Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Stephane VAROQUI
slapos
Commits
a7c361d7
Commit
a7c361d7
authored
Mar 07, 2017
by
Gabriel Monnerat
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
nginx: Generate password and setup Nginx with authentification
Also, publish connection information to SlapOS
parent
32459e14
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
45 additions
and
17 deletions
+45
-17
software/nginx-push-stream/instance-nginx.cfg.in
software/nginx-push-stream/instance-nginx.cfg.in
+33
-12
software/nginx-push-stream/software.cfg
software/nginx-push-stream/software.cfg
+7
-3
software/nginx-push-stream/template-nginx.cfg.in
software/nginx-push-stream/template-nginx.cfg.in
+5
-2
No files found.
software/nginx-push-stream/instance-nginx.cfg.in
View file @
a7c361d7
{% set part_list = [] -%}
[buildout]
{% set crontab_line_list = [] -%}
parts =
nginx-service
htpasswd
htpasswd-runner
publish-connection-information
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[directory]
[directory]
recipe = slapos.cookbook:mkdirectory
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
etc = $${buildout:directory}/etc
...
@@ -35,23 +44,35 @@ error_log = $${directory:log}/nginx-error.log
...
@@ -35,23 +44,35 @@ error_log = $${directory:log}/nginx-error.log
ip = $${slap-network-information:global-ipv6}
ip = $${slap-network-information:global-ipv6}
local_ip = $${slap-network-information:local-ipv4}
local_ip = $${slap-network-information:local-ipv4}
port = 9443
port = 9443
publisher_location_prefix = /pub
publisher_push_stream_store_messages = off
publisher_push_stream_store_messages = off
publisher_client_max_body_size = 16k
publisher_client_max_body_size = 16k
publisher_client_body_buffer_size = 16k
publisher_client_body_buffer_size = 16k
subscriber_allow_origin = '*'
subscriber_allow_origin = '*'
subscriber_location_prefix = /sub
# Prevent to use credential if origin is star
# Prevent to use credential if origin is star
subscriber_allow_credential = 'false'
subscriber_allow_credential = 'false'
subscriber_allow_methods = 'GET, HEAD, OPTIONS'
subscriber_allow_methods = 'GET, HEAD, OPTIONS'
subscriber_allow_headers = 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'
subscriber_allow_headers = 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'
# Add parts generated by template
[htpasswd]
[buildout]
recipe = slapos.cookbook:generate.password
parts =
storage-path = $${directory:etc}/.pwd
nginx-service
bytes = 8
{% for part in part_list -%}
{{ ' %s' % part }}
{% endfor -%}
eggs-directory = ${buildout:eggs-directory}
[htpasswd-runner]
develop-eggs-directory = ${buildout:develop-eggs-directory}
recipe = plone.recipe.command
offline = true
stop-on-error = true
htpasswd-path = $${directory:etc}/.htpasswd
command = if [ ! -f "$${:htpasswd-path}" ]; then ${buildout:bin-directory}/htpasswd -cb $${:htpasswd-path} $${:user} $${:password}; fi
update-command = $${:command}
user = admin
password = $${htpasswd:passwd}
[publish-connection-information]
recipe = slapos.cookbook:publish
init-password = $${htpasswd:passwd}
init-user = $${htpasswd-runner:user}
publisher-url = http://$${htpasswd-runner:user}:$${htpasswd:passwd}@[$${nginx-configuration:ip}]:$${nginx-configuration:port}$${nginx-configuration:publisher_location_prefix}
subscriber-url = http://$${htpasswd-runner:user}:$${htpasswd:passwd}@[$${nginx-configuration:ip}]:$${nginx-configuration:port}$${nginx-configuration:subscriber_location_prefix}
software/nginx-push-stream/software.cfg
View file @
a7c361d7
...
@@ -13,6 +13,10 @@ parts =
...
@@ -13,6 +13,10 @@ parts =
template-nginx-service
template-nginx-service
template-nginx
template-nginx
[slapos-cookbook]
eggs +=
slapos.toolbox
[template]
[template]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
url = ${:_profile_base_location_}/instance.cfg.in
...
@@ -30,17 +34,17 @@ mode = 0644
...
@@ -30,17 +34,17 @@ mode = 0644
[template-nginx-configuration]
[template-nginx-configuration]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/template-nginx.cfg.in
url = ${:_profile_base_location_}/template-nginx.cfg.in
md5sum =
58cd6a59089ab93bb3ec0f5d12888500
md5sum =
f5658154b82282bc1871f18ddf4529d8
output = ${buildout:directory}/template-nginx.cfg.in
output = ${buildout:directory}/template-nginx.cfg.in
mode = 0644
mode = 0644
[template-nginx]
[template-nginx]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-nginx.cfg.in
url = ${:_profile_base_location_}/instance-nginx.cfg.in
md5sum =
478085d0abb0ffc0b259c038bddae205
md5sum =
936fea88f5548c4f14e287f1b27dc127
output = ${buildout:directory}/instance-nginx.cfg.in
output = ${buildout:directory}/instance-nginx.cfg.in
mode = 0644
mode = 0644
[versions]
[versions]
plone.recipe.command = 1.1
slapos.recipe.template = 2.7
slapos.recipe.template = 2.7
slapos.toolbox = 0.65
software/nginx-push-stream/template-nginx.cfg.in
View file @
a7c361d7
...
@@ -65,12 +65,15 @@ server {
...
@@ -65,12 +65,15 @@ server {
client_body_temp_path $${directory:varnginx} 1 2;
client_body_temp_path $${directory:varnginx} 1 2;
proxy_temp_path $${directory:varnginx} 1 2;
proxy_temp_path $${directory:varnginx} 1 2;
auth_basic "Nginx Access";
auth_basic_user_file $${htpasswd-runner:htpasswd-path};
## Serve an error 204 (No Content) for favicon.ico
## Serve an error 204 (No Content) for favicon.ico
location = /favicon.ico {
location = /favicon.ico {
return 204;
return 204;
}
}
location
/pub
{
location
$${nginx-configuration:publisher_location_prefix}
{
push_stream_publisher;
push_stream_publisher;
push_stream_channels_path $arg_id;
push_stream_channels_path $arg_id;
...
@@ -85,7 +88,7 @@ server {
...
@@ -85,7 +88,7 @@ server {
}
}
location ~
/sub
/(.*) {
location ~
$${nginx-configuration:subscriber_location_prefix}
/(.*) {
# activate subscriber mode for this location
# activate subscriber mode for this location
add_header "Access-Control-Allow-Origin" $${nginx-configuration:subscriber_allow_origin};
add_header "Access-Control-Allow-Origin" $${nginx-configuration:subscriber_allow_origin};
add_header 'Access-Control-Allow-Credentials' $${nginx-configuration:subscriber_allow_credential};
add_header 'Access-Control-Allow-Credentials' $${nginx-configuration:subscriber_allow_credential};
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment