[software/htmlvalidatorserver] Access vnu over https

e94c9345 · Romain Courteaud · efd20411 · e94c9345 · e94c9345 · e94c9345
Commit e94c9345 authored Feb 09, 2018 by Romain Courteaud
4 changed files
--- a/component/java/buildout.cfg
+++ b/component/java/buildout.cfg
@@ -45,3 +45,11 @@ script =
  extract_dir = self.extract(self.download(self.options['url'], self.options.get('md5sum')))
  workdir = guessworkdir(extract_dir)
  self.copyTree(workdir, "%(location)s")
+
+[java-re-8-output]
+# Shared binary location to ease migration
+recipe = plone.recipe.command
+stop-on-error = true
+update-command = ${:command}
+command = ${coreutils-output:test} -x ${:keytool}
+keytool = ${java-re-8:location}/bin/keytool
--- a/software/htmlvalidatorserver/instance-validator.cfg.in
+++ b/software/htmlvalidatorserver/instance-validator.cfg.in
@@ -23,6 +23,20 @@ catalina_conf = $${:catalina_base}/conf
 #################################
 # Tomcat service
 #################################
+[keystore]
+recipe = plone.recipe.command
+command =
+  ${java-re-8-output:keytool} \
+    -genkeypair \
+    -alias "tomcat" \
+    -keyalg RSA \
+    -keypass "$${:pass}" \
+    -dname "CN=Web Server,OU=Unit,O=Organization,L=City,S=State,C=Country" \
+    -keystore "$${:file}" \
+    -storepass "$${:pass}"
+file = $${basedirectory:catalina_base}/.keystore
+pass = insecure
+
 [tomcat-service]
 recipe = slapos.recipe.template
 url = ${template-tomcat-service:output}
@@ -38,6 +52,7 @@ output = $${basedirectory:catalina_conf}/server.xml
 mode = 0600
 ip = $${slap-network-information:global-ipv6}
 port = 8899
+scheme = https

 [tomcat-listen-promise]
 recipe = slapos.cookbook:check_port_listening
@@ -51,7 +66,7 @@ path = $${basedirectory:promises}/tomcat_listen
 [publish-url]
 recipe = slapos.cookbook:publish
 <= monitor-publish
-vnu-url = http://[$${tomcat-configuration:ip}]:$${tomcat-configuration:port}/
+vnu-url = $${tomcat-configuration:scheme}://[$${tomcat-configuration:ip}]:$${tomcat-configuration:port}/

 [monitor-instance-parameter]
 monitor-httpd-port = 8333

--- a/software/htmlvalidatorserver/server.xml.in
+++ b/software/htmlvalidatorserver/server.xml.in
@@ -6,11 +6,14 @@
      address="$${tomcat-configuration:ip}" 
      port="$${tomcat-configuration:port}"
      maxThreads="10"
-      scheme="http"
-      secure="false"
+      scheme="$${tomcat-configuration:scheme}"
+      secure="true"
      clientAuth="false"
+      SSLEnabled="true"
+      keystorePass="$${keystore:pass}"
+      keystoreFile="$${keystore:file}"
    />
-    
+
    <Engine name="Catalina" defaultHost="localhost">
      <Valve className="org.apache.catalina.valves.AccessLogValve"
             directory="logs" prefix="localhost_access_log." suffix=".log"

--- a/software/htmlvalidatorserver/software.cfg
+++ b/software/htmlvalidatorserver/software.cfg
@@ -20,7 +20,7 @@ parts =
 [template-tomcat-configuration]
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/server.xml.in
-md5sum = 8b1db3f4107033985df25bd4730571d3
+md5sum = 9978b8b9e567f33cb4c853fee85f1637
 output = ${buildout:directory}/server.xml.in
 mode = 0644

@@ -37,7 +37,7 @@ mode = 0644
 [template-validator]
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance-validator.cfg.in
-md5sum = 30c0294f5a0cad1f3c2833c1cc61b3c4
+md5sum = 0275d7a8a021f84a1303e5c8933c07c3
 output = ${buildout:directory}/template-validator.cfg
 mode = 0644