Merge branch 'develop' into dist/risotto/risotto-2.8.0/develop

debian/control

@@ -28,6 +28,7 @@ Package: eole-risotto-all
 Architecture: any
 Depends: ${misc:Depends},
  eole-risotto,
+ eole-risotto-setting,
  python3-risotto-user,
  python3-risotto-setting,
  python3-risotto-provider,

debian/eole-risotto.postinst

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = configure ]; then
+    # Make sure the administrative user exists
+    if ! getent passwd risotto > /dev/null; then
+        adduser --system --home /nonexistent --no-create-home --group --gecos "User for risotto" risotto --quiet
+    fi
+fi
+
+exit 0

debian/risotto.service

@@ -0,0 +1 @@
+../risotto.service

debian/rules

@@ -8,4 +8,4 @@
 	dh $@
 
 override_dh_installsystemd:
-	dh_installsystemd -peole-risotto --no-enable --no-start --no-stop-on-upgrade
+	dh_installsystemd --name=risotto --no-enable --no-start --no-stop-on-upgrade

dicos/50_risotto.xml

@@ -2,10 +2,12 @@
 <creole>
     <files>
         <service>risotto</service>
-        <file filelist='risotto' name='/etc/risotto/risotto.conf' mkdir='True' rm='True'/>
-        <file filelist='risotto' name='/etc/systemd/system/risotto.service' mkdir='True' rm='True'/>
-        <file filelist='risotto' name='/etc/eole/eole-db.d/risotto.yml' mkdir='True' rm='True'/>
-        <file filelist='risotto' name='/etc/eole/eole-db.d/tiramisu.yml' mkdir='True' rm='True'/>
+        <service_access service='risotto'>
+            <port>8080</port>
+        </service_access>
+        <file name='/etc/risotto/risotto.conf' owner="risotto" mkdir='True' rm='True'/>
+        <file name='/etc/eole/eole-db.d/risotto.yml' mkdir='True' rm='True'/>
+        <file name='/etc/eole/eole-db.d/tiramisu.yml'/>
     </files>
     <variables>
         <family name='risotto'>
@@ -37,30 +39,14 @@
                 <value>/usr/share/risotto-message/messages</value>
             </variable>
             <variable name='risotto_cache_dir' type='filename' description='Emplacement du cache' hidden='True'>
-                <value>/srv/risotto/cache/risotto</value>
+                <value>/srv/risotto/cache</value>
             </variable>
             <variable name='risotto_seed_dir' type='filename' description='Emplacement des descriptions de services' hidden='True'>
                 <value>/srv/risotto/seed</value>
             </variable>
-            <variable name='risotto_factory_configuration_dir' type='filename' description='Emplacement de la configuration du provider factory' hidden='True'>
-                <value>/srv/factory/</value>
+            <variable name='risotto_images_dir' type='filename' description='Emplacement des images disques' hidden='True'>
+                <value>/srv/risotto/images</value>
             </variable>
         </family>
     </variables>
-    <constraints>
-    </constraints>
-    <help>
-        <variable name='risotto_configuration_dir'>Aide pour la variable risotto_configuration_dir</variable>
-        <variable name='risotto_temp_dir'>Aide pour la variable risotto_temp_dir</variable>
-        <variable name='risotto_default_user'>Aide pour la variable risotto_default_user</variable>
-        <variable name='risotto_main_dbname'>Aide pour la variable risotto_main_dbname</variable>
-        <variable name='risotto_tiramisu_dbname'>Aide pour la variable risotto_tiramisu_dbname</variable>
-        <variable name='risotto_db_user'>Aide pour la variable risotto_db_user</variable>
-        <variable name='risotto_tiramisu_db_user'>Aide pour la variable risotto_tiramisu_db_user</variable>
-        <variable name='risotto_db_address'>Aide pour la variable risotto_db_address</variable>
-        <variable name='risotto_messages_dir'>Aide pour la variable risotto_messages_dir</variable>
-        <variable name='risotto_cache_dir'>Aide pour la variable risotto_cache_dir</variable>
-        <variable name='risotto_seed_dir'>Aide pour la variable risotto_seed_dir</variable>
-        <variable name='risotto_factory_configuration_dir'>Aide pour la variable risotto_factory_configuration_dir</variable>
-    </help>
 </creole>

posttemplate/20-directories

@@ -1,7 +1,9 @@
 #!/bin/bash
 
-for dir in risotto_messages_dir risotto_cache_dir risotto_seed_dir; do
-    mkdir -p $(CreoleGet $dir)
+for dir in risotto_cache_dir risotto_seed_dir risotto_temp_dir risotto_configuration_dir risotto_images_dir; do
+    dirname=$(CreoleGet $dir)
+    mkdir -p $dirname
+    chown risotto: $dirname
 done
 
 exit 0

risotto.service

@@ -1,9 +1,12 @@
 [Unit]
 Description=risotto
+After=postgresql.service
 
 [Service]
-EnvironmentFile=/etc/risotto/risotto.conf
+Type=notify
 ExecStart=/usr/bin/risotto-server
+User=risotto
+Group=risotto
 
 [Install]
 WantedBy=multi-user.target

tmpl/risotto.conf

@@ -1,15 +1,40 @@
-CONFIGURATION_DIR=%%getVar('risotto_configuration_dir')
-PROVIDER_FACTORY_CONFIG_DIR=%%getVar('risotto_factory_configuration_dir')
-TMP_DIR=%%getVar('risotto_temp_dir')
-DEFAULT_USER=%%getVar('risotto_default_user')
-RISOTTO_DB_NAME=%%getVar('risotto_main_dbname')
-RISOTTO_DB_USER=%%getVar('risotto_db_user')
+CONFIGURATION_DIR=%%risotto_configuration_dir
+TMP_DIR="%%risotto_temp_dir"
+IMAGE_PATH="%%risotto_images_dir"
+DEFAULT_USER="%%risotto_default_user"
+RISOTTO_DB_NAME="%%risotto_main_dbname"
+RISOTTO_DB_USER="%%risotto_db_user"
 RISOTTO_DB_PASSWORD=replace_me
-TIRAMISU_DB_NAME=%%getVar('risotto_tiramisu_dbname')
-TIRAMISU_DB_USER=%%getVar('risotto_tiramisu_db_user')
+TIRAMISU_DB_NAME="%%risotto_tiramisu_dbname"
+TIRAMISU_DB_USER="%%risotto_tiramisu_db_user"
 TIRAMISU_DB_PASSWORD=replace_me
-DB_ADDRESS=%%getVar('risotto_db_address')
-MESSAGE_PATH=%%getVar('risotto_messages_dir')
-CACHE_ROOT_PATH=%%getVar('risotto_cache_dir')
-SRV_SEED_PATH=%%getVar('risotto_seed_dir')
-PYTHONPATH="/usr/lib/python3.6/dist-packages:$PYTHONPATH"
+RISOTTO_URL="http://%%nom_domaine_machine:8080/"
+DB_ADDRESS="%%risotto_db_address"
+MESSAGE_PATH="%%risotto_messages_dir"
+CACHE_ROOT_PATH="%%risotto_cache_dir"
+SRV_SEED_PATH="%%risotto_seed_dir"
+%set %%var = %%getVar('celeryrisotto_db_user', None)
+%if not %%is_empty(%%var)
+CELERYRISOTTO_DB_NAME="%%celeryrisotto_main_dbname"
+CELERYRISOTTO_DB_USER="%%var"
+CELERYRISOTTO_DB_PASSWORD=replace_me
+%end if
+%set %%var = %%getVar('lemur_db_user', None)
+%if not %%is_empty(%%var)
+LEMUR_DB_NAME="%%lemur_db_name"
+LEMUR_DB_USER="%%var"
+LEMUR_DB_PASSWORD='replace_me'
+%end if
+%set %%var = %%getVar('password_admin_username', None)
+%if not %%is_empty(%%var)
+PASSWORD_ADMIN_USERNAME="%%password_admin_username"
+PASSWORD_ADMIN_EMAIL="%%password_admin_email"
+PASSWORD_ADMIN_PASSWORD="%%password_admin_password"
+PASSWORD_DEVICE_IDENTIFIER="%%password_device_identifier"
+PASSWORD_URL="https://%%nom_domaine_machine:8001/"
+PASSWORD_LENGTH=%%password_length
+%end if
+%if %%getVar('lemur_db_name', None)
+PKI_ADMIN_PASSWORD="%%lemur_admin_password"
+PKI_ADMIN_EMAIL="%%lemur_admin_email"
+%end if

tmpl/risotto.yml

@@ -1,14 +1,14 @@
 %from os import listdir
-%set %%dbname = %%getVar('risotto_main_dbname')
+%set %%dbname = %%risotto_main_dbname
 ---
-dbuser: %%getVar('risotto_db_user')
+dbuser: %%risotto_db_user
 dbuser_options:
   - LOGIN
 privileges:
   %%{dbname}.public.*: 'ALL'
   %%{dbname}.public: 'ALL'
   %%{dbname}: 'ALL'
-dbhost: %%getVar('risotto_db_address')
+dbhost: %%risotto_db_address
 dbport: 5432
 dbtype: postgres
 dbname: %%dbname

tmpl/tiramisu.yml

@@ -1,16 +1,16 @@
-%set %%dbname = %%getVar('risotto_tiramisu_dbname')
+%set %%dbname = %%risotto_tiramisu_dbname
 ---
-dbuser: %%getVar('risotto_tiramisu_db_user')
+dbuser: %%risotto_tiramisu_db_user
 dbuser_options:
     - LOGIN
 privileges:
     %%{dbname}.public.*: 'ALL'
     %%{dbname}.public: 'ALL'
     %%{dbname}: 'ALL'
-dbhost: %%getVar('risotto_db_address')
+dbhost: %%risotto_db_address
 dbport: 5432
 dbtype: postgres
-dbname: %%getVar('risotto_tiramisu_dbname')
+dbname: %%risotto_tiramisu_dbname
 template: 'template0'
 pwd_files:
         - {'file': '/etc/risotto/risotto.conf', 'pattern': 'TIRAMISU_DB_PASSWORD='}