Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos-caddy
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Guillaume Hervier
slapos-caddy
Commits
a7c361d7
Commit
a7c361d7
authored
Mar 07, 2017
by
Gabriel Monnerat
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
nginx: Generate password and setup Nginx with authentification
Also, publish connection information to SlapOS
parent
32459e14
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
45 additions
and
17 deletions
+45
-17
software/nginx-push-stream/instance-nginx.cfg.in
software/nginx-push-stream/instance-nginx.cfg.in
+33
-12
software/nginx-push-stream/software.cfg
software/nginx-push-stream/software.cfg
+7
-3
software/nginx-push-stream/template-nginx.cfg.in
software/nginx-push-stream/template-nginx.cfg.in
+5
-2
No files found.
software/nginx-push-stream/instance-nginx.cfg.in
View file @
a7c361d7
{% set part_list = [] -%}
[buildout]
{% set crontab_line_list = [] -%}
parts =
nginx-service
htpasswd
htpasswd-runner
publish-connection-information
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[directory]
[directory]
recipe = slapos.cookbook:mkdirectory
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
etc = $${buildout:directory}/etc
...
@@ -35,23 +44,35 @@ error_log = $${directory:log}/nginx-error.log
...
@@ -35,23 +44,35 @@ error_log = $${directory:log}/nginx-error.log
ip = $${slap-network-information:global-ipv6}
ip = $${slap-network-information:global-ipv6}
local_ip = $${slap-network-information:local-ipv4}
local_ip = $${slap-network-information:local-ipv4}
port = 9443
port = 9443
publisher_location_prefix = /pub
publisher_push_stream_store_messages = off
publisher_push_stream_store_messages = off
publisher_client_max_body_size = 16k
publisher_client_max_body_size = 16k
publisher_client_body_buffer_size = 16k
publisher_client_body_buffer_size = 16k
subscriber_allow_origin = '*'
subscriber_allow_origin = '*'
subscriber_location_prefix = /sub
# Prevent to use credential if origin is star
# Prevent to use credential if origin is star
subscriber_allow_credential = 'false'
subscriber_allow_credential = 'false'
subscriber_allow_methods = 'GET, HEAD, OPTIONS'
subscriber_allow_methods = 'GET, HEAD, OPTIONS'
subscriber_allow_headers = 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'
subscriber_allow_headers = 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'
# Add parts generated by template
[htpasswd]
[buildout]
recipe = slapos.cookbook:generate.password
parts =
storage-path = $${directory:etc}/.pwd
nginx-service
bytes = 8
{% for part in part_list -%}
{{ ' %s' % part }}
{% endfor -%}
eggs-directory = ${buildout:eggs-directory}
[htpasswd-runner]
develop-eggs-directory = ${buildout:develop-eggs-directory}
recipe = plone.recipe.command
offline = true
stop-on-error = true
htpasswd-path = $${directory:etc}/.htpasswd
command = if [ ! -f "$${:htpasswd-path}" ]; then ${buildout:bin-directory}/htpasswd -cb $${:htpasswd-path} $${:user} $${:password}; fi
update-command = $${:command}
user = admin
password = $${htpasswd:passwd}
[publish-connection-information]
recipe = slapos.cookbook:publish
init-password = $${htpasswd:passwd}
init-user = $${htpasswd-runner:user}
publisher-url = http://$${htpasswd-runner:user}:$${htpasswd:passwd}@[$${nginx-configuration:ip}]:$${nginx-configuration:port}$${nginx-configuration:publisher_location_prefix}
subscriber-url = http://$${htpasswd-runner:user}:$${htpasswd:passwd}@[$${nginx-configuration:ip}]:$${nginx-configuration:port}$${nginx-configuration:subscriber_location_prefix}
software/nginx-push-stream/software.cfg
View file @
a7c361d7
...
@@ -13,6 +13,10 @@ parts =
...
@@ -13,6 +13,10 @@ parts =
template-nginx-service
template-nginx-service
template-nginx
template-nginx
[slapos-cookbook]
eggs +=
slapos.toolbox
[template]
[template]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
url = ${:_profile_base_location_}/instance.cfg.in
...
@@ -30,17 +34,17 @@ mode = 0644
...
@@ -30,17 +34,17 @@ mode = 0644
[template-nginx-configuration]
[template-nginx-configuration]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/template-nginx.cfg.in
url = ${:_profile_base_location_}/template-nginx.cfg.in
md5sum =
58cd6a59089ab93bb3ec0f5d12888500
md5sum =
f5658154b82282bc1871f18ddf4529d8
output = ${buildout:directory}/template-nginx.cfg.in
output = ${buildout:directory}/template-nginx.cfg.in
mode = 0644
mode = 0644
[template-nginx]
[template-nginx]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-nginx.cfg.in
url = ${:_profile_base_location_}/instance-nginx.cfg.in
md5sum =
478085d0abb0ffc0b259c038bddae205
md5sum =
936fea88f5548c4f14e287f1b27dc127
output = ${buildout:directory}/instance-nginx.cfg.in
output = ${buildout:directory}/instance-nginx.cfg.in
mode = 0644
mode = 0644
[versions]
[versions]
plone.recipe.command = 1.1
slapos.recipe.template = 2.7
slapos.recipe.template = 2.7
slapos.toolbox = 0.65
software/nginx-push-stream/template-nginx.cfg.in
View file @
a7c361d7
...
@@ -65,12 +65,15 @@ server {
...
@@ -65,12 +65,15 @@ server {
client_body_temp_path $${directory:varnginx} 1 2;
client_body_temp_path $${directory:varnginx} 1 2;
proxy_temp_path $${directory:varnginx} 1 2;
proxy_temp_path $${directory:varnginx} 1 2;
auth_basic "Nginx Access";
auth_basic_user_file $${htpasswd-runner:htpasswd-path};
## Serve an error 204 (No Content) for favicon.ico
## Serve an error 204 (No Content) for favicon.ico
location = /favicon.ico {
location = /favicon.ico {
return 204;
return 204;
}
}
location
/pub
{
location
$${nginx-configuration:publisher_location_prefix}
{
push_stream_publisher;
push_stream_publisher;
push_stream_channels_path $arg_id;
push_stream_channels_path $arg_id;
...
@@ -85,7 +88,7 @@ server {
...
@@ -85,7 +88,7 @@ server {
}
}
location ~
/sub
/(.*) {
location ~
$${nginx-configuration:subscriber_location_prefix}
/(.*) {
# activate subscriber mode for this location
# activate subscriber mode for this location
add_header "Access-Control-Allow-Origin" $${nginx-configuration:subscriber_allow_origin};
add_header "Access-Control-Allow-Origin" $${nginx-configuration:subscriber_allow_origin};
add_header 'Access-Control-Allow-Credentials' $${nginx-configuration:subscriber_allow_credential};
add_header 'Access-Control-Allow-Credentials' $${nginx-configuration:subscriber_allow_credential};
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment