Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Labels
Merge Requests
104
Merge Requests
104
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Jobs
Commits
Open sidebar
nexedi
slapos
Commits
87637cb1
Commit
87637cb1
authored
Jun 19, 2020
by
Łukasz Nowak
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
caddy-frontend: Improve readability of most complex template
parent
78b214a2
Pipeline
#10090
failed with stage
Changes
2
Pipelines
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
195 additions
and
212 deletions
+195
-212
software/caddy-frontend/buildout.hash.cfg
software/caddy-frontend/buildout.hash.cfg
+1
-1
software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
.../caddy-frontend/templates/apache-custom-slave-list.cfg.in
+194
-211
No files found.
software/caddy-frontend/buildout.hash.cfg
View file @
87637cb1
...
...
@@ -30,7 +30,7 @@ md5sum = a544bf7586f5945bbf108abe9818c7dd
[template-slave-list]
_update_hash_filename_ = templates/apache-custom-slave-list.cfg.in
md5sum =
83992a72b440e422e6d6dae54990f3b1
md5sum =
9da1616d203e4909af37e658aa923d95
[template-replicate-publish-slave-information]
_update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in
...
...
software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
View file @
87637cb1
{% if software_type == slap_software_type %}
{% set kedifa_updater_mapping = [] %}
{% set cached_server_dict = {} %}
{% set part_list = [] %}
{% set cache_port = caddy_configuration.get('cache-port') %}
{% set cached_port = caddy_configuration.get('cache-through-port') %}
{% set ssl_cached_port = caddy_configuration.get('ssl-cache-through-port') %}
{% set cache_access = "http://%s:%s" % (local_ipv4, cache_port) %}
{% set ssl_cache_access = "http://%s:%s/HTTPS" % (local_ipv4, cache_port) %}
{% set TRUE_VALUES = ['y', 'yes', '1', 'true'] %}
{% set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': local_ipv4, 'http_port': http_port, 'https_port': https_port} %}
{% set slave_log_dict = {} %}
{% if extra_slave_instance_list %}
{% set slave_instance_information_list = [] %}
{% set slave_instance_list = slave_instance_list + json_module.loads(extra_slave_instance_list) %}
{% endif %}
{%- if software_type == slap_software_type %}
{%- set kedifa_updater_mapping = [] %}
{%- set cached_server_dict = {} %}
{%- set part_list = [] %}
{%- set cache_port = caddy_configuration.get('cache-port') %}
{%- set cached_port = caddy_configuration.get('cache-through-port') %}
{%- set ssl_cached_port = caddy_configuration.get('ssl-cache-through-port') %}
{%- set cache_access = "http://%s:%s" % (local_ipv4, cache_port) %}
{%- set ssl_cache_access = "http://%s:%s/HTTPS" % (local_ipv4, cache_port) %}
{%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] %}
{%- set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': local_ipv4, 'http_port': http_port, 'https_port': https_port} %}
{%- set slave_log_dict = {} %}
{%- if extra_slave_instance_list %}
{%- set slave_instance_information_list = [] %}
{%- set slave_instance_list = slave_instance_list + json_module.loads(extra_slave_instance_list) %}
{%- endif %}
{%- if master_key_download_url %}
{%- do kedifa_updater_mapping.append((master_key_download_url, master_certificate, apache_certificate)) %}
{%- else %}
{%- do kedifa_updater_mapping.append(('notreadyyet', master_certificate, apache_certificate)) %}
{%- endif %}
{%- if slave_kedifa_information %}
{%- set slave_kedifa_information = json_module.loads(slave_kedifa_information) %}
{%- else %}
{%- set slave_kedifa_information = {} %}
{%- endif -%}
[jinja2-template-base]
recipe = slapos.recipe.template:jinja2
extensions = jinja2.ext.do
...
...
@@ -30,18 +39,6 @@ sharedscripts = true
notifempty = true
create = true
{% if master_key_download_url %}
{% do kedifa_updater_mapping.append((master_key_download_url, master_certificate, apache_certificate)) %}
{% else %}
{% do kedifa_updater_mapping.append(('notreadyyet', master_certificate, apache_certificate)) %}
{% endif %}
{% if slave_kedifa_information %}
{% set slave_kedifa_information = json_module.loads(slave_kedifa_information) %}
{% else %}
{% set slave_kedifa_information = {} %}
{% endif %}
# empty sections if no slaves are available
[slave-log-directory-dict]
[slave-password]
...
...
@@ -49,169 +46,160 @@ create = true
# empty section if no cached slaves are available
[slave-log-cache-direct-directory-dict]
{# Loop thought slave list to set up slaves #}
{% for slave_instance in slave_instance_list %}
{# Manage ciphers #}
{% set slave_ciphers = slave_instance.get('ciphers', '').strip().split() %}
{% if slave_ciphers %}
{% set slave_cipher_list = ' '.join(slave_ciphers) %}
{% else %}
{% set slave_cipher_list = ciphers.strip() %}
{% endif %}
{% do slave_instance.__setitem__('cipher_list', slave_cipher_list) %}
{% set slave_type = slave_instance.get('type', '') %}
{% set enable_cache = (('' ~ slave_instance.get('enable_cache', '')).lower() in TRUE_VALUES and slave_type != 'redirect') %}
{% set slave_reference = slave_instance.get('slave_reference') %}
{% set slave_kedifa = slave_kedifa_information.get(slave_reference) %}
{% if slave_kedifa %}
{% set key_download_url = slave_kedifa.get('key-download-url') %}
{% else %}
{% set key_download_url = 'notreadyyet' %}
{% endif %}
{% set slave_section_title = 'dynamic-template-slave-instance-%s' % slave_reference %}
{% set slave_parameter_dict = generic_instance_parameter_dict.copy() %}
{% set slave_publish_dict = {} %}
{% set slave_configuration_section_name = 'slave-instance-%s-configuration' % slave_reference %}
{% set slave_logrotate_section = slave_reference + "-logs" %}
{% set slave_logrotate_cache_direct_section = slave_reference + "-cache-direct-logs" %}
{% set slave_password_section = slave_reference + "-password" %}
{% set slave_ln_section = slave_reference + "-ln" %}
{# extend parts #}
{% do part_list.extend([slave_ln_section]) %}
{% do part_list.extend([slave_logrotate_section, slave_section_title]) %}
{% set slave_log_folder = '${logrotate-directory:logrotate-backup}/' + slave_reference + "-logs" %}
{% if enable_cache %}
{% set slave_log_cache_direct_folder = '${logrotate-directory:logrotate-backup}/' + slave_logrotate_cache_direct_section %}
{% do part_list.extend([slave_logrotate_cache_direct_section]) %}
{% endif %}
{# Pass HTTP2 switch #}
{% do slave_instance.__setitem__('enable_http2_by_default', enable_http2_by_default) %}
{% do slave_instance.__setitem__('global_disable_http2', global_disable_http2) %}
{# Pass proxy_try_duration and proxy_try_interval #}
{% do slave_instance.__setitem__('proxy_try_duration', proxy_try_duration) %}
{% do slave_instance.__setitem__('proxy_try_interval', proxy_try_interval) %}
{# Set Up log files #}
{% do slave_parameter_dict.__setitem__('access_log', '/'.join([caddy_log_directory, '%s_access_log' % slave_reference])) %}
{% do slave_parameter_dict.__setitem__('error_log', '/'.join([caddy_log_directory, '%s_error_log' % slave_reference])) %}
{% do slave_instance.__setitem__('access_log', slave_parameter_dict.get('access_log')) %}
{% do slave_instance.__setitem__('error_log', slave_parameter_dict.get('error_log')) %}
{% if enable_cache %}
{% do slave_parameter_dict.__setitem__('access_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_access_log' % slave_reference])) %}
{% do slave_parameter_dict.__setitem__('error_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_error_log' % slave_reference])) %}
{% do slave_instance.__setitem__('access_log_cache_direct', slave_parameter_dict.get('access_log_cache_direct')) %}
{% do slave_instance.__setitem__('error_log_cache_direct', slave_parameter_dict.get('error_log_cache_direct')) %}
{% endif %}
{# Add slave log directory to the slave log access dict #}
{% do slave_log_dict.__setitem__(slave_reference, slave_log_folder) %}
{% set slave_log_access_url = 'https://' + slave_reference.lower() + ':${'+ slave_password_section +':passwd}@[' + frontend_configuration.get('caddy-ipv6') + ']:' + frontend_configuration.get('caddy-https-port') + '/' + slave_reference.lower() + '/' %}
{% do slave_publish_dict.__setitem__('log-access', slave_log_access_url) %}
{% do slave_publish_dict.__setitem__('slave-reference', slave_reference) %}
{% do slave_publish_dict.__setitem__('public-ipv4', public_ipv4) %}
{# Set slave domain if none was defined #}
{% if slave_instance.get('custom_domain', None) == None %}
{% set domain_prefix = slave_instance.get('slave_reference').replace("-", "").replace("_", "").lower() %}
{% do slave_instance.__setitem__('custom_domain', "%s.%s" % (domain_prefix, slapparameter_dict.get('domain'))) %}
{% endif %}
{% if enable_cache and 'url' in slave_instance %}
{% if 'domain' in slave_instance %}
{% if not slave_instance.get('custom_domain') %}
{% do slave_instance.__setitem__('custom_domain', slave_instance.get('domain')) %}
{% endif %}
{% endif %}
{% do slave_instance.__setitem__('backend_url', slave_instance.get('url')) %}
{% do slave_instance.__setitem__('https_backend_url', slave_instance.get('https-url', slave_instance.get('url'))) %}
{% do slave_instance.__setitem__('url', cache_access) %}
{% do slave_instance.__setitem__('https-url', ssl_cache_access) %}
{% do cached_server_dict.__setitem__(slave_reference, slave_configuration_section_name) %}
{% endif %}
{% do slave_publish_dict.__setitem__('domain', slave_instance.get('custom_domain')) %}
{% do slave_publish_dict.__setitem__('url', "http://%s" % slave_instance.get('custom_domain')) %}
{% do slave_publish_dict.__setitem__('site_url', "http://%s" % slave_instance.get('custom_domain')) %}
{% do slave_publish_dict.__setitem__('secure_access', 'https://%s' % slave_instance.get('custom_domain')) %}
{#- Loop thought slave list to set up slaves #}
{%- for slave_instance in slave_instance_list %}
{#- Manage ciphers #}
{%- set slave_ciphers = slave_instance.get('ciphers', '').strip().split() %}
{%- if slave_ciphers %}
{%- set slave_cipher_list = ' '.join(slave_ciphers) %}
{%- else %}
{%- set slave_cipher_list = ciphers.strip() %}
{%- endif %}
{%- do slave_instance.__setitem__('cipher_list', slave_cipher_list) %}
{%- set slave_type = slave_instance.get('type', '') %}
{%- set enable_cache = (('' ~ slave_instance.get('enable_cache', '')).lower() in TRUE_VALUES and slave_type != 'redirect') %}
{%- set slave_reference = slave_instance.get('slave_reference') %}
{%- set slave_kedifa = slave_kedifa_information.get(slave_reference) %}
{%- if slave_kedifa %}
{%- set key_download_url = slave_kedifa.get('key-download-url') %}
{%- else %}
{%- set key_download_url = 'notreadyyet' %}
{%- endif %}
{%- set slave_section_title = 'dynamic-template-slave-instance-%s' % slave_reference %}
{%- set slave_parameter_dict = generic_instance_parameter_dict.copy() %}
{%- set slave_publish_dict = {} %}
{%- set slave_configuration_section_name = 'slave-instance-%s-configuration' % slave_reference %}
{%- set slave_logrotate_section = slave_reference + "-logs" %}
{%- set slave_logrotate_cache_direct_section = slave_reference + "-cache-direct-logs" %}
{%- set slave_password_section = slave_reference + "-password" %}
{%- set slave_ln_section = slave_reference + "-ln" %}
{#- extend parts #}
{%- do part_list.extend([slave_ln_section]) %}
{%- do part_list.extend([slave_logrotate_section, slave_section_title]) %}
{%- set slave_log_folder = '${logrotate-directory:logrotate-backup}/' + slave_reference + "-logs" %}
{%- if enable_cache %}
{%- set slave_log_cache_direct_folder = '${logrotate-directory:logrotate-backup}/' + slave_logrotate_cache_direct_section %}
{%- do part_list.extend([slave_logrotate_cache_direct_section]) %}
{%- endif %}
{#- Pass HTTP2 switch #}
{%- do slave_instance.__setitem__('enable_http2_by_default', enable_http2_by_default) %}
{%- do slave_instance.__setitem__('global_disable_http2', global_disable_http2) %}
{#- Pass proxy_try_duration and proxy_try_interval #}
{%- do slave_instance.__setitem__('proxy_try_duration', proxy_try_duration) %}
{%- do slave_instance.__setitem__('proxy_try_interval', proxy_try_interval) %}
{#- Set Up log files #}
{%- do slave_parameter_dict.__setitem__('access_log', '/'.join([caddy_log_directory, '%s_access_log' % slave_reference])) %}
{%- do slave_parameter_dict.__setitem__('error_log', '/'.join([caddy_log_directory, '%s_error_log' % slave_reference])) %}
{%- do slave_instance.__setitem__('access_log', slave_parameter_dict.get('access_log')) %}
{%- do slave_instance.__setitem__('error_log', slave_parameter_dict.get('error_log')) %}
{%- if enable_cache %}
{%- do slave_parameter_dict.__setitem__('access_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_access_log' % slave_reference])) %}
{%- do slave_parameter_dict.__setitem__('error_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_error_log' % slave_reference])) %}
{%- do slave_instance.__setitem__('access_log_cache_direct', slave_parameter_dict.get('access_log_cache_direct')) %}
{%- do slave_instance.__setitem__('error_log_cache_direct', slave_parameter_dict.get('error_log_cache_direct')) %}
{%- endif %}
{#- Add slave log directory to the slave log access dict #}
{%- do slave_log_dict.__setitem__(slave_reference, slave_log_folder) %}
{%- set slave_log_access_url = 'https://' + slave_reference.lower() + ':${'+ slave_password_section +':passwd}@[' + frontend_configuration.get('caddy-ipv6') + ']:' + frontend_configuration.get('caddy-https-port') + '/' + slave_reference.lower() + '/' %}
{%- do slave_publish_dict.__setitem__('log-access', slave_log_access_url) %}
{%- do slave_publish_dict.__setitem__('slave-reference', slave_reference) %}
{%- do slave_publish_dict.__setitem__('public-ipv4', public_ipv4) %}
{#- Set slave domain if none was defined #}
{%- if slave_instance.get('custom_domain', None) == None %}
{%- set domain_prefix = slave_instance.get('slave_reference').replace("-", "").replace("_", "").lower() %}
{%- do slave_instance.__setitem__('custom_domain', "%s.%s" % (domain_prefix, slapparameter_dict.get('domain'))) %}
{%- endif %}
{%- if enable_cache and 'url' in slave_instance %}
{%- if 'domain' in slave_instance %}
{%- if not slave_instance.get('custom_domain') %}
{%- do slave_instance.__setitem__('custom_domain', slave_instance.get('domain')) %}
{%- endif %}
{%- endif %}
{%- do slave_instance.__setitem__('backend_url', slave_instance.get('url')) %}
{%- do slave_instance.__setitem__('https_backend_url', slave_instance.get('https-url', slave_instance.get('url'))) %}
{%- do slave_instance.__setitem__('url', cache_access) %}
{%- do slave_instance.__setitem__('https-url', ssl_cache_access) %}
{%- do cached_server_dict.__setitem__(slave_reference, slave_configuration_section_name) %}
{%- endif %}
{%- do slave_publish_dict.__setitem__('domain', slave_instance.get('custom_domain')) %}
{%- do slave_publish_dict.__setitem__('url', "http://%s" % slave_instance.get('custom_domain')) %}
{%- do slave_publish_dict.__setitem__('site_url', "http://%s" % slave_instance.get('custom_domain')) %}
{%- do slave_publish_dict.__setitem__('secure_access', 'https://%s' % slave_instance.get('custom_domain')) %}
[slave-log-directory-dict]
{{slave_reference}} = {{ slave_log_folder }}
{% if enable_cache %}
{%
-
if enable_cache %}
[slave-log-cache-direct-directory-dict]
{{slave_reference}}_cache_direct = {{ slave_log_cache_direct_folder }}
{% endif %}
{%
-
endif %}
[slave-password]
{{ slave_reference }} = {{ '${' + slave_password_section + ':passwd}' }}
{# Set slave logrotate entry #}
{#
-
Set slave logrotate entry #}
[{{slave_logrotate_section}}]
<= logrotate-entry-base
name = ${:_buildout_section_name_}
log = {{slave_parameter_dict.get('access_log')}} {{slave_parameter_dict.get('error_log')}}
backup = {{ slave_log_folder }}
{% if enable_cache %}
{%- if enable_cache %}
[{{slave_logrotate_cache_direct_section}}]
<= logrotate-entry-base
name = ${:_buildout_section_name_}
log = {{slave_parameter_dict.get('access_log_cache_direct')}} {{slave_parameter_dict.get('error_log_cache_direct')}}
backup = {{ slave_log_cache_direct_folder }}
{% endif %}
{%- endif %}
{#- integrate current logs inside #}
{# integrate current logs inside #}
[{{slave_ln_section}}]
recipe = plone.recipe.command
stop-on-error = false
command = ln -s {{slave_parameter_dict.get('error_log')}} {{ slave_log_folder }}/error.log && ln -s {{slave_parameter_dict.get('access_log')}} {{ slave_log_folder }}/access.log
{# Set password for slave #}
{#- Set password for slave #}
[{{slave_password_section}}]
recipe = slapos.cookbook:generate.password
storage-path = {{caddy_configuration_directory}}/.{{slave_reference}}.passwd
bytes = 8
{# ################################################## #}
{# Set Slave Certificates if needed #}
{# Set certificate key for custom configuration #}
{% set cert_name = slave_reference.replace('-','.') + '.pem' %}
{% set certificate = '%s/%s' % (autocert, cert_name) %}
{% do slave_parameter_dict.__setitem__('certificate', certificate )%}
{# Set ssl certificates for each slave #}
{% for cert_name in ('ssl_csr', 'ssl_proxy_ca_crt')%}
{% if cert_name in slave_instance %}
{% set cert_title = '%s-%s' % (slave_reference, cert_name.replace('ssl_', '')) %}
{% set cert_file = '/'.join([custom_ssl_directory, cert_title.replace('-','.')]) %}
{% do part_list.append(cert_title) %}
{% do slave_parameter_dict.__setitem__(cert_name, cert_file) %}
{% do slave_instance.__setitem__('path_to_' + cert_name, cert_file) %}
{# Store certificates on fs #}
{#- ################################################## #}
{#- Set Slave Certificates if needed #}
{#- Set certificate key for custom configuration #}
{%- set cert_name = slave_reference.replace('-','.') + '.pem' %}
{%- set certificate = '%s/%s' % (autocert, cert_name) %}
{%- do slave_parameter_dict.__setitem__('certificate', certificate )%}
{#- Set ssl certificates for each slave #}
{%- for cert_name in ('ssl_csr', 'ssl_proxy_ca_crt')%}
{%- if cert_name in slave_instance %}
{%- set cert_title = '%s-%s' % (slave_reference, cert_name.replace('ssl_', '')) %}
{%- set cert_file = '/'.join([custom_ssl_directory, cert_title.replace('-','.')]) %}
{%- do part_list.append(cert_title) %}
{%- do slave_parameter_dict.__setitem__(cert_name, cert_file) %}
{%- do slave_instance.__setitem__('path_to_' + cert_name, cert_file) %}
{#- Store certificates on fs #}
[{{ cert_title }}]
< = jinja2-template-base
template = {{ empty_template }}
rendered = {{ cert_file }}
extra-context =
key content {{ cert_title + '-config:value' }}
# BBB: SlapOS Master non-zero knowledge BEGIN
# Store certificate in config
{#- BBB: SlapOS Master non-zero knowledge BEGIN #}
{#- Store certificate in config #}
[{{ cert_title + '-config' }}]
value = {{ dumps(slave_instance.get(cert_name)) }}
{% endif %}
{% endfor %}
{%- endif %}
{%- endfor %}
{#- Set Up Certs #}
{% if 'ssl_key' in slave_instance and 'ssl_crt' in slave_instance %}
{% set cert_title = '%s-crt' % (slave_reference) %}
{% set cert_file = '/'.join([bbb_ssl_directory, cert_title.replace('-','.')]) %}
{% do kedifa_updater_mapping.append((key_download_url, certificate, cert_file)) %}
{% do part_list.append(cert_title) %}
{% do slave_parameter_dict.__setitem__("ssl_crt", cert_file) %}
{%
-
if 'ssl_key' in slave_instance and 'ssl_crt' in slave_instance %}
{%
-
set cert_title = '%s-crt' % (slave_reference) %}
{%
-
set cert_file = '/'.join([bbb_ssl_directory, cert_title.replace('-','.')]) %}
{%
-
do kedifa_updater_mapping.append((key_download_url, certificate, cert_file)) %}
{%
-
do part_list.append(cert_title) %}
{%
-
do slave_parameter_dict.__setitem__("ssl_crt", cert_file) %}
[{{cert_title}}]
< = jinja2-template-base
...
...
@@ -220,13 +208,14 @@ rendered = {{ cert_file }}
cert-content = {{ dumps(slave_instance.get('ssl_crt') + '\n' + slave_instance.get('ssl_ca_crt', '') + '\n' + slave_instance.get('ssl_key')) }}
extra-context =
key content :cert-content
{% else %}
{% do kedifa_updater_mapping.append((key_download_url, certificate, master_certificate)) %}
{% endif %}
# BBB: SlapOS Master non-zero knowledge END
{%- else %}
{%- do kedifa_updater_mapping.append((key_download_url, certificate, master_certificate)) %}
{%- endif %}
{#- BBB: SlapOS Master non-zero knowledge END #}
{#- ########################################## #}
{#- Set Slave Configuration #}
{# ########################################## #}
{# Set Slave Configuration #}
[{{ slave_configuration_section_name }}]
certificate = {{ certificate }}
https_port = {{ dumps('' ~ https_port) }}
...
...
@@ -235,11 +224,11 @@ local_ipv4 = {{ dumps('' ~ local_ipv4) }}
cached_port = {{ dumps('' ~ cached_port) }}
ssl_cached_port = {{ ('' ~ ssl_cached_port) }}
request_timeout = {{ ('' ~ request_timeout) }}
{%
for key, value in slave_instance.iteritems() %}
{%
if value is not none %}
{%
-
for key, value in slave_instance.iteritems() %}
{%
-
if value is not none %}
{{ key }} = {{ dumps('' ~ value) }}
{%
endif %}
{%
endfor %}
{%
-
endif %}
{%
-
endfor %}
[{{ slave_section_title }}]
< = jinja2-template-base
...
...
@@ -254,10 +243,10 @@ filename = {{ '%s.conf' % slave_reference }}
{{ '\n' }}
{% set monitor_ipv6_test = slave_instance.get('monitor-ipv6-test', '') %}
{% if monitor_ipv6_test %}
{% set monitor_ipv6_section_title = 'check-%s-ipv6-packet-list-test' % slave_instance.get('slave_reference') %}
{% do part_list.append(monitor_ipv6_section_title) %}
{%
-
set monitor_ipv6_test = slave_instance.get('monitor-ipv6-test', '') %}
{%
-
if monitor_ipv6_test %}
{%
-
set monitor_ipv6_section_title = 'check-%s-ipv6-packet-list-test' % slave_instance.get('slave_reference') %}
{%
-
do part_list.append(monitor_ipv6_section_title) %}
[{{ monitor_ipv6_section_title }}]
<= monitor-promise-base
module = check_icmp_packet_lost
...
...
@@ -265,12 +254,11 @@ name = {{ monitor_ipv6_section_title }}.py
config-address = {{ dumps(monitor_ipv6_test) }}
# promise frequency in minutes (2 times/day)
config-frequency = 720
{% endif %}
{% set monitor_ipv4_test = slave_instance.get('monitor-ipv4-test', '') %}
{% if monitor_ipv4_test %}
{% set monitor_ipv4_section_title = 'check-%s-ipv4-packet-list-test' % slave_instance.get('slave_reference') %}
{% do part_list.append(monitor_ipv4_section_title) %}
{%- endif %}
{%- set monitor_ipv4_test = slave_instance.get('monitor-ipv4-test', '') %}
{%- if monitor_ipv4_test %}
{%- set monitor_ipv4_section_title = 'check-%s-ipv4-packet-list-test' % slave_instance.get('slave_reference') %}
{%- do part_list.append(monitor_ipv4_section_title) %}
[{{ monitor_ipv4_section_title }}]
<= monitor-promise-base
module = check_icmp_packet_lost
...
...
@@ -279,46 +267,41 @@ config-address = {{ dumps(monitor_ipv4_test) }}
config-ipv4 = true
# promise frequency in minutes (2 times/day)
config-frequency = 720
{% endif %}
{%- endif %}
{# ############################### #}
{# Publish Slave Information #}
{% if not extra_slave_instance_list %}
{% set publish_section_title = 'publish-%s-connection-information' % slave_instance.get('slave_reference') %}
{% do part_list.append(publish_section_title) %}
{#
-
############################### #}
{#
-
Publish Slave Information #}
{%
-
if not extra_slave_instance_list %}
{%
-
set publish_section_title = 'publish-%s-connection-information' % slave_instance.get('slave_reference') %}
{%
-
do part_list.append(publish_section_title) %}
[{{ publish_section_title }}]
recipe = slapos.cookbook:publish
{% for key, value in slave_publish_dict.iteritems() %}
{%
-
for key, value in slave_publish_dict.iteritems() %}
{{ key }} = {{ value }}
{% endfor %}
{% else %}
{% do slave_instance_information_list.append(slave_publish_dict) %}
{% endif %}
{# End of the main for loop#}
{% endfor %}
{%- endfor %}
{%- else %}
{%- do slave_instance_information_list.append(slave_publish_dict) %}
{%- endif %}
{%- endfor %} {# Slave iteration ends for slave_instance in slave_instance_list #}
[slave-log-directories]
<= slave-log-directory-dict
recipe = slapos.cookbook:mkdirectory
{% do part_list.append('slave-log-directories') %}
{%
-
do part_list.append('slave-log-directories') %}
[slave-log-cache-direct-directories]
<= slave-log-cache-direct-directory-dict
recipe = slapos.cookbook:mkdirectory
{% do part_list.append('slave-log-cache-direct-directories') %}
{% do part_list.append('caddy-log-access') %}
{%- do part_list.append('slave-log-cache-direct-directories') %}
{%- do part_list.append('caddy-log-access') %}
{#- ############################################## #}
{#- ## Prepare virtualhost for slaves using cache #}
{%- for slave_reference, slave_configuration_section_name in cached_server_dict.iteritems() %}
{%- set cached_slave_configuration_section_title = '%s-cached-virtualhost' % slave_reference %}
{%- do part_list.append(cached_slave_configuration_section_title) %}
###############################################
### Prepare virtualhost for slaves using cache
{% for slave_reference, slave_configuration_section_name in cached_server_dict.iteritems() %}
{% set cached_slave_configuration_section_title = '%s-cached-virtualhost' % slave_reference %}
{% do part_list.append(cached_slave_configuration_section_title) %}
[{{ cached_slave_configuration_section_title }}]
< = jinja2-template-base
template = {{ template_cached_slave_configuration }}
...
...
@@ -328,8 +311,7 @@ extensions = jinja2.ext.do
extra-context =
section slave_parameter {{ slave_configuration_section_name }}
{{ '\n' }}
{% endfor %}
{%- endfor %}
{#- Define IPv6 to IPV4 tunneling #}
[tunnel-6to4-base]
recipe = slapos.cookbook:wrapper
...
...
@@ -359,7 +341,8 @@ ipv6-port = {{ cached_port }}
ipv4-port = {{ ssl_cached_port }}
ipv6-port = {{ ssl_cached_port }}
{# Define log access #}
{#- Define log access #}
[caddy-log-access-parameters]
caddy_log_directory = {{ dumps(caddy_log_directory) }}
caddy_configuration_directory = {{ dumps(caddy_configuration_directory) }}
...
...
@@ -382,15 +365,15 @@ extra-context =
section parameter_dict caddy-log-access-parameters
{# Publish information for the instance #}
{#
-
Publish information for the instance #}
[publish-caddy-information]
recipe = slapos.cookbook:publish.serialised
public-ipv4 = {{ public_ipv4 }}
private-ipv4 = {{ local_ipv4 }}
{% if extra_slave_instance_list %}
{# sort_keys are important in order to avoid shuffling parameters on each run #}
{%
-
if extra_slave_instance_list %}
{#
-
sort_keys are important in order to avoid shuffling parameters on each run #}
slave-instance-information-list = {{ json_module.dumps(slave_instance_information_list, sort_keys=True) }}
{% endif %}
{%
-
endif %}
monitor-base-url = {{ monitor_base_url }}
csr_id-url = https://[${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port}/csr_id.txt
csr_id-certificate = ${get-csr_id-certificate:certificate}
...
...
@@ -418,9 +401,9 @@ update-command = ${:command}
recipe = slapos.recipe.template:jinja2
file = {{ kedifa_updater_mapping_file }}
template = inline:
{% for mapping in kedifa_updater_mapping %}
{%
-
for mapping in kedifa_updater_mapping %}
{{ mapping[0] }} {{ mapping[1] }} {{ mapping[2] }}
{% endfor %}
{%
-
endfor %}
rendered = ${:file}
...
...
@@ -440,12 +423,12 @@ extends =
parts +=
kedifa-updater
kedifa-updater-run
{% for part in part_list %}
{%
-
for part in part_list %}
{{ ' %s' % part }}
{% endfor %}
{% if 'caddy-log-access' not in part_list %}
{%
-
endfor %}
{%
-
if 'caddy-log-access' not in part_list %}
caddy-log-access-empty
{% endif %}
{%
-
endif %}
publish-caddy-information
tunnel-6to4-base-http_port
tunnel-6to4-base-https_port
...
...
@@ -531,4 +514,4 @@ recipe = collective.recipe.shelloutput
commands =
certificate = cat ${certificate-csr_id:certificate}
{%
endif %
}
{%
- endif %} {# if software_type == slap_software_type #
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment