
46
47 sshkeys = ${:srv}/sshkeys
48 service = ${:etc}/service/
49 script = ${:etc}/run/
50 ssh = ${:etc}/ssh/
51 log = ${:var}/log/
52 run = ${:var}/run/
53 backup = ${:srv}/backup/
54 promises = ${:etc}/promise/
55
56 slapos-partitions-certificate-repository = ${:var}/pki
57 software-root = ${:srv}/slapos-software
58 instance-root = ${:srv}/slapos-instance
59 slapos-log = ${:log}/slapos
60
61 {% for i in range(0,10) %}
62 slappart{{i}} = ${:instance-root}/slappart{{i}}
63 {% endfor %}
64
65 cron-entries = ${:etc}/cron.d
66 crontabs = ${:etc}/crontabs
67 cronstamps = ${:etc}/cronstamps
68
69 logrotate-entries = ${:etc}/logrotate.d
70 logrotate-backup = ${:backup}/logrotate
71
72 httpd-log = ${:log}/httpd
73
74
75 ########
76 # Deploy slapos.cfg, computer certificates and slapos node wrapper
77 ########
78 [slapos-computer-certificate-file]
79 recipe = collective.recipe.template
80 input = inline:${instance-parameter:configuration.computer-certificate}
81 output = ${directory:var}/slapos-computer.crt
82
83 [slapos-computer-key-file]
84 recipe = collective.recipe.template
85 input = inline:${instance-parameter:configuration.computer-key}
86 output = ${directory:var}/slapos-computer.key
87
88 [computer-definition-file]
89 recipe = collective.recipe.template
90 input = inline:
91   [computer]
92 {% for i in range(0,10|int) %}
93   [partition_{{i}}]
94   address = ${instance-parameter:ipv4-random}/255.255.255.0 ${instance-parameter:ipv6-random}/64
95   pathname = slappart{{i}}
96   user = dummy
97   network_interface = dummy
98 {% endfor %}
99 output = ${directory:etc}/slapos-computer-definition.cfg
100
101 [slapos-configuration-file]
102 recipe = slapos.recipe.template
103 url = {{ slapos_configuration_file_template_path }}
104 output = ${directory:etc}/slapos.cfg
105 #md5sum = 4861be4a581686feef9f9edea865d7ee
106 software-root = ${directory:software-root}
107 instance-root = ${directory:instance-root}
108 master-url = ${instance-parameter:configuration.master-url}
109 computer-id = ${instance-parameter:configuration.computer-id}
110 # XXX should be a parameter
111 partition-amount = 10
112 computer-definition-file = ${computer-definition-file:output}
113 computer-xml = ${directory:var}/slapos.xml
114 computer-key-file = ${slapos-computer-key-file:output}
115 computer-certificate-file = ${slapos-computer-certificate-file:output}
116 certificate-repository-path = ${directory:slapos-partitions-certificate-repository}
117
118 [slapos-node-instance-wrapper]
119 recipe = slapos.cookbook:wrapper
120 command-line = {{ bin_directory }}/slapos node instance --cfg ${slapos-configuration-file:output} --pidfile ${directory:run}/slapos-instance.pid --logfile ${directory:slapos-log}/slapos-instance.cfg
121 wrapper-path = ${directory:bin}/slapos-node-instance
122 parameters-extra = true
123
124 [slapos-node-software-wrapper]
125 recipe = slapos.cookbook:wrapper
126 command-line = {{ bin_directory }}/slapos node software --cfg ${slapos-configuration-file:output} --pidfile ${directory:run}/slapos-software.pid --logfile ${directory:slapos-log}/slapos-software.cfg
127 wrapper-path = ${directory:bin}/slapos-node-software
128 parameters-extra = true
129
130 [slapos-node-report-wrapper]
131 recipe = slapos.cookbook:wrapper
132 command-line = {{ bin_directory }}/slapos node report --cfg ${slapos-configuration-file:output} --pidfile ${directory:run}/slapos-report.pid --logfile ${directory:slapos-log}/slapos-report.cfg
133 wrapper-path = ${directory:bin}/slapos-node-report
134 parameters-extra = true
135
136 [slapos-node-status-wrapper]
137 recipe = slapos.cookbook:wrapper
138 command-line = {{ bin_directory }}/slapos node status --cfg ${slapos-configuration-file:output}
139 wrapper-path = ${directory:bin}/slapos-node-status
140 parameters-extra = true
141
142 [slapos-node-format-wrapper]
143 recipe = slapos.cookbook:wrapper
144 command-line = {{ bin_directory }}/slapos node format --cfg ${slapos-configuration-file:output} --logfile=${directory:slapos-log}/slapos-node-format.log --now
145 wrapper-path = ${directory:bin}/slapos-node-format
146 parameters-extra = true
147
148 [slapos-node-format-wrapper-script]
149 # Create a wrapper of the wrapper in etc/run
150 recipe = collective.recipe.template
151 input = inline:#!{{ bash_executable }}
152   false
153   while [ ! $? -eq 0 ]; do
154     ${slapos-node-format-wrapper:wrapper-path}
155   done
156 output = ${directory:script}/slapos-node-format
157 mode = 700
158
159
160 #########
161 # Deploy some http server to see logs online
162 #########
163 # XXX could it be something lighter?
164 [httpd-configuration-file]
165 recipe = slapos.recipe.template
166 url = {{ httpd_configuration_file_template_path }}
167 output = ${directory:etc}/httpd.conf
168 # md5sum =
169 listening-ip = ${instance-parameter:ipv6-random}
170 listening-port = 8080
171 htdocs = ${directory:log}
172 pid-file = ${directory:run}/httpd.pid
173 access-log = ${directory:httpd-log}/access-log
174 error-log = ${directory:httpd-log}/error-log
175 document-root = ${directory:log}
176
177 # XXX logrotate for httpd
178
179 [httpd-wrapper]
180 recipe = slapos.cookbook:wrapper
181 apache-executable = {{ httpd_executable }}
182 command-line = ${:apache-executable} -f ${httpd-configuration-file:output} -DFOREGROUND
183 wrapper-path = ${directory:service}/httpd
184 # generated parameter containing url to use for other sections
185 url = http://[${httpd-configuration-file:listening-ip}]/
186
187 #[httpd-wrapper]
188 #recipe = collective.recipe.template
189 #input = inline:
190 #  #!${buildout:executable}
191 #  import SimpleHTTPServer
192 #  import SocketServer
193 #  PORT = ${:listening-port}
194 #  LISTENING_IP = '${:listening-ip}'
195 #  Handler = SimpleHTTPServer.SimpleHTTPRequestHandler
196 #  httpd = SocketServer.TCPServer((LISTENING_IP, PORT), Handler)
197 #  print "serving at port", PORT
198 #  httpd.serve_forever()
199 #output = ${directory:service}/httpd
200 #listening-ip = ${instance-parameter:ipv6-random}
201 #listening-port = 8080
202 #mode = 755
203
204
205 #########
206 # Deploy logrotate
207 #########
208 [logrotate]
209 recipe = slapos.cookbook:logrotate
210 # Binaries
211 logrotate-binary = {{ logrotate_executable }}
212 gzip-binary = {{ gzip_executable }}
213 gunzip-binary = {{ gunzip_executable }}
214 # Directories
215 wrapper = ${directory:bin}/logrotate
216 conf = ${directory:etc}/logrotate.conf
217 logrotate-entries = ${directory:logrotate-entries}
218 backup = ${directory:logrotate-backup}
219 state-file = ${directory:srv}/logrotate.status
220
221 [logrotate-entry-httpd]
222 <= logrotate
223 recipe = slapos.cookbook:logrotate.d
224 name = httpd
225 log = ${httpd-configuration-file:access-log} ${httpd-configuration-file:error-log}
226 frequency = daily
227 rotate-num = 30
228 post = {{ bin_directory }}/killpidfromfile $${apache-configuration:pid-file} SIGUSR1
229 sharedscripts = true
230 notifempty = true
231 create = true
232
233 [logrotate-entry-slapos]
234 <= logrotate
235 recipe = slapos.cookbook:logrotate.d
236 name = slapos
237 log = ${directory:slapos-log}/*.log
238 frequency = daily
239 rotate-num = 30
240 #post = {{ bin_directory }}/killpidfromfile ${nginx-configuration:pid-file} SIGUSR1
241 sharedscripts = true
242 notifempty = true
243 create = true
244
245 ###########
246 # Deploy cron and configure it
247 ###########
248 [cron-simplelogger]
249 recipe = slapos.cookbook:simplelogger
250 wrapper = ${directory:bin}/cron_simplelogger
251 log = ${directory:log}/crond.log
252
253 [cron]
254 recipe = slapos.cookbook:cron
255 dcrond-binary = {{ dcron_executable }}
256 cron-entries = ${directory:cron-entries}
257 crontabs = ${directory:crontabs}
258 cronstamps = ${directory:cronstamps}
259 catcher = ${cron-simplelogger:wrapper}
260 binary = ${directory:service}/crond
261
262 [cron-entry-slapos]
263 recipe = collective.recipe.template
264 # Add current PATH to environment, otherwise, gcc is not able to find its own cc1.
265 # We don't add it in the top of the script, because dcron disallow it.
266 # XXX: maybe it works if we take PATH from instance, not software.
267 input = inline:
268   * * * * * PATH={{ path }} ${slapos-node-instance-wrapper:wrapper-path} > /dev/null 2>&1
269   * * * * * PATH={{ path }} ${slapos-node-software-wrapper:wrapper-path} > /dev/null 2>&1
270   * * * * * PATH={{ path }} ${slapos-node-report-wrapper:wrapper-path} > /dev/null 2>&1
271 output = ${directory:cron-entries}/slapos
272
273 [cron-entry-logrotate]
274 <= cron
275 recipe = slapos.cookbook:cron.d
276 name = logrotate
277 frequency = 0 0 * * *
278 command = $${logrotate:wrapper}
279
280
281
282 # XXX what to do for slapformat?
283
284 #########
285 # Deploy dropbear (minimalist SSH server)
286 #########
287 [sshkeys-directory]
288 recipe = slapos.cookbook:mkdirectory
289 requests = ${directory:sshkeys}/requests/
290 keys = ${directory:sshkeys}/keys/
291
292 [sshkeys-authority]
293 recipe = slapos.cookbook:sshkeys_authority
294 request-directory = ${sshkeys-directory:requests}
295 keys-directory = ${sshkeys-directory:keys}
296 wrapper = ${directory:service}/sshkeys_authority
297 keygen-binary = {{ dropbearkey_executable }}
298
299 [dropbear-server]
300 recipe = slapos.cookbook:dropbear
301 host = ${instance-parameter:ipv6-random}
302 port = 2222
303 home = ${directory:ssh}
304 wrapper = ${directory:bin}/raw_sshd
305 shell = {{ bash_executable }}
306 rsa-keyfile = ${directory:ssh}/server_key.rsa
307 dropbear-binary = {{ dropbear_executable }}
308
309 [sshkeys-dropbear]
310 <= sshkeys-authority
311 recipe = slapos.cookbook:sshkeys_authority.request
312 name = dropbear
313 type = rsa
314 executable = ${dropbear-server:wrapper}
315 public-key = ${dropbear-server:rsa-keyfile}.pub
316 private-key = ${dropbear-server:rsa-keyfile}
317 wrapper = ${directory:service}/sshd
318
319 [dropbear-server-add-authorized-key]
320 <= dropbear-server
321 recipe = slapos.cookbook:dropbear.add_authorized_key
322 key = ${instance-parameter:configuration.authorized-key}
323
324
325 # Deploy a frontend for log
326 # XXX TODO
327
328 #########
329 # Send informations to SlapOS Master
330 #########
331 [publish-connection-informations]
332 recipe = slapos.cookbook:publish
333 log-viewer-url = http://[${httpd-configuration-file:listening-ip}]:${httpd-configuration-file:listening-port}
334
335 #########
336 # Deploy promises scripts
337 #########
338 [dropbear-promise]
339 recipe = slapos.cookbook:check_port_listening
340 path = ${directory:promises}/dropbear
341 hostname = ${dropbear-server:host}
342 port = ${dropbear-server:port}
343