Commit d5b0e007 authored by Jérome Perrin's avatar Jérome Perrin

software/jstestnode: serve test files on https

Now that we have a more modern firefox, it requires secure context for
many things. This fixes `TypeError: crypto.subtle is undefined` test
failures for JIO.
parent 83122688
Pipeline #32347 passed with stage
in 0 seconds
...@@ -15,16 +15,16 @@ ...@@ -15,16 +15,16 @@
[instance] [instance]
filename = instance.cfg.in filename = instance.cfg.in
md5sum = 84380fe6c268301a1e1f501e53943f58 md5sum = ad2797e1b83b6b3221f831950075a057
[template-nginx-service] [template-nginx-service]
filename = template-nginx-service.sh.in filename = template-nginx-service.sh.in
md5sum = 458870b70c33a1621b68961ae2372ad5 md5sum = d718fb950862769e57100986cfabb180
[template-nginx-configuration] [template-nginx-configuration]
filename = template-nginx.cfg.in filename = template-nginx.cfg.in
md5sum = 98faa5ad8cfb23a11d97a459078a1d05 md5sum = f15c5d9b8c2cf39cb6b2070d8d9d3a92
[template-runTestSuite] [template-runTestSuite]
filename = runTestSuite.in filename = runTestSuite.in
md5sum = 5db53d622bd68fb07e078ddc4403a240 md5sum = 98b7d79eb6af1c4120e3848e9e6fca61
...@@ -10,7 +10,7 @@ offline = true ...@@ -10,7 +10,7 @@ offline = true
[publish] [publish]
recipe = slapos.cookbook:publish.serialised recipe = slapos.cookbook:publish.serialised
nginx = http://[$${nginx-configuration:ip}]:$${nginx-configuration:port}/ nginx = https://[$${nginx-configuration:ip}]:$${nginx-configuration:port}/
[directory] [directory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
...@@ -97,13 +97,13 @@ virtual-depends = ...@@ -97,13 +97,13 @@ virtual-depends =
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${template-nginx-configuration:output} url = ${template-nginx-configuration:output}
output = $${directory:etc}/nginx.cfg output = $${directory:etc}/nginx.cfg
access_log = $${directory:log}/nginx-access.log access-log = $${directory:log}/nginx-access.log
error_log = $${directory:log}/nginx-error.log error-log = $${directory:log}/nginx-error.log
ip = $${instance-parameter:ipv6-random} ip = $${instance-parameter:ipv6-random}
port = 9443 port = 9443
ssl_key = $${directory:ssl}/nginx.key ssl-csr = $${directory:ssl}/nginx.csr
ssl_csr = $${directory:ssl}/nginx.csr ssl-key = $${directory:ssl}/nginx.key
ssl_crt = $${directory:ssl}/nginx.crt ssl-crt = $${directory:ssl}/nginx.crt
[nginx-listen-promise] [nginx-listen-promise]
recipe = slapos.cookbook:check_port_listening recipe = slapos.cookbook:check_port_listening
......
...@@ -22,7 +22,7 @@ os.environ['XORG_LOCK_DIR'] = '$${xvfb-instance:lock-dir}' ...@@ -22,7 +22,7 @@ os.environ['XORG_LOCK_DIR'] = '$${xvfb-instance:lock-dir}'
os.environ['DISPLAY'] = '$${xvfb-instance:display}' os.environ['DISPLAY'] = '$${xvfb-instance:display}'
os.environ['FONTCONFIG_FILE'] = '$${fontconfig-conf:output}' os.environ['FONTCONFIG_FILE'] = '$${fontconfig-conf:output}'
BASE_URL = 'http://[$${nginx-configuration:ip}]:$${nginx-configuration:port}/' BASE_URL = 'https://[$${nginx-configuration:ip}]:$${nginx-configuration:port}/'
ETC_DIRECTORY = '$${directory:etc}' ETC_DIRECTORY = '$${directory:etc}'
def main(): def main():
...@@ -91,6 +91,7 @@ def main(): ...@@ -91,6 +91,7 @@ def main():
if target == 'firefox': if target == 'firefox':
firefox_capabilities = webdriver.common.desired_capabilities.DesiredCapabilities.FIREFOX firefox_capabilities = webdriver.common.desired_capabilities.DesiredCapabilities.FIREFOX
firefox_capabilities['marionette'] = True firefox_capabilities['marionette'] = True
firefox_capabilities['acceptInsecureCerts'] = True
browser = webdriver.Firefox( browser = webdriver.Firefox(
capabilities=firefox_capabilities, capabilities=firefox_capabilities,
firefox_binary='${firefox-wrapper:location}', firefox_binary='${firefox-wrapper:location}',
......
...@@ -2,16 +2,16 @@ ...@@ -2,16 +2,16 @@
# BEWARE: This file is operated by slapos node # BEWARE: This file is operated by slapos node
# BEWARE: It will be overwritten automatically # BEWARE: It will be overwritten automatically
if [ ! -e $${nginx-configuration:ssl_crt} ] if [ ! -e $${nginx-configuration:ssl-crt} ]
then then
${openssl-output:openssl} genrsa -out $${nginx-configuration:ssl_key} 2048 ${openssl-output:openssl} genrsa -out $${nginx-configuration:ssl-key} 2048
${openssl-output:openssl} req -new \ ${openssl-output:openssl} req -new \
-subj "/C=AA/ST=Denial/L=Nowhere/O=Dis/CN=$${nginx-configuration:ip}" \ -subj "/C=AA/ST=Denial/L=Nowhere/O=Dis/CN=$${nginx-configuration:ip}" \
-key $${nginx-configuration:ssl_key} -out $${nginx-configuration:ssl_csr} -key $${nginx-configuration:ssl-key} -out $${nginx-configuration:ssl-csr}
${openssl-output:openssl} x509 -req -days 365 \ ${openssl-output:openssl} x509 -req -days 365 \
-in $${nginx-configuration:ssl_csr} \ -in $${nginx-configuration:ssl-csr} \
-signkey $${nginx-configuration:ssl_key} \ -signkey $${nginx-configuration:ssl-key} \
-out $${nginx-configuration:ssl_crt} -out $${nginx-configuration:ssl-crt}
fi fi
exec ${nginx-output:nginx} \ exec ${nginx-output:nginx} \
......
...@@ -8,7 +8,7 @@ events { ...@@ -8,7 +8,7 @@ events {
# multi_accept on; # multi_accept on;
} }
error_log $${nginx-configuration:error_log}; error_log $${nginx-configuration:error-log};
http { http {
...@@ -33,8 +33,8 @@ http { ...@@ -33,8 +33,8 @@ http {
# Logging Settings # Logging Settings
## ##
access_log $${nginx-configuration:access_log}; access_log $${nginx-configuration:access-log};
error_log $${nginx-configuration:error_log}; error_log $${nginx-configuration:error-log};
## ##
# Gzip Settings # Gzip Settings
...@@ -51,11 +51,9 @@ http { ...@@ -51,11 +51,9 @@ http {
gzip_types text/html text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript; gzip_types text/html text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
server { server {
listen [$${nginx-configuration:ip}]:$${nginx-configuration:port}; listen [$${nginx-configuration:ip}]:$${nginx-configuration:port} ssl;
ssl_certificate $${nginx-configuration:ssl-crt};
# ssl on; ssl_certificate_key $${nginx-configuration:ssl-key};
# ssl_certificate $${nginx-configuration:ssl_crt};
# ssl_certificate_key $${nginx-configuration:ssl_key};
fastcgi_temp_path $${directory:varnginx} 1 2; fastcgi_temp_path $${directory:varnginx} 1 2;
uwsgi_temp_path $${directory:varnginx} 1 2; uwsgi_temp_path $${directory:varnginx} 1 2;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment