Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Klaus Wölfel
slapos
Commits
d92849d0
Commit
d92849d0
authored
Aug 08, 2014
by
Cédric Le Ninivin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
apache-frontend: add support for default certificate in replicate
parent
b3888897
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
47 additions
and
26 deletions
+47
-26
software/apache-frontend/common.cfg
software/apache-frontend/common.cfg
+3
-3
software/apache-frontend/instance-apache-frontend.cfg
software/apache-frontend/instance-apache-frontend.cfg
+9
-0
software/apache-frontend/instance-apache-replicate.cfg.in
software/apache-frontend/instance-apache-replicate.cfg.in
+32
-23
software/apache-frontend/templates/apache.conf.in
software/apache-frontend/templates/apache.conf.in
+3
-0
No files found.
software/apache-frontend/common.cfg
View file @
d92849d0
...
@@ -67,14 +67,14 @@ mode = 0644
...
@@ -67,14 +67,14 @@ mode = 0644
[template-apache-frontend]
[template-apache-frontend]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-apache-frontend.cfg
url = ${:_profile_base_location_}/instance-apache-frontend.cfg
md5sum =
66a4c824a9f9a9995e1699549b941656
md5sum =
53de57ef78345cedd3c715a105539ca3
output = ${buildout:directory}/template-apache-frontend.cfg
output = ${buildout:directory}/template-apache-frontend.cfg
mode = 0644
mode = 0644
[template-apache-replicate]
[template-apache-replicate]
recipe = slapos.recipe.build:download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-apache-replicate.cfg.in
url = ${:_profile_base_location_}/instance-apache-replicate.cfg.in
md5sum =
4a386500c21d0b59ce9a679c6110d375
md5sum =
da22cc3b2095766c5e14b29afab2b760
mode = 0644
mode = 0644
[template-slave-list]
[template-slave-list]
...
@@ -98,7 +98,7 @@ mode = 640
...
@@ -98,7 +98,7 @@ mode = 640
[template-apache-frontend-configuration]
[template-apache-frontend-configuration]
recipe = slapos.recipe.build:download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/templates/apache.conf.in
url = ${:_profile_base_location_}/templates/apache.conf.in
md5sum =
72922908c1f4e72c92bb03e072660c7c
md5sum =
e68401762b25b7a462ba5df187e003e8
mode = 640
mode = 640
[template-apache-cached-configuration]
[template-apache-cached-configuration]
...
...
software/apache-frontend/instance-apache-frontend.cfg
View file @
d92849d0
...
@@ -118,6 +118,7 @@ configuration.apache_custom_https = ""
...
@@ -118,6 +118,7 @@ configuration.apache_custom_https = ""
configuration.apache_custom_http = ""
configuration.apache_custom_http = ""
configuration.apache-key =
configuration.apache-key =
configuration.apache-certificate =
configuration.apache-certificate =
configuration.apache-ca-certificate =
configuration.open-port = 80 443
configuration.open-port = 80 443
configuration.extra_slave_instance_list =
configuration.extra_slave_instance_list =
configuration.disk-cache-size = 8G
configuration.disk-cache-size = 8G
...
@@ -256,6 +257,7 @@ extra-context =
...
@@ -256,6 +257,7 @@ extra-context =
key access_control_string apache-configuration:access-control-string
key access_control_string apache-configuration:access-control-string
key login_certificate ca-frontend:cert-file
key login_certificate ca-frontend:cert-file
key login_key ca-frontend:key-file
key login_key ca-frontend:key-file
key login_ca_crt ca-custom-frontend:rendered
key ca_dir certificate-authority:ca-dir
key ca_dir certificate-authority:ca-dir
key ca_crl certificate-authority:ca-crl
key ca_crl certificate-authority:ca-crl
key access_log apache-configuration:access-log
key access_log apache-configuration:access-log
...
@@ -380,6 +382,13 @@ cert-content = $${instance-parameter:configuration.apache-certificate}
...
@@ -380,6 +382,13 @@ cert-content = $${instance-parameter:configuration.apache-certificate}
# Put domain name
# Put domain name
name = $${instance-parameter:configuration.domain}
name = $${instance-parameter:configuration.domain}
[ca-custom-frontend]
< = jinja2-template-base
template = ${template-empty:target}
rendered = $${cadirectory:certs}/apache_frontend.ca.crt
extra-context =
key content instance-parameter:configuration.apache-ca-certificate
[cron]
[cron]
recipe = slapos.cookbook:cron
recipe = slapos.cookbook:cron
dcrond-binary = ${dcron:location}/sbin/crond
dcrond-binary = ${dcron:location}/sbin/crond
...
...
software/apache-frontend/instance-apache-replicate.cfg.in
View file @
d92849d0
...
@@ -23,6 +23,7 @@ context =
...
@@ -23,6 +23,7 @@ context =
{% set slave_list_name = 'extra_slave_instance_list' -%}
{% set slave_list_name = 'extra_slave_instance_list' -%}
{% set frontend_list = [] %}
{% set frontend_list = [] %}
{% set frontend_section_list = [] %}
{% set frontend_section_list = [] %}
{% set request_dict = {} %}
{% set namebase = 'apache-frontend' -%}
{% set namebase = 'apache-frontend' -%}
# XXX Dirty hack, not possible to define default value before
# XXX Dirty hack, not possible to define default value before
{% set sla_computer_apache_1_key = '-sla-1-computer_guid' -%}
{% set sla_computer_apache_1_key = '-sla-1-computer_guid' -%}
...
@@ -37,13 +38,13 @@ context =
...
@@ -37,13 +38,13 @@ context =
{% set request_section_title = 'request-%s' % frontend_name -%}
{% set request_section_title = 'request-%s' % frontend_name -%}
{% set sla_key = "-sla-%s-" % i -%}
{% set sla_key = "-sla-%s-" % i -%}
{% set sla_key_length = sla_key | length %}
{% set sla_key_length = sla_key | length %}
{% set sla_
parameters = []
%}
{% set sla_
dict = {}
%}
{% set config_key = "-frontend-config-%s-" % i %}
{% set config_key = "-frontend-config-%s-" % i %}
{% set config_key_length = config_key | length %}
{% set config_key_length = config_key | length %}
{% set config_dict = {} %}
{% set config_dict = {} %}
{% for key in slapparameter_dict.keys() %}
{% for key in slapparameter_dict.keys() %}
{% if key.startswith(sla_key) %}
{% if key.startswith(sla_key) %}
{% do sla_
parameters.append(key[sla_key_length:]
) %}
{% do sla_
dict.__setitem__(key[sla_key_length:], slapparameter_dict.pop(key)
) %}
# We check for specific configuration regarding the frontend
# We check for specific configuration regarding the frontend
{% elif key.startswith(config_key) -%}
{% elif key.startswith(config_key) -%}
{% do config_dict.__setitem__(key[config_key_length:], slapparameter_dict.pop(key)) %}
{% do config_dict.__setitem__(key[config_key_length:], slapparameter_dict.pop(key)) %}
...
@@ -52,23 +53,15 @@ context =
...
@@ -52,23 +53,15 @@ context =
{% do frontend_list.append(frontend_name) -%}
{% do frontend_list.append(frontend_name) -%}
{% do frontend_section_list.append(request_section_title) -%}
{% do frontend_section_list.append(request_section_title) -%}
{% do part_list.append(request_section_title) -%}
{% do part_list.append(request_section_title) -%}
[{{request_section_title}}]
# Filling request dict for slave
<= replicate
name = {{frontend_name}}
{% set state_key = "-frontend-%s-state" % i %}
{% set state_key = "-frontend-%s-state" % i %}
{% if slapparameter_dict.has_key(state_key) %}
{% do request_dict.__setitem__(request_section_title,
state = {{ slapparameter_dict.pop(state_key) }}
{
{% endif%}
'config': config_dict,
extra-config = {{ ' '.join(config_dict.keys()) }}
'name': frontend_name,
{% for key, value in config_dict.iteritems() -%}
'sla': sla_dict,
config-{{ key }} = {{ value }}
'state': slapparameter_dict.pop(state_key, None)
{% endfor -%}
}) %}
{% if sla_parameters %}
sla = {{ ' '.join(sla_parameters) }}
{% for parameter in sla_parameters -%}
sla-{{ parameter }} = {{ slapparameter_dict.pop( sla_key + parameter ) }}
{% endfor -%}
{% endif -%}
{% endfor -%}
{% endfor -%}
{% set authorized_slave_string = slapparameter_dict.pop('-frontend-authorized-slave-string', '') -%}
{% set authorized_slave_string = slapparameter_dict.pop('-frontend-authorized-slave-string', '') -%}
...
@@ -93,13 +86,29 @@ software-url = ${slap-connection:software-release-url}
...
@@ -93,13 +86,29 @@ software-url = ${slap-connection:software-release-url}
{% endif %}
{% endif %}
software-type = {{frontend_type}}
software-type = {{frontend_type}}
return = private-ipv4 public-ipv4 slave-instance-information-list monitor_url
return = private-ipv4 public-ipv4 slave-instance-information-list monitor_url
config = {{ ' '.join(slapparameter_dict.keys()) + ' ${:extra-config} ' + slave_list_name }}
config = _
{% for parameter, value in slapparameter_dict.iteritems() -%}
config-{{parameter}} = {{ value }}
{% endfor -%}
config-{{ slave_list_name }} = {{ json_module.dumps(authorized_slave_list) }}
connection-monitor_url =
connection-monitor_url =
{% for section, frontend_request in request_dict.iteritems() %}
[{{section}}]
<= replicate
name = {{ frontend_request.get('name') }}
{% if frontend_request.get('state') %}
state = {{ frontend_request.get('state') }}
{% endif%}
{% set slave_configuration_dict = frontend_request.get('config') %}
{% do slave_configuration_dict.update(**slapparameter_dict) %}
{% do slave_configuration_dict.__setitem__(slave_list_name, json_module.dumps(authorized_slave_list)) %}
config-_ = {{ json_module.dumps(slave_configuration_dict) }}
{% if frontend_request.get('sla') %}
sla = {{ ' '.join(frontend_request.get('sla').keys()) }}
{% for parameter, value in frontend_request.get('sla').iteritems() -%}
sla-{{ parameter }} = {{ value }}
{% endfor -%}
{% endif -%}
{% endfor -%}
[publish-information]
[publish-information]
recipe = slapos.cookbook:publish
recipe = slapos.cookbook:publish
domain = {{ slapparameter_dict.get('domain') }}
domain = {{ slapparameter_dict.get('domain') }}
...
...
software/apache-frontend/templates/apache.conf.in
View file @
d92849d0
...
@@ -114,6 +114,9 @@ BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
...
@@ -114,6 +114,9 @@ BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# SSL Configuration
# SSL Configuration
SSLCertificateFile {{ login_certificate }}
SSLCertificateFile {{ login_certificate }}
SSLCertificateKeyFile {{ login_key }}
SSLCertificateKeyFile {{ login_key }}
{% if slapparameter_dict.get('apache-ca-certificate') %}
SSLCACertificateFile {{ login_ca_crt }}
{% endif %}
SSLRandomSeed startup builtin
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLRandomSeed connect builtin
SSLSessionCache shmcb:/{{ httpd_mod_ssl_cache_directory }}/ssl_scache(512000)
SSLSessionCache shmcb:/{{ httpd_mod_ssl_cache_directory }}/ssl_scache(512000)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment