[Erp5-report] r43912 luke - in /erp5/trunk/utils/slapos.recipe.erp5: ./ src/ src/slapos/ sr...
nobody at svn.erp5.org
nobody at svn.erp5.org
Wed Mar 2 18:08:13 CET 2011
Author: luke
Date: Wed Mar 2 18:08:13 2011
New Revision: 43912
URL: http://svn.erp5.org?rev=43912&view=rev
Log:
- public version of recipe to instantiate ERP5 using slapos
Added:
erp5/trunk/utils/slapos.recipe.erp5/
erp5/trunk/utils/slapos.recipe.erp5/CHANGES.txt
erp5/trunk/utils/slapos.recipe.erp5/MANIFEST.in
erp5/trunk/utils/slapos.recipe.erp5/README.txt
erp5/trunk/utils/slapos.recipe.erp5/setup.cfg
erp5/trunk/utils/slapos.recipe.erp5/setup.py
erp5/trunk/utils/slapos.recipe.erp5/src/
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/__init__.py
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/__init__.py
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/__init__.py
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/apache.py
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/certificate_authority.py
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/execute.py
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/mysql.py
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/apache.zope.conf.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/apache.zope.conf.path.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/cloudooo.cfg.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/frontend.conf.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/haproxy.cfg.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/initmysql.sql.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_gateway.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_manager.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_server.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/memcached.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/my.cnf.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/openssl.cnf.ca.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/openssl.cnf.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zeo.conf.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zope.conf.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zope.conf.simple.in
erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/testrunner.py
Added: erp5/trunk/utils/slapos.recipe.erp5/CHANGES.txt
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/CHANGES.txt?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/CHANGES.txt (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/CHANGES.txt [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,5 @@
+Changelog
+=========
+
+1.0 (unreleased)
+----------------
Added: erp5/trunk/utils/slapos.recipe.erp5/MANIFEST.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/MANIFEST.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/MANIFEST.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/MANIFEST.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,2 @@
+include CHANGES.txt
+recursive-include src/slapos/recipe/erp5 *.in
Added: erp5/trunk/utils/slapos.recipe.erp5/README.txt
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/README.txt?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/README.txt (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/README.txt [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,30 @@
+The slapos.recipe.erp5 aims to instanciate an ERP5 environnment
+===============================================================
+
+SLAP parameters
+---------------
+
+zope_amount
+~~~~~~~~~~~
+
+:Optional: Yes
+:Type: integer
+:Default: None
+:Description: If present switches to Zope/ZEO configuration and configures this amount of Zopes connected to ZEO. If not present only one Zope with own ZODB is created.
+
+ca_*
+~~~~
+
+:Optional: Yes
+:Name: ca_country_code, ca_email, ca_state, ca_city, ca_company
+:Type: string
+:Default: XX, xx at example.com, State, City, Company
+:Description: Certificate Authority configuration.
+
+key_auth_path
+~~~~~~~~~~~~~
+
+:Optional: Yes
+:Type: string
+:Default: /erp5/portal_slap
+:Description: Path where connections using PKI authorisation will be directed.
Added: erp5/trunk/utils/slapos.recipe.erp5/setup.cfg
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/setup.cfg?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/setup.cfg (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/setup.cfg [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,3 @@
+[egg_info]
+tag_build = .dev
+tag_svn_revision = 1
Added: erp5/trunk/utils/slapos.recipe.erp5/setup.py
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/setup.py?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/setup.py (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/setup.py [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,35 @@
+from setuptools import setup, find_packages
+
+name = "slapos.recipe.erp5"
+version = '1.0'
+
+def read(name):
+ return open(name).read()
+
+long_description=( read('README.txt')
+ + '\n' +
+ read('CHANGES.txt')
+ )
+
+setup(
+ name = name,
+ version = version,
+ description = "ZC Buildout recipe for create an erp5 instance",
+ long_description=long_description,
+ license = "GPLv3",
+ keywords = "buildout slapos erp5",
+ classifiers=[
+ "Framework :: Buildout :: Recipe",
+ "Programming Language :: Python",
+ ],
+ packages = find_packages('src'),
+ package_dir = {'': 'src'},
+ include_package_data=True,
+ install_requires = [
+ 'zc.recipe.egg',
+ 'setuptools',
+ 'slapos.lib.recipe >= 1.0.dev-r4554',
+ ],
+ namespace_packages = ['slapos', 'slapos.recipe'],
+ entry_points = {'zc.buildout': ['default = %s:Recipe' % name]},
+ )
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/__init__.py
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/__init__.py?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/__init__.py (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/__init__.py [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,6 @@
+# See http://peak.telecommunity.com/DevCenter/setuptools#namespace-packages
+try:
+ __import__('pkg_resources').declare_namespace(__name__)
+except ImportError:
+ from pkgutil import extend_path
+ __path__ = extend_path(__path__, __name__)
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/__init__.py
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/__init__.py?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/__init__.py (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/__init__.py [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,6 @@
+# See http://peak.telecommunity.com/DevCenter/setuptools#namespace-packages
+try:
+ __import__('pkg_resources').declare_namespace(__name__)
+except ImportError:
+ from pkgutil import extend_path
+ __path__ = extend_path(__path__, __name__)
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/__init__.py
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/__init__.py?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/__init__.py (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/__init__.py [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,651 @@
+##############################################################################
+#
+# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
+#
+# WARNING: This program as such is intended to be used by professional
+# programmers who take the whole responsibility of assessing all potential
+# consequences resulting from its eventual inadequacies and bugs
+# End users who are looking for a ready-to-use solution with commercial
+# guarantees and support are strongly adviced to contract a Free Software
+# Service Company
+#
+# This program is Free Software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 3
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+##############################################################################
+from slapos.lib.recipe.BaseSlapRecipe import BaseSlapRecipe
+import binascii
+import os
+import pkg_resources
+import hashlib
+import sys
+import zc.buildout
+import zc.recipe.egg
+import time
+
+# global staic configuration parameters
+CONFIG = dict(
+ # Certificate Authority
+ ca_prefix='ca',
+ test_ca_prefix='test_ca',
+ # Zope
+ zope_user='zope',
+ zope_port_base=12000,
+ # Apache (login)
+ login_apache_port_base=13000,
+ # Apache (key login)
+ key_auth_apache_port_base=14000,
+ # MySQL
+ mysql_database='erp5',
+ mysql_port=45678,
+ mysql_prefix='mysql',
+ mysql_user='user',
+ mysql_test_database='test_erp5',
+ mysql_test_user='test_user',
+ # Zeo
+ zodb_data_prefix='zodb',
+ zodb_root_filename='root.fs',
+ zeo_port=22001,
+ zeo_storagename='root',
+ # HaProxy
+ haproxy_login_port=15000,
+ haproxy_key_auth_port=16000,
+ # Memcached
+ memcached_port=11000,
+ memcached_mem_limit=256, # in MB
+ # Kumofs
+ kumo_manager_port=13101,
+ kumo_server_port=13201,
+ kumo_server_listen_port=13202,
+ kumo_gateway_port=13301,
+ # Conversion Server
+ conversion_server_port=23000,
+ conversion_server_ooo_port=23060,
+ test_conversion_server_port=24000,
+ test_conversion_server_ooo_port=24060,
+)
+
+
+# Taken from Zope2 egg
+def write_inituser(fn, user, password):
+ fp = open(fn, "w")
+ pw = binascii.b2a_base64(hashlib.sha1(password).digest())[:-1]
+ fp.write('%s:{SHA}%s\n' % (user, pw))
+ fp.close()
+ os.chmod(fn, 0600)
+
+
+class Recipe(BaseSlapRecipe):
+ def getTemplateFilename(self, template_name):
+ return pkg_resources.resource_filename(__name__,
+ 'template/%s' % template_name)
+
+ def _install(self):
+ self.connection_dict = dict()
+ self.path_list = []
+ self.requirements, self.ws = self.egg.working_set([__name__])
+ default_parameter_dict = dict(
+ ca_country_code='XX',
+ ca_email='xx at example.com',
+ ca_state='State',
+ ca_city='City',
+ ca_company='Company',
+ key_auth_path='/erp5/portal_slap'
+ )
+ for k, v in default_parameter_dict.iteritems():
+ self.parameter_dict.setdefault(k, v)
+ self.installMemcached()
+ self.installKumo()
+ self.installTestConversionServer()
+ self.installConversionServer()
+ self.installTestCertificateAuthority()
+ self.installCertificateAuthority()
+ self.installMysqlServer()
+ self.installERP5()
+ zodb_dir = os.path.join(self.data_root_directory,
+ CONFIG['zodb_data_prefix'])
+ self._createDirectory(zodb_dir)
+ CONFIG['zodb_root_path'] = os.path.join(zodb_dir, CONFIG['zodb_root_filename'])
+ if 'zope_amount' in self.parameter_dict:
+ simple_zope = False
+ CONFIG['zope_amount'] = int(self.parameter_dict.get('zope_amount'))
+ else:
+ simple_zope = True
+ CONFIG['zope_amount'] = 1
+ if not simple_zope:
+ self.installZeo()
+ for zope_number in xrange(1, CONFIG['zope_amount'] + 1):
+ self.installZope(zope_number, simple_zope)
+ self.installHaproxy()
+ self.installTestRunner()
+ self.linkBinary()
+ self.computer_partition.setConnectionDict(self.connection_dict)
+ return self.path_list
+
+ def linkBinary(self):
+ """Links binaries to instance's bin directory for easier exposal"""
+ for linkline in self.options.get('link_binary_list', '').splitlines():
+ if not linkline:
+ continue
+ target = linkline.split()
+ if len(target) == 1:
+ target = target[0]
+ path, linkname = os.path.split(target)
+ else:
+ linkname = target[1]
+ target = target[0]
+ link = os.path.join(self.bin_directory, linkname)
+ if os.path.lexists(link):
+ if not os.path.islink(link):
+ raise zc.buildout.UserError(
+ 'Target link already %r exists but it is not link' % link)
+ os.unlink(link)
+ os.symlink(target, link)
+ self.logger.debug('Link %r -> %r created' % (link, target))
+ self.path_list.append(link)
+
+ def installKumo(self):
+ ip = self.getLocalIPv4Address()
+ CONFIG.update(
+ kumo_gateway_binary=self.options['kumo_gateway_binary'],
+ kumo_gateway_ip=ip,
+ kumo_gateway_log=os.path.join(self.log_directory, "kumo-gateway.log"),
+ kumo_manager_binary=self.options['kumo_manager_binary'],
+ kumo_manager_ip=ip,
+ kumo_manager_log=os.path.join(self.log_directory, "kumo-manager.log"),
+ kumo_server_binary=self.options['kumo_server_binary'],
+ kumo_server_ip=ip,
+ kumo_server_log=os.path.join(self.log_directory, "kumo-server.log"),
+ kumo_server_storage=os.path.join(self.data_root_directory, "kumodb.tch"),
+ )
+
+ self.path_list.append(self.createRunningWrapper('kumo_gateway',
+ self.substituteTemplate(self.getTemplateFilename('kumo_gateway.in'),
+ CONFIG)))
+
+ self.path_list.append(self.createRunningWrapper('kumo_manager',
+ self.substituteTemplate(self.getTemplateFilename('kumo_manager.in'),
+ CONFIG)))
+
+ self.path_list.append(self.createRunningWrapper('kumo_server',
+ self.substituteTemplate(self.getTemplateFilename('kumo_server.in'),
+ CONFIG)))
+
+ self.connection_dict.update(
+ kumo_manager_ip=CONFIG['kumo_manager_ip'],
+ kumo_manager_port=CONFIG['kumo_manager_port'],
+ kumo_server_ip=CONFIG['kumo_server_ip'],
+ kumo_server_port=CONFIG['kumo_server_port'],
+ kumo_gateway_ip=CONFIG['kumo_gateway_ip'],
+ kumo_gateway_port=CONFIG['kumo_gateway_port'],
+ )
+
+ def installMemcached(self):
+ CONFIG.update(
+ memcached_binary=self.options['memcached_binary'],
+ memcached_ip=self.getLocalIPv4Address())
+ self.path_list.append(self.createRunningWrapper('memcached',
+ self.substituteTemplate(self.getTemplateFilename('memcached.in'),
+ CONFIG)))
+ self.connection_dict.update(
+ memcached_ip=CONFIG['memcached_ip'],
+ memcached_port=CONFIG['memcached_port']
+ )
+
+ def installTestRunner(self):
+ """Installs bin/runTestSuite executable to run all tests using bin/runUnitTest"""
+ # XXX: This method can be drastically simplified after #20110128-1ECA63
+ # (ERP5 specific runUnitTest script shall be generated by erp5 eggg) will
+ # be solved
+ testinstance = self.createDataDirectory('testinstance')
+ # workaround wrong assumptions of ERP5Type.tests.runUnitTest about directory
+ # existence
+ unit_test = os.path.join(testinstance, 'unit_test')
+ if not os.path.isdir(unit_test):
+ os.mkdir(unit_test)
+ runUnitTest = zc.buildout.easy_install.scripts([
+ ('runUnitTest', __name__ + '.testrunner', 'runUnitTest')],
+ self.ws, sys.executable, self.bin_directory, arguments=[dict(
+ instance_home=testinstance,
+ prepend_path=self.bin_directory,
+ openssl_binary=self.options['openssl_binary'],
+ test_ca_path=CONFIG['test_ca_path'],
+ call_list=[self.options['runUnitTest_binary'],
+ '--erp5_sql_connection_string', '%(mysql_test_database)s@%'
+ '(mysql_ip)s:%(mysql_port)s %(mysql_test_user)s '
+ '%(mysql_test_password)s' % self.connection_dict,
+ '--conversion_server_hostname=%(test_conversion_server_ip)s' % self.connection_dict,
+ '--conversion_server_port=%(test_conversion_server_port)s' % self.connection_dict
+ ]
+ )])[0]
+ self.path_list.append(runUnitTest)
+
+ def _installCertificateAuthority(self, prefix=''):
+ CONFIG.update(
+ ca_dir=os.path.join(self.data_root_directory, CONFIG['%sca_prefix' % prefix])
+ )
+ CONFIG.update(
+ ca_certificate=os.path.join(CONFIG['ca_dir'], 'cacert.pem'),
+ ca_key=os.path.join(CONFIG['ca_dir'], 'private', 'cakey.pem'),
+ ca_crl=os.path.join(CONFIG['ca_dir'], 'crl'),
+ login_key=os.path.join(CONFIG['ca_dir'], 'private', 'login.key'),
+ login_certificate=os.path.join(CONFIG['ca_dir'], 'certs',
+ 'login.crt'),
+ key_auth_key=os.path.join(CONFIG['ca_dir'], 'private', 'keyauth.key'),
+ key_auth_certificate=os.path.join(CONFIG['ca_dir'], 'certs',
+ 'keyauth.crt'),
+ )
+ self._createDirectory(CONFIG['ca_dir'])
+ for d in ['certs', 'crl', 'newcerts', 'private']:
+ self._createDirectory(os.path.join(CONFIG['ca_dir'], d))
+ for f in ['crlnumber', 'serial']:
+ if not os.path.exists(os.path.join(CONFIG['ca_dir'], f)):
+ open(os.path.join(CONFIG['ca_dir'], f), 'w').write('01')
+ if not os.path.exists(os.path.join(CONFIG['ca_dir'], 'index.txt')):
+ open(os.path.join(CONFIG['ca_dir'], 'index.txt'), 'w').write('')
+ ca_conf = CONFIG.copy()
+ ca_conf['openssl_configuration'] = os.path.join(ca_conf['ca_dir'],
+ 'openssl.cnf')
+ ca_conf.update(
+ working_directory=CONFIG['ca_dir'],
+ country_code=self.parameter_dict['ca_country_code'],
+ state=self.parameter_dict['ca_state'],
+ city=self.parameter_dict['ca_city'],
+ company=self.parameter_dict['ca_company'],
+ email_address=self.parameter_dict['ca_email'],
+ )
+ self._writeFile(ca_conf['openssl_configuration'],
+ pkg_resources.resource_string(__name__,
+ 'template/openssl.cnf.ca.in') % ca_conf)
+ self.path_list.extend(zc.buildout.easy_install.scripts([
+ (prefix + 'certificate_authority',
+ __name__ + '.certificate_authority', 'runCertificateAuthority')],
+ self.ws, sys.executable, self.wrapper_directory, arguments=[dict(
+ openssl_configuration=ca_conf['openssl_configuration'],
+ openssl_binary=self.options['openssl_binary'],
+ ca_certificate=os.path.join(CONFIG['ca_dir'], 'cacert.pem'),
+ ca_key=os.path.join(CONFIG['ca_dir'], 'private', 'cakey.pem'),
+ ca_crl=os.path.join(CONFIG['ca_dir'], 'crl'),
+ login_key=os.path.join(CONFIG['ca_dir'], 'private', 'login.key'),
+ login_certificate=os.path.join(CONFIG['ca_dir'], 'certs',
+ 'login.crt'),
+ key_auth_key=os.path.join(CONFIG['ca_dir'], 'private',
+ 'keyauth.key'),
+ key_auth_certificate=os.path.join(CONFIG['ca_dir'], 'certs',
+ 'keyauth.crt'),
+ )]))
+ self.connection_dict.update(
+ openssl_binary=self.options['openssl_binary'],
+ certificate_authority_path=CONFIG['ca_dir']
+ )
+
+ def _installConversionServer(self, prefix=''):
+ name = prefix + 'conversion_server'
+ working_directory = self.createDataDirectory(name)
+ conversion_server_dict = dict(
+ working_path=working_directory,
+ uno_path=self.options['ooo_uno_path'],
+ office_binary_path=self.options['ooo_binary_path'],
+ ip=self.getLocalIPv4Address(),
+ port=CONFIG[name + '_port'],
+ openoffice_port=CONFIG[name + '_ooo_port'],
+ )
+ for env_line in self.options['environment'].splitlines():
+ env_line = env_line.strip()
+ if not env_line:
+ continue
+ if '=' in env_line:
+ env_key, env_value = env_line.split('=')
+ conversion_server_dict[env_key.strip()] = env_value.strip()
+ else:
+ raise zc.buildout.UserError('Line %r in environment parameter is '
+ 'incorrect' % env_line)
+ config_file = self.createConfigurationFile(name + '.cfg',
+ self.substituteTemplate(self.getTemplateFilename('cloudooo.cfg.in'),
+ conversion_server_dict))
+ self.path_list.append(config_file)
+ self.path_list.extend(zc.buildout.easy_install.scripts([(name,
+ __name__ + '.execute', 'execute')], self.ws, sys.executable,
+ self.wrapper_directory, arguments=[self.options['ooo_paster'].strip(),
+ 'serve', config_file]))
+ self.connection_dict.update(**{
+ name + '_port': conversion_server_dict['port'],
+ name + '_ip': conversion_server_dict['ip']
+ })
+
+ def installConversionServer(self):
+ self._installConversionServer()
+
+ def installTestConversionServer(self):
+ self._installConversionServer('test_')
+
+ def installCertificateAuthority(self):
+ self._installCertificateAuthority()
+
+ def installTestCertificateAuthority(self):
+ self._installCertificateAuthority('test_')
+ CONFIG.update(
+ test_ca_path=CONFIG['ca_dir']
+ )
+
+ def installHaproxy(self):
+ listen_template = """listen %(name)s %(ip)s:%(port)s
+ option ssl-hello-chk
+ balance roundrobin
+ %(server_list)s"""
+ server_template = """server %(name)s %(address)s check"""
+
+ ip_dict = dict(
+ key_auth=self.getLocalIPv4Address(),
+ login=self.getGlobalIPv6Address()
+ )
+ listen_list = []
+ for key in ['key_auth', 'login']:
+ conf = dict(
+ name=key,
+ ip=ip_dict[key],
+ port=CONFIG['haproxy_%s_port' % key]
+ )
+ server_list = []
+ for index in xrange(1, CONFIG['zope_amount'] + 1):
+ k = '_'.join([key, str(index)])
+ server_list.append(server_template % dict(name='_'.join([conf['name'],
+ str(index)]),
+ address=self.connection_dict[k]))
+ conf['server_list'] = '\n '.join(server_list)
+ listen_list.append(listen_template % conf)
+ key = 'haproxy_' + key + '_url'
+ d = {key: '%(ip)s:%(port)s' % conf}
+ CONFIG.update(**d)
+ self.connection_dict.update(**d)
+ haproxy_conf_path = self.createConfigurationFile('haproxy.cfg',
+ self.substituteTemplate(self.getTemplateFilename('haproxy.cfg.in'),
+ dict(listen_list='\n'.join(listen_list))))
+ self.path_list.append(haproxy_conf_path)
+ wrapper = zc.buildout.easy_install.scripts([('haproxy',
+ __name__ + '.execute', 'execute')], self.ws, sys.executable,
+ self.wrapper_directory, arguments=[
+ self.options['haproxy_binary'].strip(), '-f', haproxy_conf_path]
+ )[0]
+ self.path_list.append(wrapper)
+
+ def installERP5(self):
+ """
+ All zope have to share file created by portal_classes
+ (until everything is integrated into the ZODB).
+ So, do not request zope instance and create multiple in the same partition.
+ """
+ # Create instance directories
+ self.erp5_directory = self.createDataDirectory('erp5shared')
+ # Create init user
+ password = self.generatePassword()
+ write_inituser(os.path.join(self.erp5_directory, "inituser"),
+ CONFIG['zope_user'], password)
+ self.connection_dict.update(zope_user=CONFIG['zope_user'],
+ zope_password=password)
+
+ self._createDirectory(self.erp5_directory)
+ for directory in (
+ 'Constraint',
+ 'Document',
+ 'Extensions',
+ 'PropertySheet',
+ 'import',
+ 'lib',
+ 'tests',
+ 'Products',
+ ):
+ self._createDirectory(os.path.join(self.erp5_directory, directory))
+ return []
+
+ def installZeo(self):
+ CONFIG.update(
+ zeo_event_log=os.path.join(self.log_directory, 'zeo.log'),
+ zeo_ip=self.getLocalIPv4Address(),
+ zeo_zodb=CONFIG['zodb_root_path'],
+ zeo_pid=os.path.join(self.run_directory, 'zeo.pid')
+ )
+ zeo_conf_path = self.createConfigurationFile('zeo.conf',
+ self.substituteTemplate(self.getTemplateFilename('zeo.conf.in'), CONFIG))
+ self.path_list.append(zeo_conf_path)
+ wrapper = zc.buildout.easy_install.scripts([('zeo', __name__ + '.execute',
+ 'execute')], self.ws, sys.executable, self.wrapper_directory, arguments=[
+ self.options['runzeo_binary'].strip(), '-C', zeo_conf_path]
+ )[0]
+ self.path_list.append(wrapper)
+
+ def installZope(self, index, simple_zope):
+ self.backend_ip = self.getLocalIPv4Address()
+ self.backend_port = str(CONFIG['zope_port_base'] + index)
+ # Create instance directories
+
+ # Create zope configuration file
+ zope_config = {}
+ zope_config.update(self.options)
+ zope_config.update(CONFIG)
+ zope_config['instance'] = self.erp5_directory
+ zope_config['event_log'] = os.path.join(self.log_directory,
+ 'zope_%s-event.log' % index)
+ zope_config['z2_log'] = os.path.join(self.log_directory,
+ 'zope_%s-Z2.log' % index)
+ zope_config['pid-filename'] = os.path.join(self.run_directory,
+ 'zope_%s.pid' % index)
+ zope_config['lock-filename'] = os.path.join(self.run_directory,
+ 'zope_%s.lock' % index)
+
+ prefixed_products = []
+ for product in reversed(zope_config['products'].split()):
+ product = product.strip()
+ if product:
+ prefixed_products.append('products %s' % product)
+ prefixed_products.insert(0, 'products %s' % os.path.join(
+ self.erp5_directory, 'Products'))
+ zope_config['products'] = '\n'.join(prefixed_products)
+ zope_config['address'] = '%s:%s' % (self.backend_ip, self.backend_port)
+ zope_config['tmp_directory'] = self.tmp_directory
+ zope_config['path'] = ':'.join([self.bin_directory] +
+ os.environ['PATH'].split(':'))
+
+ if simple_zope:
+ zope_wrapper_template_location = self.getTemplateFilename(
+ 'zope.conf.simple.in')
+ else:
+ zope_wrapper_template_location = self.getTemplateFilename('zope.conf.in')
+
+ zope_conf_path = self.createConfigurationFile("zope_%s.conf" %
+ index, self.substituteTemplate(
+ zope_wrapper_template_location, zope_config))
+ self.path_list.append(zope_conf_path)
+ # Create init script
+ wrapper = zc.buildout.easy_install.scripts([('zope_%s' % index,
+ __name__ + '.execute', 'execute')], self.ws, sys.executable,
+ self.wrapper_directory, arguments=[
+ self.options['runzope_binary'].strip(), '-C', zope_conf_path]
+ )[0]
+ self.path_list.append(wrapper)
+
+ self.installLoginApache(index)
+ self.installKeyAuthorisationApache(index)
+
+ def _getApacheConfigurationDict(self, prefix, ip, port):
+ apache_conf = dict()
+ apache_conf['pid_file'] = os.path.join(self.run_directory,
+ prefix + '.pid')
+ apache_conf['lock_file'] = os.path.join(self.run_directory,
+ prefix+'.lock')
+ apache_conf['ip'] = ip
+ apache_conf['port'] = port
+ apache_conf['server_admin'] = 'admin@'
+ apache_conf['error_log'] = os.path.join(self.log_directory,
+ prefix+'-error.log')
+ apache_conf['access_log'] = os.path.join(self.log_directory,
+ prefix+'-access.log')
+ return apache_conf
+
+ def _writeApacheConfiguration(self, prefix, apache_conf):
+ rewrite_rule_template = \
+ "RewriteRule (.*) http://%(backend_ip)s:%(backend_port)s$1 [L,P]"
+ path_template = pkg_resources.resource_string(__name__,
+ 'template/apache.zope.conf.path.in')
+ path = path_template % dict(path='/')
+ d = dict(
+ path=path,
+ backend_ip=self.backend_ip,
+ backend_port=self.backend_port,
+ backend_path='/',
+ port=apache_conf['port'],
+ vhname=path.replace('/',''),
+ )
+ rewrite_rule = rewrite_rule_template % d
+ apache_conf.update(**dict(
+ path_enable=path,
+ rewrite_rule=rewrite_rule
+ ))
+ return self.createConfigurationFile(prefix+'.conf',
+ pkg_resources.resource_string(__name__,
+ 'template/apache.zope.conf.in') % apache_conf)
+
+ def installLoginApache(self, index):
+ ssl_template = """SSLEngine on
+SSLCertificateFile %(login_certificate)s
+SSLCertificateKeyFile %(login_key)s
+SSLRandomSeed startup builtin
+SSLRandomSeed connect builtin
+"""
+ apache_conf = self._getApacheConfigurationDict('login_apache_%s' % index,
+ self.getLocalIPv4Address(), CONFIG['login_apache_port_base'] + index)
+ apache_conf['server_name'] = '%s' % apache_conf['ip']
+ apache_conf['ssl_snippet'] = ssl_template % CONFIG
+ apache_config_file = self._writeApacheConfiguration('login_apache_%s'% index,
+ apache_conf)
+ self.path_list.append(apache_config_file)
+ self.path_list.extend(zc.buildout.easy_install.scripts([(
+ 'login_apache_%s'% index,
+ __name__+'.apache', 'runApache')], self.ws,
+ sys.executable, self.wrapper_directory, arguments=[
+ dict(
+ required_path_list = [CONFIG['login_certificate'],
+ CONFIG['login_key']],
+ binary=self.options['httpd_binary'],
+ config=apache_config_file
+ )
+ ]))
+ self.connection_dict['login_%s'% index] = '%(ip)s:%(port)s'% apache_conf
+
+ def installKeyAuthorisationApache(self, index):
+ ssl_template = """SSLEngine on
+SSLVerifyClient require
+RequestHeader set REMOTE_USER %%{SSL_CLIENT_S_DN_CN}s
+SSLCertificateFile %(key_auth_certificate)s
+SSLCertificateKeyFile %(key_auth_key)s
+SSLCACertificateFile %(ca_certificate)s
+SSLCARevocationPath %(ca_crl)s"""
+ apache_conf = self._getApacheConfigurationDict('key_auth_apache_%s' % index,
+ self.getLocalIPv4Address(),
+ CONFIG['key_auth_apache_port_base'] + index)
+ apache_conf['ssl_snippet'] = ssl_template % CONFIG
+ prefix = 'ssl_key_auth_apache_%s'% index
+ rewrite_rule_template = \
+ "RewriteRule (.*) http://%(backend_ip)s:%(backend_port)s%(key_auth_path)s$1 [L,P]"
+ path_template = pkg_resources.resource_string(__name__,
+ 'template/apache.zope.conf.path.in')
+ path = path_template % dict(path='/')
+ d = dict(
+ path=path,
+ backend_ip=self.backend_ip,
+ backend_port=self.backend_port,
+ backend_path='/',
+ port=apache_conf['port'],
+ vhname=path.replace('/',''),
+ key_auth_path=self.parameter_dict['key_auth_path'],
+ )
+ rewrite_rule = rewrite_rule_template % d
+ apache_conf.update(**dict(
+ path_enable=path,
+ rewrite_rule=rewrite_rule
+ ))
+ apache_config_file = self.createConfigurationFile(prefix+'.conf',
+ pkg_resources.resource_string(__name__,
+ 'template/apache.zope.conf.in') % apache_conf)
+ self.path_list.append(apache_config_file)
+ self.path_list.extend(zc.buildout.easy_install.scripts([(
+ 'key_auth_apache_%s'% index,
+ __name__+'.apache', 'runApache')], self.ws,
+ sys.executable, self.wrapper_directory, arguments=[
+ dict(
+ required_path_list = [CONFIG['key_auth_certificate'],
+ CONFIG['key_auth_key'], CONFIG['ca_certificate'],
+ CONFIG['ca_crl']],
+ binary=self.options['httpd_binary'],
+ config=apache_config_file
+ )
+ ]))
+ self.connection_dict['key_auth_%s'% index] = \
+ '%(ip)s:%(port)s'% apache_conf
+
+ def installMysqlServer(self):
+ mysql_conf = dict(
+ ip=self.getLocalIPv4Address(),
+ data_directory=os.path.join(self.data_root_directory,
+ CONFIG['mysql_prefix']),
+ tcp_port=CONFIG['mysql_port'],
+ pid_file=os.path.join(self.run_directory, 'mysqld.pid'),
+ socket=os.path.join(self.run_directory, 'mysqld.sock'),
+ error_log=os.path.join(self.log_directory, 'mysqld.log'),
+ slow_query_log=os.path.join(self.log_directory,
+ 'mysql-slow.log'),
+ mysql_database=CONFIG['mysql_database'],
+ mysql_user=CONFIG['mysql_user'],
+ mysql_password=self.generatePassword(),
+ mysql_test_password=self.generatePassword(),
+ mysql_test_database=CONFIG['mysql_test_database'],
+ mysql_test_user=CONFIG['mysql_test_user'],
+ )
+ self._createDirectory(mysql_conf['data_directory'])
+
+ mysql_conf_path = self.createConfigurationFile("my.cnf",
+ self.substituteTemplate(self.getTemplateFilename('my.cnf.in'),
+ mysql_conf))
+
+ self.connection_dict.update(
+ mysql_database=CONFIG['mysql_database'],
+ mysql_ip=mysql_conf['ip'],
+ mysql_password=mysql_conf['mysql_password'],
+ mysql_port=CONFIG['mysql_port'],
+ mysql_user=CONFIG['mysql_user'],
+ mysql_test_database=CONFIG['mysql_test_database'],
+ mysql_test_user=CONFIG['mysql_test_user'],
+ mysql_test_password=mysql_conf['mysql_test_password'],
+ )
+ initialise_command_list = [self.options['mysql_install_binary'],
+ '--skip-name-resolve', '--no-defaults',
+ '--datadir=%s' % mysql_conf['data_directory']]
+ mysql_command_list = [self.options['mysql_binary'].strip(),
+ '--no-defaults', '-B', '--user=root',
+ '--socket=%s' % mysql_conf['socket'],
+ ]
+ mysql_script = pkg_resources.resource_string(__name__,
+ 'template/initmysql.sql.in') % mysql_conf
+ self.path_list.extend(zc.buildout.easy_install.scripts([('mysql_update',
+ __name__+'.mysql', 'updateMysql')], self.ws,
+ sys.executable, self.wrapper_directory, arguments=[mysql_command_list,
+ mysql_script]))
+ self.path_list.extend(zc.buildout.easy_install.scripts([('mysqld',
+ __name__+'.mysql', 'runMysql')], self.ws,
+ sys.executable, self.wrapper_directory, arguments=[
+ initialise_command_list, {
+ 'mysqld_binary':self.options['mysqld_binary'],
+ 'configuration_file':mysql_conf_path,
+ }]))
+ self.path_list.extend([mysql_conf_path])
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/apache.py
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/apache.py?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/apache.py (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/apache.py [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,21 @@
+import os
+import sys
+import time
+
+def runApache(args):
+ sleep = 60
+ conf = args[0]
+ while True:
+ ready = True
+ for f in conf['required_path_list']:
+ if not os.path.exists(f):
+ print 'File %r does not exists, sleeping for %s' % (f, sleep)
+ ready = False
+ if ready:
+ break
+ time.sleep(sleep)
+ apache_wrapper_list = [conf['binary'], '-f', conf['config'], '-DFOREGROUND']
+ apache_wrapper_list.extend(sys.argv[1:])
+ sys.stdout.flush()
+ sys.stderr.flush()
+ os.execl(apache_wrapper_list[0], *apache_wrapper_list)
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/certificate_authority.py
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/certificate_authority.py?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/certificate_authority.py (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/certificate_authority.py [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,100 @@
+import os
+import subprocess
+import time
+
+def popenCommunicate(command_list, input=None):
+ subprocess_kw = dict(stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
+ if input is not None:
+ subprocess_kw.update(stdin=subprocess.PIPE)
+ popen = subprocess.Popen(command_list, **subprocess_kw)
+ result = popen.communicate(input)[0]
+ if popen.returncode is None:
+ popen.kill()
+ if popen.returncode != 0:
+ raise ValueError('Issue during calling %r, result was:\n%s' % (command_list,
+ result))
+ return result
+
+def checkCertificateAuthority(ca_conf):
+ file_list = [
+ ca_conf['ca_key'],
+ ca_conf['ca_certificate'],
+ ]
+ ca_ready = True
+ for f in file_list:
+ if not os.path.exists(f):
+ ca_ready = False
+ break
+ if ca_ready:
+ return
+ for f in file_list:
+ if os.path.exists(f):
+ os.unlink(f)
+ try:
+ # no CA, let us create new one
+ popenCommunicate([ca_conf['openssl_binary'], 'req', '-nodes', '-config',
+ ca_conf['openssl_configuration'], '-new', '-x509', '-extensions',
+ 'v3_ca', '-keyout', ca_conf['ca_key'], '-out',
+ ca_conf['ca_certificate'], '-days',
+ '10950'], 'Automatic Certificate Authority\n')
+ except:
+ try:
+ for f in file_list:
+ if os.path.exists(f):
+ os.unlink(f)
+ except:
+ # do not raise during cleanup
+ pass
+ raise
+
+def checkCertificate(common_name, key, certificate, ca_conf):
+ file_list = [ key, certificate ]
+ ready = True
+ for f in file_list:
+ if not os.path.exists(f):
+ ready = False
+ break
+ if ready:
+ return
+ for f in file_list:
+ if os.path.exists(f):
+ os.unlink(f)
+ csr = certificate + '.csr'
+ try:
+ popenCommunicate([ca_conf['openssl_binary'], 'req', '-config',
+ ca_conf['openssl_configuration'], '-nodes', '-new', '-keyout',
+ key, '-out', csr, '-days', '3650'],
+ common_name + '\n')
+ try:
+ popenCommunicate([ca_conf['openssl_binary'], 'ca', '-batch', '-config',
+ ca_conf['openssl_configuration'], '-out', certificate,
+ '-infiles', csr])
+ finally:
+ if os.path.exists(csr):
+ os.unlink(csr)
+ except:
+ try:
+ for f in file_list:
+ if os.path.exists(f):
+ os.unlink(f)
+ except:
+ # do not raise during cleanup
+ pass
+ raise
+
+
+def checkLoginCertificate(ca_conf):
+ checkCertificate('Login Based Access', ca_conf['login_key'],
+ ca_conf['login_certificate'], ca_conf)
+
+def checkKeyAuthCertificate(ca_conf):
+ checkCertificate('Key Based Access', ca_conf['key_auth_key'],
+ ca_conf['key_auth_certificate'], ca_conf)
+
+def runCertificateAuthority(args):
+ ca_conf = args[0]
+ while True:
+ checkCertificateAuthority(ca_conf)
+ checkLoginCertificate(ca_conf)
+ checkKeyAuthCertificate(ca_conf)
+ time.sleep(60)
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/execute.py
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/execute.py?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/execute.py (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/execute.py [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,5 @@
+import os
+def execute(args):
+ """Portable execution with process replacement"""
+ # Note: Candidate for slapos.lib.recipe
+ os.execv(args[0], args)
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/mysql.py
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/mysql.py?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/mysql.py (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/mysql.py [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,43 @@
+import os
+import subprocess
+import sys
+import time
+
+def runMysql(args):
+ sleep = 60
+ initialise_command_list = args[0]
+ mysql_conf = args[1]
+ mysql_wrapper_list = [mysql_conf['mysqld_binary'],
+ '--defaults-file=%s'%mysql_conf['configuration_file']]
+ while True:
+ # XXX: Protect with proper root password
+ popen = subprocess.Popen(initialise_command_list,
+ stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
+ result = popen.communicate()[0]
+ if popen.returncode is None or popen.returncode != 0:
+ print "Failed to initialise server.\nThe error was: %s" % result
+ print "Waiting for %ss and retrying" % sleep
+ time.sleep(sleep)
+ else:
+ print "Mysql properly initialised"
+ break
+ sys.stdout.flush()
+ sys.stderr.flush()
+ os.execl(mysql_wrapper_list[0], *mysql_wrapper_list)
+
+def updateMysql(args):
+ mysql_command_list = args[0]
+ mysql_script = args[1]
+ sleep = 30
+ while True:
+ mysql = subprocess.Popen(mysql_command_list, stdin=subprocess.PIPE,
+ stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
+ result = mysql.communicate(mysql_script)[0]
+ if mysql.returncode is None:
+ mysql.kill()
+ if mysql.returncode != 0:
+ print 'Script failed with: %s' % result
+ print 'Sleeping for %ss and retrying' % sleep
+ else:
+ print 'Script succesfully run on database, exiting'
+ time.sleep(sleep)
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/apache.zope.conf.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/apache.zope.conf.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/apache.zope.conf.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/apache.zope.conf.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,55 @@
+# Apache configuration file for Zope
+# Automatically generated
+
+# Basic server configuration
+PidFile "%(pid_file)s"
+LockFile "%(lock_file)s"
+Listen %(ip)s:%(port)s
+ServerAdmin %(server_admin)s
+DefaultType text/plain
+TypesConfig conf/mime.types
+AddType application/x-compress .Z
+AddType application/x-gzip .gz .tgz
+
+# As backend is trusting REMOTE_USER header unset it always
+RequestHeader unset REMOTE_USER
+
+# SSL Configuration
+%(ssl_snippet)s
+
+# Log configuration
+ErrorLog "%(error_log)s"
+LogLevel warn
+LogFormat "%%h %%{REMOTE_USER}i %%l %%u %%t \"%%r\" %%>s %%b \"%%{Referer}i\" \"%%{User-Agent}i\"" combined
+LogFormat "%%h %%{REMOTE_USER}i %%l %%u %%t \"%%r\" %%>s %%b" common
+CustomLog "%(access_log)s" common
+
+# Directory protection
+<Directory />
+ Options FollowSymLinks
+ AllowOverride None
+ Order deny,allow
+ Deny from all
+</Directory>
+
+%(path_enable)s
+
+# Magic of Zope related rewrite
+RewriteEngine On
+%(rewrite_rule)s
+
+# List of modules
+LoadModule authz_host_module modules/mod_authz_host.so
+LoadModule log_config_module modules/mod_log_config.so
+LoadModule setenvif_module modules/mod_setenvif.so
+LoadModule version_module modules/mod_version.so
+LoadModule proxy_module modules/mod_proxy.so
+LoadModule proxy_http_module modules/mod_proxy_http.so
+LoadModule ssl_module modules/mod_ssl.so
+LoadModule mime_module modules/mod_mime.so
+LoadModule dav_module modules/mod_dav.so
+LoadModule dav_fs_module modules/mod_dav_fs.so
+LoadModule negotiation_module modules/mod_negotiation.so
+LoadModule rewrite_module modules/mod_rewrite.so
+LoadModule headers_module modules/mod_headers.so
+LoadModule antiloris_module modules/mod_antiloris.so
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/apache.zope.conf.path.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/apache.zope.conf.path.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/apache.zope.conf.path.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/apache.zope.conf.path.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,5 @@
+# Path enabled
+<Location %(path)s>
+ Order Allow,Deny
+ Allow from all
+</Location>
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/cloudooo.cfg.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/cloudooo.cfg.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/cloudooo.cfg.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/cloudooo.cfg.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,41 @@
+[app:main]
+use = egg:cloudooo
+#
+## System config
+#
+debug_mode = True
+# Folder where pid files, lock files and virtual frame buffer mappings
+# are stored. In this folder is necessary create a folder tmp, because this
+# folder is used to create all temporary documents.
+working_path = %(working_path)s
+# Folder where UNO library is installed
+uno_path = %(uno_path)s
+# Folder where soffice.bin is installed
+office_binary_path = %(office_binary_path)s
+#
+## Monitor Settings
+#
+# Limit to use the Openoffice Instance. if pass of the limit, the instance is
+# stopped and another is started.
+limit_number_request = 100
+# Interval to check the factory
+monitor_interval = 10
+timeout_response = 180
+enable_memory_monitor = True
+# Set the limit in MB
+# e.g 1000 = 1 GB, 100 = 100 MB
+limit_memory_used = 3000
+#
+## OOFactory Settings
+#
+# The pool consist of several OpenOffice.org instances
+application_hostname = localhost
+# OpenOffice Port
+openoffice_port = %(openoffice_port)s
+# LD_LIBRARY_PATH passed to OpenOffice
+env-LD_LIBRARY_PATH = %(LD_LIBRARY_PATH)s
+
+[server:main]
+use = egg:PasteScript#wsgiutils
+host = %(ip)s
+port = %(port)s
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/frontend.conf.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/frontend.conf.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/frontend.conf.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/frontend.conf.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,52 @@
+# Apache configuration file for Zope
+# Automatically generated
+
+# Basic server configuration
+PidFile "%(pid_file)s"
+LockFile "%(lock_file)s"
+Listen [%(ip)s]:%(port)s
+ServerAdmin %(server_admin)s
+ServerName %(server_name)s
+DefaultType text/plain
+TypesConfig conf/mime.types
+AddType application/x-compress .Z
+AddType application/x-gzip .gz .tgz
+
+SSLCertificateFile %(certificate)s
+SSLCertificateKeyFile %(key)s
+SSLRandomSeed startup builtin
+SSLRandomSeed connect builtin
+
+# Log configuration
+ErrorLog "%(error_log)s"
+LogLevel warn
+LogFormat "%%h %%{REMOTE_USER}i %%l %%u %%t \"%%r\" %%>s %%b \"%%{Referer}i\" \"%%{User-Agent}i\"" combined
+LogFormat "%%h %%{REMOTE_USER}i %%l %%u %%t \"%%r\" %%>s %%b" common
+CustomLog "%(access_log)s" common
+
+# Directory protection
+<Directory />
+ Options FollowSymLinks
+ AllowOverride None
+ Order deny,allow
+ Deny from all
+</Directory>
+
+# Magic of Zope related rewrite
+RewriteEngine On
+%(rewrite_rule)s
+
+# List of modules
+LoadModule authz_host_module modules/mod_authz_host.so
+LoadModule log_config_module modules/mod_log_config.so
+LoadModule setenvif_module modules/mod_setenvif.so
+LoadModule version_module modules/mod_version.so
+LoadModule proxy_module modules/mod_proxy.so
+LoadModule proxy_http_module modules/mod_proxy_http.so
+LoadModule ssl_module modules/mod_ssl.so
+LoadModule mime_module modules/mod_mime.so
+LoadModule dav_module modules/mod_dav.so
+LoadModule dav_fs_module modules/mod_dav_fs.so
+LoadModule negotiation_module modules/mod_negotiation.so
+LoadModule rewrite_module modules/mod_rewrite.so
+LoadModule headers_module modules/mod_headers.so
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/haproxy.cfg.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/haproxy.cfg.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/haproxy.cfg.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/haproxy.cfg.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,9 @@
+defaults
+ mode tcp
+ option redispatch
+ timeout server 3000s
+ timeout queue 5s
+ timeout connect 10s
+ timeout client 3600s
+
+%(listen_list)s
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/initmysql.sql.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/initmysql.sql.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/initmysql.sql.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/initmysql.sql.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,5 @@
+CREATE DATABASE IF NOT EXISTS %(mysql_database)s;
+GRANT ALL PRIVILEGES ON %(mysql_database)s.* TO %(mysql_user)s@'%%' IDENTIFIED BY '%(mysql_password)s';
+CREATE DATABASE IF NOT EXISTS %(mysql_test_database)s;
+GRANT ALL PRIVILEGES ON %(mysql_test_database)s.* TO %(mysql_test_user)s@'%%' IDENTIFIED BY '%(mysql_test_password)s';
+EXIT
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_gateway.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_gateway.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_gateway.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_gateway.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec %(kumo_gateway_binary)s -F -E -m %(kumo_manager_ip)s:%(kumo_manager_port)s -t %(kumo_gateway_ip)s:%(kumo_gateway_port)s -o %(kumo_gateway_log)s
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_manager.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_manager.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_manager.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_manager.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec %(kumo_manager_binary)s -a -l %(kumo_manager_ip)s:%(kumo_manager_port)s -o %(kumo_manager_log)s
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_server.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_server.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_server.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/kumo_server.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec %(kumo_server_binary)s -l %(kumo_server_ip)s:%(kumo_server_port)s -L %(kumo_server_listen_port)s -m %(kumo_manager_ip)s:%(kumo_manager_port)s -s %(kumo_server_storage)s -o %(kumo_server_log)s
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/memcached.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/memcached.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/memcached.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/memcached.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec %(memcached_binary)s -p %(memcached_port)s -U %(memcached_port)s -l %(memcached_ip)s -m %(memcached_mem_limit)s
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/my.cnf.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/my.cnf.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/my.cnf.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/my.cnf.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,53 @@
+# ERP5 buildout my.cnf template based on my-huge.cnf shipped with mysql
+# The MySQL server
+[mysqld]
+# ERP5 by default requires InnoDB storage. MySQL by default fallbacks to using
+# different engine, like MyISAM. Such behaviour generates problems only, when
+# tables requested as InnoDB are silently created with MyISAM engine.
+#
+# Loud fail is really required in such case.
+sql-mode="NO_ENGINE_SUBSTITUTION"
+
+skip-show-database
+port = %(tcp_port)s
+bind-address = %(ip)s
+socket = %(socket)s
+datadir = %(data_directory)s
+pid-file = %(pid_file)s
+log-error = %(error_log)s
+log-slow-queries = %(slow_query_log)s
+long_query_time = 5
+max_allowed_packet = 128M
+query_cache_size = 32M
+
+plugin-load = ha_innodb_plugin.so
+
+# The following are important to configure and depend a lot on to the size of
+# your database and the available resources.
+#innodb_buffer_pool_size = 4G
+#innodb_log_file_size = 256M
+#innodb_log_buffer_size = 8M
+
+# Some dangerous settings you may want to uncomment if you only want
+# performance or less disk access. Useful for unit tests.
+#innodb_flush_log_at_trx_commit = 0
+#innodb_flush_method = nosync
+#innodb_doublewrite = 0
+#sync_frm = 0
+
+# Uncomment the following if you need binary logging, which is recommended
+# on production instances (either for replication or incremental backups).
+#log-bin=mysql-bin
+
+# Force utf8 usage
+collation_server = utf8_unicode_ci
+character_set_server = utf8
+default-character-set = utf8
+skip-character-set-client-handshake
+
+[mysql]
+no-auto-rehash
+socket = %(socket)s
+
+[mysqlhotcopy]
+interactive-timeout
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/openssl.cnf.ca.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/openssl.cnf.ca.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/openssl.cnf.ca.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/openssl.cnf.ca.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,350 @@
+#
+# OpenSSL example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+# This definition stops the following lines choking if HOME isn't
+# defined.
+HOME = .
+RANDFILE = $ENV::HOME/.rnd
+
+# Extra OBJECT IDENTIFIER info:
+#oid_file = $ENV::HOME/.oid
+oid_section = new_oids
+
+# To use this configuration file with the "-extfile" option of the
+# "openssl x509" utility, name here the section containing the
+# X.509v3 extensions to use:
+# extensions =
+# (Alternatively, use a configuration file that has only
+# X.509v3 extensions in its main [= default] section.)
+
+[ new_oids ]
+
+# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
+# Add a simple OID like this:
+# testoid1=1.2.3.4
+# Or use config file substitution like this:
+# testoid2=${testoid1}.5.6
+
+# Policies used by the TSA examples.
+tsa_policy1 = 1.2.3.4.1
+tsa_policy2 = 1.2.3.4.5.6
+tsa_policy3 = 1.2.3.4.5.7
+
+####################################################################
+[ ca ]
+default_ca = CA_default # The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir = %(working_directory)s # Where everything is kept
+certs = $dir/certs # Where the issued certs are kept
+crl_dir = $dir/crl # Where the issued crl are kept
+database = $dir/index.txt # database index file.
+#unique_subject = no # Set to 'no' to allow creation of
+ # several ctificates with same subject.
+new_certs_dir = $dir/newcerts # default place for new certs.
+
+certificate = $dir/cacert.pem # The CA certificate
+serial = $dir/serial # The current serial number
+crlnumber = $dir/crlnumber # the current crl number
+ # must be commented out to leave a V1 CRL
+crl = $dir/crl.pem # The current CRL
+private_key = $dir/private/cakey.pem # The private key
+RANDFILE = $dir/private/.rand # private random number file
+
+x509_extensions = usr_cert # The extentions to add to the cert
+
+# Comment out the following two lines for the "traditional"
+# (and highly broken) format.
+name_opt = ca_default # Subject Name options
+cert_opt = ca_default # Certificate field options
+
+# Extension copying option: use with caution.
+# copy_extensions = copy
+
+# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
+# so this is commented out by default to leave a V1 CRL.
+# crlnumber must also be commented out to leave a V1 CRL.
+# crl_extensions = crl_ext
+
+default_days = 3650 # how long to certify for
+default_crl_days= 30 # how long before next CRL
+default_md = default # use public key default MD
+preserve = no # keep passed DN ordering
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy = policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName = match
+stateOrProvinceName = match
+organizationName = match
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+####################################################################
+[ req ]
+default_bits = 2048
+default_md = sha1
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+#attributes = req_attributes
+x509_extensions = v3_ca # The extentions to add to the self signed cert
+
+# Passwords for private keys if not present they will be prompted for
+# input_password = secret
+# output_password = secret
+
+# This sets a mask for permitted string types. There are several options.
+# default: PrintableString, T61String, BMPString.
+# pkix : PrintableString, BMPString (PKIX recommendation before 2004)
+# utf8only: only UTF8Strings (PKIX recommendation after 2004).
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
+string_mask = utf8only
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_value = %(country_code)s
+countryName_min = 2
+countryName_max = 2
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_value = %(state)s
+
+localityName = Locality Name (eg, city)
+localityName_value = %(city)s
+
+0.organizationName = Organization Name (eg, company)
+0.organizationName_value = %(company)s
+
+# we can do this but it is not needed normally :-)
+#1.organizationName = Second Organization Name (eg, company)
+#1.organizationName_default = World Wide Web Pty Ltd
+
+commonName = Common Name (eg, your name or your server\'s hostname)
+commonName_max = 64
+
+emailAddress = Email Address
+emailAddress_value = %(email_address)s
+emailAddress_max = 64
+
+# SET-ex3 = SET extension number 3
+
+#[ req_attributes ]
+#challengePassword = A challenge password
+#challengePassword_min = 4
+#challengePassword_max = 20
+#
+#unstructuredName = An optional company name
+
+[ usr_cert ]
+
+# These extensions are added when 'ca' signs a request.
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType = server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment = "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This is required for TSA certificates.
+# extendedKeyUsage = critical,timeStamping
+
+[ v3_req ]
+
+# Extensions to add to a certificate request
+
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+[ v3_ca ]
+
+
+# Extensions for a typical CA
+
+
+# PKIX recommendation.
+
+subjectKeyIdentifier=hash
+
+authorityKeyIdentifier=keyid:always,issuer
+
+# This is what PKIX recommends but some broken software chokes on critical
+# extensions.
+#basicConstraints = critical,CA:true
+# So we do this instead.
+basicConstraints = CA:true
+
+# Key usage: this is typical for a CA certificate. However since it will
+# prevent it being used as an test self-signed certificate it is best
+# left out by default.
+# keyUsage = cRLSign, keyCertSign
+
+# Some might want this also
+# nsCertType = sslCA, emailCA
+
+# Include email address in subject alt name: another PKIX recommendation
+# subjectAltName=email:copy
+# Copy issuer details
+# issuerAltName=issuer:copy
+
+# DER hex encoding of an extension: beware experts only!
+# obj=DER:02:03
+# Where 'obj' is a standard or added object
+# You can even override a supported extension:
+# basicConstraints= critical, DER:30:03:01:01:FF
+
+[ crl_ext ]
+
+# CRL extensions.
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always
+
+[ proxy_cert_ext ]
+# These extensions should be added when creating a proxy certificate
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType = server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment = "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This really needs to be in place for it to be a proxy certificate.
+proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
+
+####################################################################
+[ tsa ]
+
+default_tsa = tsa_config1 # the default TSA section
+
+[ tsa_config1 ]
+
+# These are used by the TSA reply generation only.
+dir = /etc/pki/tls # TSA root directory
+serial = $dir/tsaserial # The current serial number (mandatory)
+crypto_device = builtin # OpenSSL engine to use for signing
+signer_cert = $dir/tsacert.pem # The TSA signing certificate
+ # (optional)
+certs = $dir/cacert.pem # Certificate chain to include in reply
+ # (optional)
+signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
+
+default_policy = tsa_policy1 # Policy if request did not specify it
+ # (optional)
+other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
+digests = md5, sha1 # Acceptable message digests (mandatory)
+accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
+clock_precision_digits = 0 # number of digits after dot. (optional)
+ordering = yes # Is ordering defined for timestamps?
+ # (optional, default: no)
+tsa_name = yes # Must the TSA name be included in the reply?
+ # (optional, default: no)
+ess_cert_id_chain = no # Must the ESS cert id chain be included?
+ # (optional, default: no)
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/openssl.cnf.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/openssl.cnf.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/openssl.cnf.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/openssl.cnf.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,96 @@
+####################################################################
+[ req ]
+default_bits = 1024
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+x509_extensions = v3_ca # The extentions to add to the self signed cert
+
+# Passwords for private keys if not present they will be prompted for
+# input_password = secret
+# output_password = secret
+
+# This sets a mask for permitted string types. There are several options.
+# default: PrintableString, T61String, BMPString.
+# pkix : PrintableString, BMPString (PKIX recommendation before 2004)
+# utf8only: only UTF8Strings (PKIX recommendation after 2004).
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
+string_mask = utf8only
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = XX
+countryName_min = 2
+countryName_max = 2
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_default = Somewhere
+
+localityName = Locality Name (eg, city)
+
+0.organizationName = Organization Name (eg, company)
+0.organizationName_default = erp5.recipe.apache autogeneration
+
+# we can do this but it is not needed normally :-)
+#1.organizationName = Second Organization Name (eg, company)
+#1.organizationName_default = World Wide Web Pty Ltd
+
+organizationalUnitName = Organization Unit Name
+organizationalUnitName_default = Unknown
+
+commonName = Common Name
+commonName_default = %(server_name)s
+commonName_max = 64
+
+emailAddress = Email Address
+emailAddress_max = 64
+
+# SET-ex3 = SET extension number 3
+
+[ req_attributes ]
+challengePassword = A challenge password
+challengePassword_min = 4
+challengePassword_max = 20
+
+unstructuredName = An optional company name
+
+[ v3_ca ]
+
+
+# Extensions for a typical CA
+
+
+# PKIX recommendation.
+
+subjectKeyIdentifier=hash
+
+authorityKeyIdentifier=keyid:always,issuer
+
+# This is what PKIX recommends but some broken software chokes on critical
+# extensions.
+#basicConstraints = critical,CA:true
+# So we do this instead.
+basicConstraints = CA:true
+
+# Key usage: this is typical for a CA certificate. However since it will
+# prevent it being used as an test self-signed certificate it is best
+# left out by default.
+# keyUsage = cRLSign, keyCertSign
+
+# Some might want this also
+# nsCertType = sslCA, emailCA
+
+# Include email address in subject alt name: another PKIX recommendation
+# subjectAltName=email:copy
+# Copy issuer details
+# issuerAltName=issuer:copy
+
+# DER hex encoding of an extension: beware experts only!
+# obj=DER:02:03
+# Where 'obj' is a standard or added object
+# You can even override a supported extension:
+# basicConstraints= critical, DER:30:03:01:01:FF
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zeo.conf.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zeo.conf.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zeo.conf.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zeo.conf.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,17 @@
+# ZEO configuration file generated by SlapOS
+<zeo>
+ address %(zeo_ip)s:%(zeo_port)s
+ read-only false
+ invalidation-queue-size 100
+ pid-filename %(zeo_pid)s
+</zeo>
+
+<filestorage %(zeo_storagename)s>
+ path %(zeo_zodb)s
+</filestorage>
+
+<eventlog>
+ <logfile>
+ path %(zeo_event_log)s
+ </logfile>
+</eventlog>
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zope.conf.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zope.conf.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zope.conf.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zope.conf.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,62 @@
+## Zope 2 configuration file generated by SlapOS
+
+# Some defines
+%%define INSTANCE %(instance)s
+instancehome $INSTANCE
+
+# Used products
+%(products)s
+
+# Environment override
+<environment>
+ TMP %(tmp_directory)s
+ TMPDIR %(tmp_directory)s
+ HOME %(tmp_directory)s
+ PATH %(path)s
+</environment>
+
+# No need to debug
+debug-mode off
+
+# One thread is safe enough
+zserver-threads 1
+
+# File location
+pid-filename %(pid-filename)s
+lock-filename %(lock-filename)s
+
+# Logging configuration
+<eventlog>
+ <logfile>
+ path %(event_log)s
+ </logfile>
+</eventlog>
+<logger access>
+ <logfile>
+ path %(z2_log)s
+ </logfile>
+</logger>
+
+# Serving configuration
+<http-server>
+ address %(address)s
+</http-server>
+
+# ZODB configuration
+<zodb_db main>
+ mount-point /
+ <zeoclient>
+ server %(zeo_ip)s:%(zeo_port)s
+ storage %(zeo_storagename)s
+ name %(zeo_storagename)s
+ </zeoclient>
+</zodb_db>
+<zoperunner>
+ program $INSTANCE/bin/runzope
+</zoperunner>
+
+# ERP5 Timer Service
+%%import timerserver
+<timer-server>
+ interval 5
+</timer-server>
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zope.conf.simple.in
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zope.conf.simple.in?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zope.conf.simple.in (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/template/zope.conf.simple.in [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,63 @@
+## Zope 2 configuration file generated by SlapOS
+
+# Some defines
+%%define INSTANCE %(instance)s
+instancehome $INSTANCE
+
+# Used products
+%(products)s
+
+# Environment override
+<environment>
+ TMP %(tmp_directory)s
+ TMPDIR %(tmp_directory)s
+ HOME %(tmp_directory)s
+ PATH %(path)s
+</environment>
+
+# No need to debug
+debug-mode off
+
+# One thread is safe enough
+zserver-threads 1
+
+# File location
+pid-filename %(pid-filename)s
+lock-filename %(lock-filename)s
+
+# Logging configuration
+<eventlog>
+ <logfile>
+ path %(event_log)s
+ </logfile>
+</eventlog>
+<logger access>
+ <logfile>
+ path %(z2_log)s
+ </logfile>
+</logger>
+
+# Serving configuration
+<http-server>
+ address %(address)s
+</http-server>
+
+# ZODB configuration
+<zodb_db root>
+ # Main FileStorage database
+ <filestorage>
+ # See .../ZODB/component.xml for directives (sectiontype
+ # "filestorage").
+ path %(zodb_root_path)s
+ </filestorage>
+ mount-point /
+</zodb_db>
+<zoperunner>
+ program $INSTANCE/bin/runzope
+</zoperunner>
+
+# ERP5 Timer Service
+%%import timerserver
+<timer-server>
+ interval 5
+</timer-server>
Added: erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/testrunner.py
URL: http://svn.erp5.org/erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/testrunner.py?rev=43912&view=auto
==============================================================================
--- erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/testrunner.py (added)
+++ erp5/trunk/utils/slapos.recipe.erp5/src/slapos/recipe/erp5/testrunner.py [utf8] Wed Mar 2 18:08:13 2011
@@ -0,0 +1,11 @@
+import os
+import sys
+def runUnitTest(args):
+ env = os.environ.copy()
+ d = args[0]
+ env['OPENSSL_BINARY'] = d['openssl_binary']
+ env['TEST_CA_PATH'] = d['test_ca_path']
+ env['PATH'] = ':'.join([d['prepend_path']] + os.environ['PATH'].split(':'))
+ env['INSTANCE_HOME'] = d['instance_home']
+ env['REAL_INSTANCE_HOME'] = d['instance_home']
+ os.execve(d['call_list'][0], d['call_list'] + sys.argv[1:], env)
More information about the Erp5-report
mailing list