From 79c6112a2b4b21823267245c781ad055e300c46b Mon Sep 17 00:00:00 2001
From: Walter Huf <walter.huf@corvisa.com>
Date: Fri, 4 Apr 2014 15:02:13 -0500
Subject: [PATCH 1/3] Adds a restapi recipe

---
 attributes/restapi.rb              | 26 ++++++++++++++++
 recipes/restapi.rb                 | 43 ++++++++++++++++++++++++++
 recipes/restapi_apache2.rb         | 49 ++++++++++++++++++++++++++++++
 templates/default/restapi.conf.erb | 21 +++++++++++++
 templates/default/restapi.wsgi.erb | 23 ++++++++++++++
 5 files changed, 162 insertions(+)
 create mode 100644 attributes/restapi.rb
 create mode 100644 recipes/restapi.rb
 create mode 100644 recipes/restapi_apache2.rb
 create mode 100644 templates/default/restapi.conf.erb
 create mode 100644 templates/default/restapi.wsgi.erb

diff --git a/attributes/restapi.rb b/attributes/restapi.rb
new file mode 100644
index 0000000..b186d8b
--- /dev/null
+++ b/attributes/restapi.rb
@@ -0,0 +1,26 @@
+#
+# Cookbook Name:: ceph
+# Attributes:: restapi
+#
+# Copyright 2011, DreamHost Web Hosting
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+default['ceph']['restapi']['admin_email'] = 'admin@example.com'
+default['ceph']['restapi']['addr'] = '127.0.0.1:5000'	# vhost port
+default['ceph']['restapi']['name'] = nil		# don't add a servername line
+default['ceph']['restapi']['port'] = 5000		# add this port to the listening ports
+default['ceph']['restapi']['user'] = 'www-data'		# owner of keyring and logfile
+default['ceph']['restapi']['group'] = 'www-data'	# owner of keyring and logfile
+default['ceph']['restapi']['webserver_companion'] = 'apache2' # can be false
diff --git a/recipes/restapi.rb b/recipes/restapi.rb
new file mode 100644
index 0000000..6c558bd
--- /dev/null
+++ b/recipes/restapi.rb
@@ -0,0 +1,43 @@
+#
+# Author:: Kyle Bader <kyle.bader@dreamhost.com>
+# Cookbook Name:: ceph
+# Recipe:: restapi
+#
+# Copyright 2011, DreamHost Web Hosting
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+node.default['ceph']['is_restapi'] = true
+
+include_recipe 'ceph::conf'
+
+if node['ceph']['restapi']['webserver_companion']
+  # updates the webserver owner
+  include_recipe "ceph::restapi_#{node['ceph']['restapi']['webserver_companion']}"
+end
+
+config_section_name = 'client.restapi.' + node['hostname']
+config_section = { 'log_file' => '/var/log/ceph/restapi/restapi.log' }
+node.default['ceph']['config-sections'][config_section_name] = config_section
+
+directory '/var/log/ceph/restapi' do
+  owner node['ceph']['restapi']['user']
+  group node['ceph']['restapi']['group']
+  mode 0755
+  action :create
+end
+ceph_client 'restapi' do
+  caps('mon' => 'allow *', 'osd' => 'allow *')
+  owner node['ceph']['restapi']['user']
+  group node['ceph']['restapi']['group']
+end
diff --git a/recipes/restapi_apache2.rb b/recipes/restapi_apache2.rb
new file mode 100644
index 0000000..cc72f5b
--- /dev/null
+++ b/recipes/restapi_apache2.rb
@@ -0,0 +1,49 @@
+#
+# Author:: Kyle Bader <kyle.bader@dreamhost.com>
+# Cookbook Name:: ceph
+# Recipe:: restapi_apache2
+#
+# Copyright 2011, DreamHost Web Hosting
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# For EL, delete the current fastcgi configuration
+# and set the correct owners for dirs and logs
+d_owner = d_group = 'root'
+d_owner = d_group = 'apache' if node['platform_family'] == 'rhel'
+node.default['ceph']['restapi']['user'] = node['apache']['user']
+node.default['ceph']['restapi']['group'] = node['apache']['group']
+
+template '/usr/lib/ceph/restapi.wsgi' do
+  mode 0644
+  owner 'root'
+  group 'root'
+end
+
+file '/var/log/ceph/rest.log' do
+  owner d_owner
+  group d_group
+  mode '0644'
+  action :create
+end
+
+if node['ceph']['restapi']['port']
+  node.default['apache']['listen_ports'].push(node['ceph']['restapi']['port'])
+end
+
+include_recipe 'apache2'
+include_recipe 'apache2::mod_wsgi'
+
+web_app 'restapi' do
+  template 'restapi.conf.erb'
+end
diff --git a/templates/default/restapi.conf.erb b/templates/default/restapi.conf.erb
new file mode 100644
index 0000000..f0cc65f
--- /dev/null
+++ b/templates/default/restapi.conf.erb
@@ -0,0 +1,21 @@
+<VirtualHost <%= node['ceph']['restapi']['addr'] %> >
+<% if node['ceph']['restapi']['name'] -%>
+  ServerName <%= node['ceph']['restapi']['name'] %>
+<% end -%>
+  ServerAdmin <%= node['ceph']['restapi']['admin_email'] %>
+  DocumentRoot /var/www/
+
+  WSGIDaemonProcess cephrest user=<%=node['apache']['user']%> group=<%=node['apache']['group']%> processes=1 threads=5
+  WSGIScriptAlias / /usr/lib/ceph/restapi.wsgi
+
+  <Location />
+    WSGIProcessGroup cephrest
+    WSGIApplicationGroup %{GLOBAL}
+    Order deny,allow
+    Allow from all
+  </Location>
+
+  ErrorLog /var/log/<%= node['apache']['package'] %>/error.log
+  CustomLog /var/log/<%= node['apache']['package'] %>/ceph-rest-access.log proxy_combined
+  ServerSignature Off
+</VirtualHost>
diff --git a/templates/default/restapi.wsgi.erb b/templates/default/restapi.wsgi.erb
new file mode 100644
index 0000000..e1835bb
--- /dev/null
+++ b/templates/default/restapi.wsgi.erb
@@ -0,0 +1,23 @@
+#!/usr/bin/env python
+# vim: ts=4 sw=4 smarttab expandtab
+
+import sys
+
+# import now that env vars are available to imported module
+
+try:
+    import ceph_rest_api
+except EnvironmentError as e:
+    print >> sys.stderr, "Error importing ceph_rest_api: ", str(e)
+    sys.exit(1)
+
+# let other exceptions generate traceback
+
+application = ceph_rest_api.generate_app(
+    conf = None,
+    cluster = None,
+    clientname = 'client.restapi.<%=node['hostname']%>',
+    clientid = None,
+    args = []
+)
+

From e4a4973896c4c7a9d474de58d683b5331b823f5f Mon Sep 17 00:00:00 2001
From: Walter  Huf <walter.huf@corvisa.com>
Date: Tue, 14 Oct 2014 16:22:21 -0500
Subject: [PATCH 2/3] Adds apache2.4 support for the restapi

---
 templates/default/restapi.conf.erb | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/templates/default/restapi.conf.erb b/templates/default/restapi.conf.erb
index f0cc65f..683dd49 100644
--- a/templates/default/restapi.conf.erb
+++ b/templates/default/restapi.conf.erb
@@ -11,8 +11,12 @@
   <Location />
     WSGIProcessGroup cephrest
     WSGIApplicationGroup %{GLOBAL}
-    Order deny,allow
+    <%- if node[:apache][:version].to_f < 2.4 %>
+    Order allow,deny
     Allow from all
+    <%- else %>
+    Require all granted
+    <%- end %>
   </Location>
 
   ErrorLog /var/log/<%= node['apache']['package'] %>/error.log

From 3337ba432a1964e4e101ad3c45370671224273e4 Mon Sep 17 00:00:00 2001
From: Walter  Huf <walter.huf@corvisa.com>
Date: Tue, 14 Oct 2014 16:22:43 -0500
Subject: [PATCH 3/3] Adds kitchen tests for the restapi

---
 recipes/all_in_one.rb                  |  1 +
 test/integration/aio/bats/restapi.bats | 16 ++++++++++++++++
 2 files changed, 17 insertions(+)
 create mode 100644 test/integration/aio/bats/restapi.bats

diff --git a/recipes/all_in_one.rb b/recipes/all_in_one.rb
index 794f377..ab5013a 100644
--- a/recipes/all_in_one.rb
+++ b/recipes/all_in_one.rb
@@ -4,3 +4,4 @@
 include_recipe 'ceph::mds'
 include_recipe 'ceph::cephfs'
 include_recipe 'ceph::radosgw'
+include_recipe 'ceph::restapi'
diff --git a/test/integration/aio/bats/restapi.bats b/test/integration/aio/bats/restapi.bats
new file mode 100644
index 0000000..39fec2b
--- /dev/null
+++ b/test/integration/aio/bats/restapi.bats
@@ -0,0 +1,16 @@
+@test "restapi client key is generated" {
+  test -e /etc/ceph/ceph.client.restapi*
+}
+
+@test "restapi is configured" {
+  test -e /etc/apache2/sites-enabled/restapi.conf
+  grep -F 'WSGIScriptAlias / /usr/lib/ceph/restapi.wsgi' /etc/apache2/sites-enabled/restapi.conf > /dev/null
+}
+
+@test "restapi is listening on the port" {
+  netstat -lnpt | grep 5000
+}
+
+@test "restapi is responding with data" {
+  wget -q -O - http://127.0.0.1:5000/api/v0.1/mon_status | grep quorum > /dev/null
+}