apache-frontend: Frontend can now handle both custom and default slaves

software/apache-frontend/instance-apache-frontend.cfg

@@ -168,7 +168,8 @@ extra-context =
     key local_ipv4 instance-parameter:ipv4-random
     key cache_port apache-configuration:cache-port
     raw empty_template ${template-empty:target}
-    raw template_slave_configuration ${template-slave-configuration:target}
+    raw template_custom_slave_configuration ${template-slave-configuration:target}
+    raw template_default_slave_configuration ${template-default-slave-virtualhost:target}
     raw template_rewrite_cached ${template-rewrite-cached:target}
     raw software_type single-custom-personal
     section logrotate_dict logrotate

software/apache-frontend/instance-apache-replicate.cfg.in

@@ -61,6 +61,17 @@ sla-{{ parameter }} = {{ slapparameter_dict.pop( sla_key + parameter ) }}
 {%   endif -%}
 {% endfor -%}
 
+{% set authorized_slave_string = slapparameter_dict.pop('-frontend-authorized-slave-string', '') -%}
+{% set authorized_slave_list = [] %}
+{% set rejected_slave_list = [] %}
+{% for slave in slave_instance_list %}
+{%   if not (slave.has_key('apache_custom_http') and not slave.get('slave_reference') in authorized_slave_string) %}
+{%     do authorized_slave_list.append(slave) %}
+{%   else %}
+{%     do rejected_slave_list.append(slave.get('slave_reference')) %}
+{%   endif %}
+{% endfor -%}
+
 [replicate]
 <= slap-connection
 recipe = slapos.cookbook:requestoptional
@@ -76,13 +87,16 @@ config = {{ ' '.join(slapparameter_dict.keys()) + ' ' + slave_list_name }}
 {% for parameter, value in slapparameter_dict.iteritems() -%}
 config-{{parameter}} = {{ value }}
 {% endfor -%}
-config-{{ slave_list_name }} = {{ json_module.dumps(slave_instance_list) }}
+config-{{ slave_list_name }} = {{ json_module.dumps(authorized_slave_list) }}
 connection-monitor_url =
 
 [publish-information]
 recipe = slapos.cookbook:publish
 domain = {{ slapparameter_dict.get('domain') }}
 slave-amount = {{ slave_instance_list | length }}
+accepted-slave-amount = {{ authorized_slave_list | length }}
+rejected-slave-amount = {{ rejected_slave_list | length }}
+rejected-slave-list = {{ json_module.dumps(rejected_slave_list) }}
 {% for frontend in frontend_section_list %}
 {{ frontend }}-monitor-url = {{ '${' + frontend + ':connection-monitor_url}' }}
 {% endfor -%}

software/apache-frontend/templates/apache-custom-slave-list.cfg.in

@@ -3,6 +3,7 @@
 {% set cached_server_dict = {} -%}
 {% set part_list = [] -%}
 {% set cache_access = "http://%s:%s" % (local_ipv4, cache_port) -%}
+{% set TRUE_VALUES = ['y', 'yes', '1', 'true'] -%}
 {% set generic_instance_parameter_dict = {'cache_access': cache_access,} -%}
 {% set slave_log_dict = {} -%}
 {% if extra_slave_instance_list -%}
@@ -29,8 +30,11 @@ context =
 {%   set slave_reference = slave_instance.get('slave_reference') -%}
 {%   set slave_section_title = 'dynamic-template-slave-instance-%s' % slave_reference -%}
 {%   set slave_parameter_dict = generic_instance_parameter_dict.copy() -%}
+{%   set slave_publish_dict = {} -%}
 {%   do part_list.append(slave_section_title) -%}
 
+############################
+#### Set Slave Log Directory and access
 
 {%   set slave_directory_section = slave_reference + "-directory" -%}
 {%   set slave_log_folder = logrotate_dict.get('backup') + '/' + slave_reference + "-logs" -%}
@@ -41,6 +45,8 @@ log-folder = {{slave_log_folder}}
 # Set Up log files
 {%   do slave_parameter_dict.__setitem__('access_log', '/'.join([apache_log_directory, '%s_access_log' % slave_reference])) -%}
 {%   do slave_parameter_dict.__setitem__('error_log', '/'.join([apache_log_directory, '%s_error_log' % slave_reference])) -%}
+{%       do slave_instance.__setitem__('access_log', slave_parameter_dict.get('access_log')) -%}
+{%       do slave_instance.__setitem__('error_log', slave_parameter_dict.get('error_log')) -%}
 
 # Set slave logrotate entry
 {%   set slave_logrotate_section = slave_reference + "-logs" -%}
@@ -85,17 +91,11 @@ command = {{frontend_configuration.get('apache-directory')}}/bin/htpasswd -cb ${
 # Add slave log directory to the slave log access dict
 {%   do slave_log_dict.__setitem__(slave_reference, slave_log_folder) %}
 
-# Set up apache configuration file for slave
-[{{ slave_section_title }}]
-< = jinja2-template-base
-template = {{ template_slave_configuration }}
-filename = {{ '%s.conf' % slave_reference }}
-extra-context =
-    key apache_custom_https {{ 'slave-instance-%s-configuration:apache_custom_https' % slave_reference }}
-    key apache_custom_http {{ 'slave-instance-%s-configuration:apache_custom_http' % slave_reference }}
-    raw https_port {{ https_port }}
-    raw http_port {{ http_port }}
-{{ '\n' }}
+{%   set slave_log_access_url = 'https://' + slave_reference + ':${'+ slave_password_section +':passwd}@[' + frontend_configuration.get('apache-ipv6') + ']:' + frontend_configuration.get('apache-https-port') + '/' + slave_reference.lower() + '/' %}
+{%   do slave_publish_dict.__setitem__('log-access', slave_log_access_url) %}
+
+############################
+#### Set Slave Certificates if needed
 
 # Set ssl certificates for each slave
 {%   for cert_name in ('ssl_key', 'ssl_crt', 'ssl_ca_crt', 'ssl_csr')-%}
@@ -104,6 +104,7 @@ extra-context =
 {%       set cert_file = '/'.join([custom_ssl_directory, cert_title.replace('-','.')]) -%}
 {%       do part_list.append(cert_title) -%}
 {%       do slave_parameter_dict.__setitem__(cert_name, cert_file) -%}
+{%       do slave_instance.__setitem__('path_to_' + cert_name, cert_file) -%}
 # Store certificates on fs
 [{{ cert_title }}]
 < = jinja2-template-base
@@ -117,31 +118,95 @@ value = {{ dumps(slave_instance.get(cert_name)) }}
 {%     endif -%}
 {%   endfor -%}
 
+############################
+#### Set Slave Configuration
+
+{%   if slave_instance.has_key('apache_custom_http') %}
+#### Set Configuration for custom slaves
+
+# Set up apache configuration file for slave
+[{{ slave_section_title }}]
+< = jinja2-template-base
+template = {{ template_custom_slave_configuration }}
+filename = {{ '%s.conf' % slave_reference }}
+extra-context =
+    key apache_custom_https {{ 'slave-instance-%s-configuration:apache_custom_https' % slave_reference }}
+    key apache_custom_http {{ 'slave-instance-%s-configuration:apache_custom_http' % slave_reference }}
+    raw https_port {{ https_port }}
+    raw http_port {{ http_port }}
+{{ '\n' }}
+
+
 # Set apache configuration value for slave
 [{{ ('slave-instance-%s-configuration' % slave_reference) }}]
-{% set apache_custom_http = ((slave_instance.get('apache_custom_http', '')) % slave_parameter_dict) -%}
-{% set apache_custom_https = ((slave_instance.get('apache_custom_https', '')) % slave_parameter_dict) -%}
+{%   set apache_custom_http = ((slave_instance.get('apache_custom_http', '')) % slave_parameter_dict) -%}
+{%   set apache_custom_https = ((slave_instance.get('apache_custom_https', '')) % slave_parameter_dict) -%}
 apache_custom_http = {{ dumps(apache_custom_http) }}
 apache_custom_https = {{ dumps(apache_custom_https) }}
 {{ '\n' }}
 
 # The slave use cache
-{%   if 'enable_cache' in slave_instance and 'url' in slave_instance and 'domain' in slave_instance -%}
-{%     do cached_server_dict.__setitem__(slave_instance.get('domain'), slave_instance.get('url')) -%}
+{%     if 'enable_cache' in slave_instance and 'url' in slave_instance and 'domain' in slave_instance -%}
+{%       do cached_server_dict.__setitem__(slave_instance.get('domain'), slave_instance.get('url')) -%}
+{%     endif -%}
+
+# Publish information
+{%     do slave_publish_dict.update(**{'slave-reference':slave_instance.get('slave_reference'), 'public-ipv4':public_ipv4, 'log-access': slave_log_access_url}) %}
+
+{%   else %}
+#### Set Configuration for default slaves
+
+# Set slave domain if none was defined
+{%     if slave_instance.get('custom_domain', None) == None -%}
+{%       do slave_instance.__setitem__('custom_domain', "%s.%s" % (slave_instance.get('slave_reference').replace("-", "").lower(), slapparameter_dict.get('domain'))) -%}
+{%     endif -%}
+
+# The slave use cache
+# Next line is forbidden and people who copy it will be hanged short
+{%     set enable_cache = ('' ~ slave_instance.get('enable_cache', '')).lower() in TRUE_VALUES -%}
+{%     if enable_cache -%}
+{%       do cached_server_dict.__setitem__(slave_instance.get('custom_domain'), slave_instance.get('url')) -%}
+{%       do slave_instance.__setitem__('url', cache_access) -%}
+{%     endif -%}
+{%     do part_list.append(slave_section_title) -%}
+
+
+[{{ ('slave-instance-%s-configuration' % slave_reference) }}]
+{%     for key, value in slave_instance.iteritems() -%}
+{{ key }} = {{ dumps(value) }}
+{%     endfor %}
+
+# Set up slave configuration file
+[{{ slave_section_title }}]
+< = jinja2-template-base
+template = {{ template_default_slave_configuration }}
+filename = {{ '%s.conf' % slave_reference }}
+
+extensions = jinja2.ext.do
+extra-context =
+    section slave_parameter {{ 'slave-instance-%s-configuration' % slave_reference }}
+    raw https_port {{ https_port }}
+    raw http_port {{ http_port }}
+{{ '\n' }}
+
+{%     do slave_publish_dict.update(**{'slave-reference':slave_instance.get('slave_reference'), 'public-ipv4':public_ipv4, 'domain':slave_instance.get('custom_domain'), 'url':"http://%s" % slave_instance.get('custom_domain'), 'site_url':"http://%s" % slave_instance.get('custom_domain')}) %}
+
 {%   endif -%}
 
+############################
+#### Publish Slave Information
+
 # Publish slave information
-{%   set slave_log_access_url = 'https://' + slave_reference + ':${'+ slave_password_section +':passwd}@[' + frontend_configuration.get('apache-ipv6') + ']:' + frontend_configuration.get('apache-https-port') + '/' + slave_reference.lower() + '/' %}
 {%   if not extra_slave_instance_list -%}
 {%     set publish_section_title = 'publish-%s-connection-information' % slave_instance.get('slave_reference') -%}
 {%     do part_list.append(publish_section_title) -%}
 [{{ publish_section_title }}]
 recipe = slapos.cookbook:publish
-public-ipv4 = {{ public_ipv4 }}
-log-access = {{ slave_log_access_url }}
--slave-reference = {{ slave_instance.get('slave_reference') }}
+{%     for key, value in slave_publish_dict.iteritems() %}
+{{ key }} = {{ value }}
+{%     endfor %}
 {%   else -%}
-{%     do slave_instance_information_list.append({'slave-reference':slave_instance.get('slave_reference'), 'public-ipv4':public_ipv4, 'log-access': slave_log_access_url}) -%}
+{%     do slave_instance_information_list.append(slave_publish_dict) -%}
 {%   endif -%}
 {% endfor -%}
 

software/apache-frontend/templates/default-virtualhost.conf.in

 {% set TRUE_VALUES = ['y', 'yes', '1', 'true'] -%}
  
 <VirtualHost *:{{ https_port }}>
-  ServerName {{ slave_parameter.get('domain') }}
-  ServerAlias {{ slave_parameter.get('domain') }}
+  ServerName {{ slave_parameter.get('custom_domain') }}
+  ServerAlias {{ slave_parameter.get('custom_domain') }}
 
   SSLEngine on
   SSLProxyEngine on
@@ -23,10 +23,10 @@
 
 
   # One Slave two logs
-  ErrorLog "{{ error_log }}"
+  ErrorLog "{{ slave_parameter.get('error_log') }}"
   LogLevel info
   LogFormat "%h %l %{REMOTE_USER}i %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D" combined
-  CustomLog "{{ access_log }}" combined
+  CustomLog "{{ slave_parameter.get('access_log') }}" combined
 
   # Rewrite part
   ProxyVia On
@@ -38,15 +38,15 @@
   # First, we check if we have a zope backend server
   # If so, let's use Virtual Host Daemon rewrite
   # We suppose that Apache listens to 443 (even indirectly thanks to things like iptables)
-  RewriteRule ^/(.*)$ {{ slave_parameter.get('url', '') }}/VirtualHostBase/https/{{ slave_parameter.get('domain', '') }}:443/{{ slave_parameter.get('path', '') }}/VirtualHostRoot/$1 [L,P]
+  RewriteRule ^/(.*)$ {{ slave_parameter.get('url', '') }}/VirtualHostBase/https/{{ slave_parameter.get('custom_domain', '') }}:443/{{ slave_parameter.get('path', '') }}/VirtualHostRoot/$1 [L,P]
 {% else -%}
   RewriteRule ^/(.*)$ {{ slave_parameter.get('url', '') }}/$1 [L,P]
 {% endif -%}
 </VirtualHost>
 
 <VirtualHost *:{{ http_port }}>
-  ServerName {{ slave_parameter.get('domain') }}
-  ServerAlias {{ slave_parameter.get('domain') }}
+  ServerName {{ slave_parameter.get('custom_domain') }}
+  ServerAlias {{ slave_parameter.get('custom_domain') }}
   SSLProxyEngine on
   # Rewrite part
   ProxyVia On
@@ -55,10 +55,10 @@
   RewriteEngine On
 
   # One Slave two logs
-  ErrorLog "{{ error_log }}"
+  ErrorLog "{{ slave_parameter.get('error_log') }}"
   LogLevel info
   LogFormat "%h %l %{REMOTE_USER}i %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D" combined
-  CustomLog "{{ access_log }}" combined
+  CustomLog "{{ slave_parameter.get('access_log') }}" combined
 
   # Remove "Secure" from cookies, as backend may be https
   Header edit Set-Cookie "(?i)^(.+);secure$" "$1"
@@ -75,7 +75,7 @@
   # First, we check if we have a zope backend server
   # If so, let's use Virtual Host Daemon rewrite
   # We suppose that Apache listens to 80 (even indirectly thanks to things like iptables)
-  RewriteRule ^/(.*)$ {{ slave_parameter.get('url', '') }}/VirtualHostBase/http/{{ slave_parameter.get('domain', '') }}:80/{{ slave_parameter.get('path', '') }}/VirtualHostRoot/$1 [L,P]
+  RewriteRule ^/(.*)$ {{ slave_parameter.get('url', '') }}/VirtualHostBase/http/{{ slave_parameter.get('custom_domain', '') }}:80/{{ slave_parameter.get('path', '') }}/VirtualHostRoot/$1 [L,P]
 {% else -%}
   RewriteRule ^/(.*)$ {{ slave_parameter.get('url', '') }}/$1 [L,P]
 {% endif -%}