Skip to content

slapos
slapos
Commit c29f5f12 authored by Kazuhiko Shiozaki's avatar Kazuhiko Shiozaki
Browse files
Options

fixup! stack/erp5: support frontend-caucase-url-list option.

parent 671449b2
Hide whitespace changes
Inline Side-by-side
Showing with 3 additions and 7 deletions
stack/erp5/buildout.hash.cfg
View file @ c29f5f12
...@@ -90,7 +90,7 @@ md5sum = 2f3ddd328ac1c375e483ecb2ef5ffb57 ...@@ -90,7 +90,7 @@ md5sum = 2f3ddd328ac1c375e483ecb2ef5ffb57
[template-balancer] [template-balancer]
filename = instance-balancer.cfg.in filename = instance-balancer.cfg.in
md5sum = 0a989765ef1b7b71a959df9155d8d6a6 md5sum = e2d2a94caed4d8a45912cd37a96a08f6
[template-haproxy-cfg] [template-haproxy-cfg]
filename = haproxy.cfg.in filename = haproxy.cfg.in
......
stack/erp5/instance-balancer.cfg.in
View file @ c29f5f12
...@@ -67,11 +67,10 @@ input = ...@@ -67,11 +67,10 @@ input =
inline: inline:
#!${buildout:executable} #!${buildout:executable}
import glob import glob
import hashlib
import os import os
import subprocess import subprocess
hash_list = {{ repr(frontend_caucase_url_hash_list) }} hash_list = {{ repr(frontend_caucase_url_hash_list) }}
crt_list = ['dummy.crt'] + ['%s.crt' % e for e in hash_list] crt_list = ['%s.crt' % e for e in hash_list]
crl_list = ['%s.crl' % e for e in hash_list] crl_list = ['%s.crl' % e for e in hash_list]
for path in glob.glob('${apache-conf-ssl:ca-cert-dir}/*.crt'): for path in glob.glob('${apache-conf-ssl:ca-cert-dir}/*.crt'):
if os.path.basename(path) not in crt_list: if os.path.basename(path) not in crt_list:
...@@ -95,7 +94,6 @@ input = ...@@ -95,7 +94,6 @@ input =
recipe = plone.recipe.command recipe = plone.recipe.command
command = ${caucase-updater-housekeeper:output} command = ${caucase-updater-housekeeper:output}
update-command = ${:command} update-command = ${:command}
{% do section('caucase-updater-housekeeper-run') -%}
{% endif -%} {% endif -%}
{% set haproxy_dict = {} -%} {% set haproxy_dict = {} -%}
...@@ -184,11 +182,9 @@ key = ${directory:apache-conf}/apache.pem ...@@ -184,11 +182,9 @@ key = ${directory:apache-conf}/apache.pem
caucase-cert = ${directory:apache-conf}/apache-caucase.crt caucase-cert = ${directory:apache-conf}/apache-caucase.crt
caucase-key = ${directory:apache-conf}/apache-caucase.pem caucase-key = ${directory:apache-conf}/apache-caucase.pem
{% if ssl_parameter_dict['frontend-caucase-url-list'] -%} {% if ssl_parameter_dict['frontend-caucase-url-list'] -%}
depends = ${caucase-updater-housekeeper-run:recipe}
ca-cert-dir = ${directory:apache-ca-cert-dir} ca-cert-dir = ${directory:apache-ca-cert-dir}
crl-dir = ${directory:apache-crl-dir} crl-dir = ${directory:apache-crl-dir}
# Create a dummy CA because Apache will not start if SSLCACertificatePath directoy is empty.
recipe = plone.recipe.command
command = "{{ parameter_dict['openssl'] }}/bin/openssl" req -newkey rsa -batch -new -x509 -days 3650 -nodes -keyout /dev/null -out "${:ca-cert-dir}/dummy.crt" && {{ parameter_dict['openssl'] }}/bin/c_rehash "${:ca-cert-dir}"
{%- endif %} {%- endif %}
[simplefile] [simplefile]
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7