From 3860f1bb528503f6f2fb38d79d207d13498bc226 Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 13 Jul 2020 13:16:34 +0200 Subject: Sort master/workers keywords The keyword list is too long, so split it in multiline, one letter per line. --- lavalab-gen.py | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) (limited to 'lavalab-gen.py') diff --git a/lavalab-gen.py b/lavalab-gen.py index 55020d4..521deda 100755 --- a/lavalab-gen.py +++ b/lavalab-gen.py @@ -114,7 +114,21 @@ def main(): else: masters = workers["masters"] for master in masters: - keywords_master = [ "name", "type", "host", "users", "groups", "tokens", "webadmin_https", "persistent_db", "zmq_auth", "zmq_auth_key", "zmq_auth_key_secret", "http_fqdn", "slave_keys", "slaveenv", "loglevel", "allowed_hosts", "lava-coordinator", "healthcheck_url", "smtp", "version", "build_args" ] + keywords_master = [ + "allowed_hosts", + "build_args", + "groups", + "healthcheck_url", "host", "http_fqdn", + "loglevel", "lava-coordinator", + "name", + "persistent_db", + "slave_keys", "slaveenv", "smtp", + "tokens", "type", + "users", + "version", + "webadmin_https", + "zmq_auth", "zmq_auth_key", "zmq_auth_key_secret", + ] for keyword in master: if not keyword in keywords_master: print("WARNING: unknown keyword %s" % keyword) @@ -373,7 +387,22 @@ def main(): else: slaves = workers["slaves"] for slave in slaves: - keywords_slaves = [ "name", "host", "dispatcher_ip", "remote_user", "remote_master", "remote_address", "remote_rpc_port", "remote_proto", "extra_actions", "zmq_auth_key", "zmq_auth_key_secret", "default_slave", "export_ser2net", "expose_ser2net", "remote_user_token", "zmq_auth_master_key", "expose_ports", "env", "bind_dev", "loglevel", "use_nfs", "arch", "devices", "lava-coordinator", "use_tap", "host_healthcheck", "use_tftp", "use_nbd", "use_overlay_server", "tags", "use_docker", "version", "custom_volumes","build_args" ] + keywords_slaves = [ + "arch", + "bind_dev", "build_args", + "custom_volumes", + "devices", "dispatcher_ip", "default_slave", + "extra_actions", "export_ser2net", "expose_ser2net", "expose_ports", "env", + "host", "host_healthcheck", + "loglevel", "lava-coordinator", + "name", + "remote_user", "remote_master", "remote_address", "remote_rpc_port", "remote_proto", "remote_user_token", + "tags", + "use_docker", "use_nfs", "use_nbd", "use_overlay_server", "use_tftp", "use_tap", + "version", + "zmq_auth_key", "zmq_auth_key_secret", + "zmq_auth_master_key", + ] for keyword in slave: if not keyword in keywords_slaves: print("WARNING: unknown keyword %s" % keyword) -- cgit 1.2.3-korg From 3fa641e74700acad323fe19f1eadb285aeb1dd66 Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 13 Jul 2020 13:25:52 +0200 Subject: Permit to set the postgres lavaserver password By setting pg_lava_password, the final lavaserver password will be set to this value. --- README.md | 1 + lava-master/Dockerfile | 2 ++ lava-master/entrypoint.d/01_setup.sh | 7 +++++-- lavalab-gen.py | 9 ++++++++- 4 files changed, 16 insertions(+), 3 deletions(-) (limited to 'lavalab-gen.py') diff --git a/README.md b/README.md index 5895a51..bb4b02f 100644 --- a/README.md +++ b/README.md @@ -221,6 +221,7 @@ masters: slave_keys: optional path to a directory with slaves public key. Usefull when you want to create a master without slaves nodes in boards.yaml. lava-coordinator: Does the master should ran a lava-coordinator and export its port persistent_db: True/False (default False) Is the postgres DB is persistent over reboot + pg_lava_password: The Postgres lavaserver password to set http_fqdn: The FQDN used to access the LAVA web interface. This is necessary if you use https otherwise you will issue CSRF errors. healthcheck_url: Hack healthchecks hosting URL. See hosting healthchecks below build_args: diff --git a/lava-master/Dockerfile b/lava-master/Dockerfile index 5bf989a..6396253 100644 --- a/lava-master/Dockerfile +++ b/lava-master/Dockerfile @@ -39,6 +39,8 @@ COPY apache2/ /etc/apache2/ # Fixes 'postgresql ERROR: invalid locale name: "en_US.UTF-8"' when restoring a backup RUN echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && locale-gen en_US.UTF-8 +COPY pg_lava_password /root + # TODO: send this fix to upstream RUN sed -i 's,find /root/entrypoint.d/ -type f,find /root/entrypoint.d/ -type f | sort,' /root/entrypoint.sh # TODO: send this fix to upstream diff --git a/lava-master/entrypoint.d/01_setup.sh b/lava-master/entrypoint.d/01_setup.sh index 53db47e..95b180b 100755 --- a/lava-master/entrypoint.d/01_setup.sh +++ b/lava-master/entrypoint.d/01_setup.sh @@ -1,8 +1,11 @@ #!/bin/bash # always reset the lavaserver user, since its password could have been reseted in a "docker build --nocache" -if [ ! -e /root/pg_lava_password ];then - < /dev/urandom tr -dc A-Za-z0-9 | head -c16 > /root/pg_lava_password +if [ ! -s /root/pg_lava_password ];then + echo "DEBUG: Generating a random LAVA password" + < /dev/urandom tr -dc A-Za-z0-9 | head -c16 > /root/pg_lava_password +else + echo "DEBUG: use the given LAVA password" fi sudo -u postgres psql -c "ALTER USER lavaserver WITH PASSWORD '$(cat /root/pg_lava_password)';" || exit $? if [ -e /etc/lava-server/instance.conf ];then diff --git a/lavalab-gen.py b/lavalab-gen.py index 521deda..fbe2df9 100755 --- a/lavalab-gen.py +++ b/lavalab-gen.py @@ -121,7 +121,7 @@ def main(): "healthcheck_url", "host", "http_fqdn", "loglevel", "lava-coordinator", "name", - "persistent_db", + "persistent_db", "pg_lava_password", "slave_keys", "slaveenv", "smtp", "tokens", "type", "users", @@ -172,6 +172,13 @@ def main(): groupdir = "%s/groups" % workerdir os.mkdir(groupdir) worker = master + if "pg_lava_password" in master: + f_pg = open("%s/pg_lava_password" % workerdir, 'w') + f_pg.write(master["pg_lava_password"]) + f_pg.close() + else: + f_pg = open("%s/pg_lava_password" % workerdir, 'w') + f_pg.close() if "version" in worker: dockerfile = open("%s/Dockerfile" % workerdir, "r+") dockerfilec = re.sub('(^FROM.*:).*', '\g<1>%s' % worker["version"], dockerfile.read()) -- cgit 1.2.3-korg From adf3a341befabd3860d90341dd51554fd81d2fbf Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 13 Jul 2020 13:27:31 +0200 Subject: Persistent DB need /etc/lava-server to be kept. Since the LAVA DB password is set in /etc/lava-server/, we need to keep it accross restart. So put /etc/lava-server on a volume. This will also permit to keep some live configuration like dispatcher IP. --- lavalab-gen.py | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lavalab-gen.py') diff --git a/lavalab-gen.py b/lavalab-gen.py index fbe2df9..eec6614 100755 --- a/lavalab-gen.py +++ b/lavalab-gen.py @@ -159,8 +159,11 @@ def main(): if persistent_db: pg_volume_name = "pgdata_" + name dockcomp["services"][name]["volumes"].append(pg_volume_name + ":/var/lib/postgresql") + etc_volume_name = "lava_etc_" + name + dockcomp["services"][name]["volumes"].append(etc_volume_name + ":/etc/lava-server/") dockcomp["services"][name]["volumes"].append("lava_job_output:/var/lib/lava-server/default/media/job-output/") dockcomp["volumes"] = {} + dockcomp["volumes"][etc_volume_name] = {} dockcomp["volumes"][pg_volume_name] = {} dockcomp["volumes"]["lava_job_output"] = {} -- cgit 1.2.3-korg