Accept frontend parameters to pass to the slave.

b484bcda · Rafael Monnerat · 596225bb · b484bcda · 596225bb · b484bcda
Commit b484bcda authored Aug 12, 2015 by Rafael Monnerat
5 changed files
--- a/software/cdn-me/instance-cdn-me-input-schema.json
+++ b/software/cdn-me/instance-cdn-me-input-schema.json
+{
+  "type": "object",
+  "$schema": "http://json-schema.org/draft-04/schema",
+  "title": "Input Parameters",
+  "properties": {
+    "port": {
+      "title": "Backend port",
+      "description": "Port where the service is running on the backend",
+      "default": 80,
+      "type": "integer"
+    },
+    "frontend-custom_domain": {
+      "title": "Custom Domain",
+      "description": "Custom Domain to use for the website",
+      "type": "string",
+      "pattern": "^([a-zA-Z0-9]([a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9])?\\.)+[a-zA-Z]{2,6}$"
+    },
+    "frontend-server-alias": {
+      "title": "Server Alias",
+      "description": "Server Alias List separated by space",
+      "type": "string",
+      "default": ""
+    },
+    "frontend-type": {
+      "title": "Backend Type",
+      "description": "Type of slave. If redirect, the slave will redirect to the given url. If zope, the rewrite rules will be compatible with Virtual Host Monster",
+      "type": "string",
+      "default": "",
+      "enum": ["", "zope", "redirect"]
+    },
+    "frontend-path": {
+      "title": "Backend Path",
+      "description": "Path to proxy to in the backend",
+      "type": "string",
+      "default": ""
+    },
+    "frontend-default-path": {
+      "title": "Default Path",
+      "description": "Provide default path to redirect user to",
+      "type": "string",
+      "default": ""
+    },
+    "frontend-ssl_crt": {
+      "title": "SSL Certificate",
+      "description": "SSL Certificate",
+      "type": "string",
+      "default": ""
+    },
+    "frontend-ssl_key": {
+      "title": "SSL Key",
+      "description": "SSL Key",
+      "type": "string",
+      "default": ""
+    },
+    "frontend-ssl_ca_crt": {
+      "title": "SSL Certificate Authority's Certificate",
+      "description": "SSL Key",
+      "type": "string",
+      "default": ""
+    },
+    "frontend-https-only": {
+      "title": "HTTPS Only",
+      "description": "If set to true, http request are redirect to https",
+      "type": "string",
+      "default": "false",
+      "enum": ["false", "true"]
+    },
+    "frontend-ssl-proxy-verify": {
+      "title": "Verify Backend Certificates",
+      "description": "If set to true, Backend Certificates are checked",
+      "type": "string",
+      "default": "false",
+      "enum": ["false", "true"]
+    },
+    "frontend-ssl_proxy_ca_crt": {
+      "title": "SSL Backend Authority's Certificate",
+      "description": "SSL Certificate Authority of the backen (to be used with ssl-proxy-verify)",
+      "type": "string",
+      "default": ""
+    },
+    "frontend-enable_cache": {
+      "title": "Enable Cache",
+      "description": "If set to true, the cache is used",
+      "type": "string",
+      "default": "false",
+      "enum": ["false", "true"]
+    },
+    "frontend-disable-no-cache-request": {
+      "title": "Disable 'no-cache' requests",
+      "description": "If set to true, no-cache control headers will be disabled",
+      "type": "string",
+      "default": "false",
+      "enum": ["false", "true"]
+    },
+    "frontend-disable-via-header": {
+      "title": "Disable 'Via' headers from cache",
+      "description": "If set to true, via headers will be disabled",
+      "type": "string",
+      "default": "false",
+      "enum": ["false", "true"]
+    },
+    "frontend-prefer-gzip-encoding-to-backend": {
+      "title": "Prefer gzip Encoding for Backend",
+      "description": "If set to true, if a request is made with accept encoding 'gzip', only that one will be transferred to the backend",
+      "type": "string",
+      "default": "false",
+      "enum": ["false", "true"]
+    },
+    "frontend-disabled-cookie-list": {
+      "title": "Disabled Cookies",
+      "description": "List of Cookies separated by space that will not be sent to the backend",
+      "type": "string",
+      "default": ""
+    }
+  }
+}
--- a/software/cdn-me/instance-cdn-request.cfg
+++ b/software/cdn-me/instance-cdn-request.cfg
-[buildout]
-parts =
-  request-re6stnet-token-slave
-  request-frontend-token-slave
-eggs-directory = ${buildout:eggs-directory}
-develop-eggs-directory = ${buildout:develop-eggs-directory}
-offline = true
-# Create all needed directories
-[directory]
-recipe = slapos.cookbook:mkdirectory
-home = $${buildout:directory}
-etc = $${:home}/etc/
-var = $${:home}/var/
-srv = $${:home}/srv/
-bin = $${:home}/bin/
-tmp = $${:home}/tmp/
-[request-frontend-token-slave]
-<= slap-connection
-recipe = slapos.cookbook:requestoptional
-name = WebSite Frontend
-# XXX We have hardcoded SR URL here.
-software-url = product.frontend
-slave = true
-config-url = http://$${request-re6stnet-token-slave:connection-ipv6}/
-config-domain = $${slap-parameter:frontend-domain}
-return = site_url domain
-[request-re6stnet-token-slave]
-<= slap-connection
-recipe = slapos.cookbook:requestoptional
-name = Re6st token Frontend
-# XXX We have hardcoded SR URL here.
-software-url = product.re6st
-slave = true
-return = token info_1 ipv6
-[publish-connection-informations]
-recipe = slapos.cookbook:publish
-url =  https://$${request-frontend-token-slave:connection-domain}
-token = $${request-re6stnet-token-slave:connection-token}
-ipv6 = $${request-re6stnet-token-slave:connection-ipv6}
-info_1 = $${request-re6stnet-token-slave:info_1}
\ No newline at end of file
--- a/software/cdn-me/instance-cdn-request.cfg.jinja2
+++ b/software/cdn-me/instance-cdn-request.cfg.jinja2
+[buildout]
+parts =
+  request-re6stnet-token-slave
+  request-frontend-token-slave
+eggs-directory = ${buildout:eggs-directory}
+develop-eggs-directory = ${buildout:develop-eggs-directory}
+offline = true
+# Create all needed directories
+[directory]
+recipe = slapos.cookbook:mkdirectory
+home = $${buildout:directory}
+etc = $${:home}/etc/
+var = $${:home}/var/
+srv = $${:home}/srv/
+bin = $${:home}/bin/
+tmp = $${:home}/tmp/
+[request-frontend-token-slave]
+<= slap-connection
+recipe = slapos.cookbook:requestoptional
+name = WebSite Frontend
+# XXX We have hardcoded SR URL here.
+software-url = product.frontend
+slave = true
+{% if slapparameter_dict.get('frontend-custom_domain', '80') != '443' %}
+config-url = https://[$${request-re6stnet-token-slave:connection-ipv6}1]:{{ slapparameter_dict.get('port', '80') }}/
+{% endif -%}
+{% if slapparameter_dict.get('frontend-custom_domain', '80') == '443' %}
+config-url = https://[$${request-re6stnet-token-slave:connection-ipv6}1]:{{ slapparameter_dict.get('port', '443') }}/
+{% endif -%}
+{% if slapparameter_dict.get('frontend-custom_domain', '') %}
+config-custom_domain = {{ slapparameter_dict.get('frontend-custom_domain', '') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-server-alias', '') %}
+config-server-alias = {{ slapparameter_dict.get('frontend-server-alias', '') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-type', '') %}
+config-type = {{ slapparameter_dict.get('frontend-type', '') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-path', '') %}
+config-path = {{ slapparameter_dict.get('frontend-path', '') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-default-path', '') %}
+config-default-path = {{ slapparameter_dict.get('frontend-default-path', '') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-ssl_crt', '') %}
+config-ssl_crt = {{ slapparameter_dict.get('frontend-ssl_crt', '').split('\n') | join('\n  ') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-ssl_key', '') %}
+config-ssl_key = {{ slapparameter_dict.get('frontend-ssl_key', '').split('\n') | join('\n  ') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-ssl_ca_crt', '') %}
+config-ssl_ca_crt = {{ slapparameter_dict.get('frontend-ssl_ca_crt', '').split('\n') | join('\n  ') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-https-only', '') %}
+config-https-only = {{ slapparameter_dict.get('frontend-https-only', '') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-ssl-proxy-verify', '') %}
+config-ssl-proxy-verify = {{ slapparameter_dict.get('frontend-ssl-proxy-verify', '') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-ssl_proxy_ca_crt', '') %}
+config-ssl_proxy_ca_crt = {{ slapparameter_dict.get('frontend-ssl_proxy_ca_crt', '').split('\n') | join('\n  ') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-enable_cache', '') %}
+config-enable_cache = {{ slapparameter_dict.get('frontend-enable_cache', '') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-disable-no-cache-request', '') %}
+config-disable-no-cache-request = {{ slapparameter_dict.get('frontend-disable-no-cache-request', '') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-disable-via-header', '') %}
+config-disable-via-header = {{ slapparameter_dict.get('frontend-disable-via-header', '') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-prefer-gzip-encoding-to-backend', '') %}
+config-prefer-gzip-encoding-to-backend = {{ slapparameter_dict.get('frontend-prefer-gzip-encoding-to-backend', '') }}
+{% endif -%}
+{% if slapparameter_dict.get('frontend-disabled-cookie-list', '') %}
+config-disabled-cookie-list = {{ slapparameter_dict.get('frontend-disabled-cookie-list', '') }}
+{% endif -%}
+return = site_url domain
+[request-re6stnet-token-slave]
+<= slap-connection
+recipe = slapos.cookbook:requestoptional
+name = Re6st token Frontend
+# XXX We have hardcoded SR URL here.
+software-url = product.re6st
+slave = true
+return = token info_1 ipv6
+[publish-connection-informations]
+recipe = slapos.cookbook:publish
+url =  https://$${request-frontend-token-slave:connection-domain}
+token = $${request-re6stnet-token-slave:connection-token}
+ipv6 = $${request-re6stnet-token-slave:connection-ipv6}
+info_1 = $${request-re6stnet-token-slave:info_1}
--- a/software/cdn-me/software.cfg
+++ b/software/cdn-me/software.cfg
@@ -6,7 +6,6 @@ extends =
 # to avoid versioning issues
 parts =
-  slapos-cookbook-develop
  template
  eggs
  template-cdn-request
@@ -20,9 +19,9 @@ mode = 0644
 [template-cdn-request]
 recipe = slapos.recipe.template
-url = ${:_profile_base_location_}/instance-cdn-request.cfg
+url = ${:_profile_base_location_}/instance-cdn-request.cfg.jinja2
-output = ${buildout:directory}/template-cdn-request.cfg
+output = ${buildout:directory}/template-cdn-request.cfg.jinja2
-md5sum = 4c5ad2a5e9c4364588e1e4212ed8d1aa
+md5sum = b450c721194eb0834e3738158195975a
 mode = 0644
 [slapos.cookbook-repository]
@@ -37,4 +36,11 @@ eggs =
  lock-file
  plone.recipe.command
  slapos.recipe.build
  ${slapos-cookbook:eggs}
\ No newline at end of file
+[versions]
+cns.recipe.symlink = 0.2.3
+collective.recipe.environment = 0.2.0
+erp5.util = 0.4.42
+plone.recipe.command = 1.1
+slapos.recipe.template = 2.8
--- a/software/cdn-me/software.cfg.json
+++ b/software/cdn-me/software.cfg.json
+{
+    "name": "CDN ME",
+    "description": "CDN ME",
+    "serialisation": "xml",
+    "software-type": {
+        "default": {
+            "title": "Default",
+            "description": "Re6st registry",
+            "request": "instance-cdn-me-input-schema.json",
+            "response": "instance-cdn-me-output-schema.json",
+            "index": 0
+        }
+}
\ No newline at end of file