Commit e5a5101e authored by Łukasz Nowak's avatar Łukasz Nowak

caddy-frontend: Protect cluster naming

NAME_BASE is set on top of the file with informative warning, so that
developers are aware of consequences.
parent 120b5dc8
...@@ -26,7 +26,7 @@ md5sum = 204ea7abf93694cf3b0f1a08dcd57256 ...@@ -26,7 +26,7 @@ md5sum = 204ea7abf93694cf3b0f1a08dcd57256
[profile-master] [profile-master]
filename = instance-master.cfg.in filename = instance-master.cfg.in
md5sum = a86adb0791e2a00f4e8e4e2ce96221cf md5sum = 895d940da4dd9247a4ca2cbf216375e3
[profile-slave-list] [profile-slave-list]
filename = instance-slave-list.cfg.in filename = instance-slave-list.cfg.in
......
{% set aibcc_enabled = True %} {% set aibcc_enabled = True %}
{% import "caucase" as caucase with context %} {% import "caucase" as caucase with context %}
{#- DANGER! DANGER! #}
{#- Avoid touching the NAME_BASE, as it will result with backward incompatible cluster setup #}
{%- set NAME_BASE = 'caddy-frontend' %}
{#- DANGER! DANGER! #}
{%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] -%} {%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] -%}
{%- set GOOD_CIPHER_LIST = ['ECDHE-ECDSA-AES256-GCM-SHA384', 'ECDHE-RSA-AES256-GCM-SHA384', 'ECDHE-ECDSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-ECDSA-WITH-CHACHA20-POLY1305', 'ECDHE-RSA-WITH-CHACHA20-POLY1305', 'ECDHE-RSA-AES256-CBC-SHA', 'ECDHE-RSA-AES128-CBC-SHA', 'ECDHE-ECDSA-AES256-CBC-SHA', 'ECDHE-ECDSA-AES128-CBC-SHA', 'RSA-AES256-CBC-SHA', 'RSA-AES128-CBC-SHA', 'ECDHE-RSA-3DES-EDE-CBC-SHA', 'RSA-3DES-EDE-CBC-SHA'] %} {%- set GOOD_CIPHER_LIST = ['ECDHE-ECDSA-AES256-GCM-SHA384', 'ECDHE-RSA-AES256-GCM-SHA384', 'ECDHE-ECDSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-ECDSA-WITH-CHACHA20-POLY1305', 'ECDHE-RSA-WITH-CHACHA20-POLY1305', 'ECDHE-RSA-AES256-CBC-SHA', 'ECDHE-RSA-AES128-CBC-SHA', 'ECDHE-ECDSA-AES256-CBC-SHA', 'ECDHE-ECDSA-AES128-CBC-SHA', 'RSA-AES256-CBC-SHA', 'RSA-AES128-CBC-SHA', 'ECDHE-RSA-3DES-EDE-CBC-SHA', 'RSA-3DES-EDE-CBC-SHA'] %}
{#- Allow to pass only some parameters to frontend nodes #} {#- Allow to pass only some parameters to frontend nodes #}
...@@ -107,7 +111,6 @@ context = ...@@ -107,7 +111,6 @@ context =
{% set frontend_list = [] %} {% set frontend_list = [] %}
{% set frontend_section_list = [] %} {% set frontend_section_list = [] %}
{% set request_dict = {} %} {% set request_dict = {} %}
{% set namebase = 'caddy-frontend' %}
# XXX Dirty hack, not possible to define default value before # XXX Dirty hack, not possible to define default value before
{% set sla_computer_caddy_1_key = '-sla-1-computer_guid' %} {% set sla_computer_caddy_1_key = '-sla-1-computer_guid' %}
{% if not sla_computer_caddy_1_key in slapparameter_dict %} {% if not sla_computer_caddy_1_key in slapparameter_dict %}
...@@ -121,7 +124,7 @@ context = ...@@ -121,7 +124,7 @@ context =
# Here we request individually each frontend. # Here we request individually each frontend.
# The presence of sla parameters is checked and added if found # The presence of sla parameters is checked and added if found
{% for i in range(1, frontend_quantity + 1) %} {% for i in range(1, frontend_quantity + 1) %}
{% set frontend_name = "%s-%s" % (namebase, i) %} {% set frontend_name = "%s-%s" % (NAME_BASE, i) %}
{% set request_section_title = 'request-%s' % frontend_name %} {% set request_section_title = 'request-%s' % frontend_name %}
{% set sla_key = "-sla-%s-" % i %} {% set sla_key = "-sla-%s-" % i %}
{% set sla_key_length = sla_key | length %} {% set sla_key_length = sla_key | length %}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment