Apache recipe now works with the myinstance.myhostname schema

example : https://softinst118.host.vifib.net can redirect to any url specified in slave.
parent b3f9e84d
master cloudooooverloadtestsuite erp5trial extooo for_testsuite logrotatemonitor noooo noooo_for_testsuite onlyoffice onlyoffice-squash ooo patches pypi reafs/heads/ipython testsuite tristan-erp5-cluster 1.0.47 1.0.19 1.0.18 1.0.17 1.0.16 1.0.15 1.0.14 1.0.13 1.0.12 1.0.11 1.0.10 1.0.9 1.0.8.1 1.0.8 1.0.7 1.0.6 1.0.5 1.0.4 1.0.3 1.0.2 1.0.1 vifib-20150331 vifib-20150203 vifib-20150130 vifib-20150123 vifib-20150116 vifib-20141222 vifib-20141119 slaprunner-resilient-v1 slaprunner-resilient-v1-RC1 slapos.core-1.0.0rc6-1 slapos.cookbook-0.103 slapos.cookbook-0.102 slapos.cookbook-0.101 slapos.cookbook-0.100 slapos.cookbook-0.99 slapos.cookbook-0.98 slapos.cookbook-0.97 slapos.cookbook-0.96 slapos.cookbook-0.95 slapos.cookbook-0.94 slapos.cookbook-0.93 slapos.cookbook-0.92 slapos.cookbook-0.91 slapos.cookbook-0.90 slapos.cookbook-0.89 slapos.cookbook-0.88 slapos.cookbook-0.87 slapos.cookbook-0.86 slapos.cookbook-0.85 slapos.cookbook-0.84.2 slapos.cookbook-0.84.1 slapos.cookbook-0.84 slapos.cookbook-0.83.1 slapos.cookbook-0.83 slapos.cookbook-0.82 slapos.cookbook-0.81 slapos.cookbook-0.80 slapos.cookbook-0.79 slapos.cookbook-0.78.5 slapos.cookbook-0.78.4 slapos.cookbook-0.78.3 slapos.cookbook-0.78.2 slapos.cookbook-0.78.1 slapos.cookbook-0.78.0 slapos.cookbook-0.77.1 slapos.cookbook-0.77.0 slapos.cookbook-0.76.0 slapos.cookbook-0.75.0 slapos.cookbook-0.74.0 slapos.cookbook-0.73.1 slapos.cookbook-0.72.0 slapos.cookbook-0.71.4 slapos.cookbook-0.71.3 slapos.cookbook-0.71.2 slapos.cookbook-0.71.1 slapos.cookbook-0.71 slapos.cookbook-0.70 slapos.cookbook-0.69 slapos.cookbook-0.68.1 slapos.cookbook-0.68 slapos.cookbook-0.67 slapos.cookbook-0.66 slapos.cookbook-0.64.2 slapos.cookbook-0.64.1 slapos.cookbook-0.64 slapos.cookbook-0.63 slapos.cookbook-0.62 slapos.cookbook-0.61 slapos.cookbook-0.60 slapos.cookbook-0.59 slapos.cookbook-0.58 slapos.cookbook-0.57 slapos.cookbook-0.55 slapos.cookbook-0.54.1 slapos.cookbook-0.54 slapos.cookbook-0.53 slapos.cookbook-0.51 slapos.cookbook-0.50 slapos.cookbook-0.49 slapos.cookbook-0.48 slapos.cookbook-0.47 slapos.cookbook-0.46 slapos.cookbook-0.45 slapos.cookbook-0.44 slapos.cookbook-0.43 slapos.cookbook-0.42 slapos.cookbook-0.41 slapos.cookbook-0.40.1 slapos.cookbook-0.40 slapos-legacy-flask-stack slapos-159 slapos-0.271 slapos-0.270 slapos-0.269 slapos-0.268 slapos-0.267 slapos-0.266 slapos-0.265 slapos-0.264 slapos-0.263 slapos-0.262 slapos-0.261 slapos-0.260 slapos-0.259.2 slapos-0.259.1 slapos-0.259 slapos-0.258 slapos-0.257 slapos-0.256 slapos-0.255 slapos-0.254 slapos-0.253.3 slapos-0.253.2 slapos-0.253.1 slapos-0.253 slapos-0.252.1 slapos-0.252 slapos-0.251 slapos-0.250.2 slapos-0.250.1 slapos-0.250 slapos-0.249.1 slapos-0.249 slapos-0.248.1 slapos-0.248 slapos-0.247.1 slapos-0.247 slapos-0.246 slapos-0.245 slapos-0.244 slapos-0.243 slapos-0.242 slapos-0.241 slapos-0.240.0 slapos-0.240 slapos-0.239 slapos-0.238 slapos-0.237 slapos-0.236 slapos-0.235 slapos-0.234 slapos-0.233 slapos-0.232 slapos-0.231 slapos-0.230 slapos-0.229 slapos-0.228 slapos-0.227 slapos-0.226 slapos-0.225 slapos-0.224 slapos-0.223.1 slapos-0.223 slapos-0.222 slapos-0.221 slapos-0.220 slapos-0.219 slapos-0.218.2 slapos-0.218.1 slapos-0.218 slapos-0.217 slapos-0.217-B1 slapos-0.216 slapos-0.215 slapos-0.214 slapos-0.213 slapos-0.212 slapos-0.211 slapos-0.210 slapos-0.209 slapos-0.208 slapos-0.207 slapos-0.206 slapos-0.205 slapos-0.204 slapos-0.203 slapos-0.202 slapos-0.201 slapos-0.200 slapos-0.199 slapos-0.199-hotfix-20140409 slapos-0.198 slapos-0.197 slapos-0.196 slapos-0.195 slapos-0.194-RC3 slapos-0.194-RC2 slapos-0.194-RC1 slapos-0.193 slapos-0.192 slapos-0.191 slapos-0.190 slapos-0.189 slapos-0.188 slapos-0.187 slapos-0.186 slapos-0.185 slapos-0.184 slapos-0.183 slapos-0.182 slapos-0.181 slapos-0.180 slapos-0.179 slapos-0.178 slapos-0.177.5 slapos-0.177.4 slapos-0.177.3 slapos-0.177.2 slapos-0.177.1 slapos-0.177 slapos-0.176.4 slapos-0.176.3 slapos-0.176.2 slapos-0.176.1 slapos-0.176 slapos-0.175 slapos-0.174 slapos-0.173 slapos-0.172 slapos-0.171 slapos-0.170 slapos-0.169 slapos-0.168.9 slapos-0.168.8 slapos-0.168.7 slapos-0.168.6 slapos-0.168.5 slapos-0.168.4 slapos-0.168.3 slapos-0.168.2 slapos-0.168.1 slapos-0.168 slapos-0.167 slapos-0.166 slapos-0.165 slapos-0.164 slapos-0.163 slapos-0.162 slapos-0.161 slapos-0.160 slapos-0.159 slapos-0.158 slapos-0.157 slapos-0.156 slapos-0.155 slapos-0.154 slapos-0.153 slapos-0.152 slapos-0.151 slapos-0.150 slapos-0.149 slapos-0.148 slapos-0.147 slapos-0.146 slapos-0.145 slapos-0.144 slapos-0.143 slapos-0.142 slapos-0.141 slapos-0.140 slapos-0.139 slapos-0.138 slapos-0.137 slapos-0.136 slapos-0.135.1 slapos-0.135 slapos-0.134 slapos-0.133 slapos-0.132 slapos-0.131 slapos-0.130 slapos-0.129 slapos-0.128 slapos-0.127 slapos-0.126 slapos-0.125 slapos-0.124 slapos-0.123 slapos-0.122 slapos-0.121 slapos-0.120 slapos-0.119 slapos-0.118 slapos-0.117.1 slapos-0.117 slapos-0.116 slapos-0.115 slapos-0.114 slapos-0.113 slapos-0.112 slapos-0.111 slapos-0.110 slapos-0.109 slapos-0.108 slapos-0.107 slapos-0.106 slapos-0.105 slapos-0.104 slapos-0.103 slapos-0.102 slapos-0.101 slapos-0.100 slapos-0.99 slapos-0.98.2 slapos-0.98.1 slapos-0.98 slapos-0.97 slapos-0.96 slapos-0.95 slapos-0.94 slapos-0.93 slapos-0.92 slapos-0.91 slapos-0.90 slapos-0.89 slapos-0.88 slapos-0.87 slapos-0.86 slapos-0.85 slapos-0.84 slapos-0.83 slapos-0.82 slapos-0.81 slapos-0.80 slapos-0.79 slapos-0.78 slapos-0.77 slapos-0.76 slapos-0.75.2 slapos-0.75.1 slapos-0.75 slapos-0.74 slapos-0.73.1 slapos-0.73 erp5-cluster-0.1.1 cygwin-resstack-3 cygwin-resstack-2 cygwin-resstack-1 cygwin-cachetest-4 cygwin-cachetest-3 cygwin-cachetest-2 cygwin-cachetest-1 apache_frontend_prod_test
No related merge requests found
......@@ -69,8 +69,8 @@ class Recipe(BaseSlapRecipe):
if url is None:
continue
reference = slave_instance.get("slave_reference")
slave_dict[reference] = "https://%s.%s" % (reference.replace("-", ""),
base_url)
subdomain = reference.replace("-", "").lower()
slave_dict[reference] = "https://%s.%s" % (subdomain, base_url)
enable_cache = slave_instance.get("enable_cache", "")
if enable_cache.upper() in ('1', 'TRUE'):
......@@ -103,11 +103,13 @@ class Recipe(BaseSlapRecipe):
public_port=stunnel_port,
private_ip=slave_host.replace("[", "").replace("]", ""),
private_port=slave_port)
rewrite_rule_list.append("%s http://%s:%s" % \
(reference.replace("-", ""), varnish_ip, base_varnish_port))
rewrite_rule_list.append("%s.%s http://%s:%s" % \
(reference.replace("-", ""), frontend_domain_name,
varnish_ip, base_varnish_port))
base_varnish_port += 2
else:
rewrite_rule_list.append("%s %s" % (reference.replace("-", ""), url))
rewrite_rule_list.append("%s.%s %s" % (subdomain, frontend_domain_name,
url))
valid_certificate_str = self.parameter_dict.get("domain_ssl_ca_cert")
valid_key_str = self.parameter_dict.get("domain_ssl_ca_key")
......@@ -197,7 +199,6 @@ class Recipe(BaseSlapRecipe):
crontabs = os.path.join(self.etc_directory, 'crontabs')
self._createDirectory(cron_d)
self._createDirectory(crontabs)
# Use execute from erp5.
wrapper = zc.buildout.easy_install.scripts([('crond',
'slapos.recipe.librecipe.execute', 'execute')], self.ws, sys.executable,
self.wrapper_directory, arguments=[
......@@ -258,7 +259,7 @@ class Recipe(BaseSlapRecipe):
self._writeFile(openssl_configuration, pkg_resources.resource_string(
__name__, 'template/openssl.cnf.ca.in') % config)
self.path_list.extend(zc.buildout.easy_install.scripts([
('certificate_authority', 'slapos.recipe.erp5.certificate_authority',
('certificate_authority', 'slapos.recipe.apache.certificate_authority',
'runCertificateAuthority')],
self.ws, sys.executable, self.wrapper_directory, arguments=[dict(
openssl_configuration=openssl_configuration,
......@@ -291,6 +292,8 @@ class Recipe(BaseSlapRecipe):
name + '.pid')
apache_conf['lock_file'] = os.path.join(self.run_directory,
name + '.lock')
apache_conf['document_root'] = os.path.join(self.data_root_directory,
'htdocs')
apache_conf['ip_list'] = ip_list
apache_conf['port'] = port
apache_conf['server_admin'] = 'admin@'
......@@ -377,15 +380,26 @@ class Recipe(BaseSlapRecipe):
self.path_list.append(wrapper)
return stunnel_conf
def installFrontendApache(self, ip_list, port, key, certificate,
name, rewrite_rule_list, rewrite_rule_zope_list,
def installFrontendApache(self, ip_list, port, key, certificate, name,
rewrite_rule_list=[], rewrite_rule_zope_list=[],
access_control_string=None):
# Create htdocs, populate it with default 404 document
htdocs_location = os.path.join(self.data_root_directory, 'htdocs')
self._createDirectory(htdocs_location)
notfound_file_location = os.path.join(htdocs_location, 'notfound.html')
notfound_template_file_location = self.getTemplateFilename(
'notfound.html')
notfound_file_content = open(notfound_template_file_location, 'r').read()
self._writeFile(notfound_file_location, notfound_file_content)
# Create configuration file and rewritemaps
apachemap_name = "apachemap.txt"
# XXX-Cedric : implement zope specific rewrites list. Current apachemap is
# generic and does not use VirtualHost Monster.
apachemapzope_name = "apachemapzope.txt"
self.createConfigurationFile(apachemap_name, "\n".join(rewrite_rule_list))
self.createConfigurationFile(apachemapzope_name,
"\n".join(rewrite_rule_zope_list))
apache_conf = self._getApacheConfigurationDict(name, ip_list, port)
apache_conf['ssl_snippet'] = self.substituteTemplate(
self.getTemplateFilename('apache.ssl-snippet.conf.in'),
......@@ -400,6 +414,7 @@ class Recipe(BaseSlapRecipe):
apache_conf.update(**dict(
path_enable=path,
apachemap_path=os.path.join(self.etc_directory, apachemap_name),
apachemapzope_path=os.path.join(self.etc_directory, apachemapzope_name),
apache_domain=name,
port=port,
))
......@@ -410,6 +425,7 @@ class Recipe(BaseSlapRecipe):
apache_config_file = self.createConfigurationFile(name + '.conf',
apache_conf_string)
self.path_list.append(apache_config_file)
self.path_list.extend(zc.buildout.easy_install.scripts([(
name, 'slapos.recipe.erp5.apache', 'runApache')], self.ws,
......
import os
import subprocess
import time
import ConfigParser
import uuid
def popenCommunicate(command_list, input=None):
subprocess_kw = dict(stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
if input is not None:
subprocess_kw.update(stdin=subprocess.PIPE)
popen = subprocess.Popen(command_list, **subprocess_kw)
result = popen.communicate(input)[0]
if popen.returncode is None:
popen.kill()
if popen.returncode != 0:
raise ValueError('Issue during calling %r, result was:\n%s' % (
command_list, result))
return result
class CertificateAuthority:
def __init__(self, key, certificate, openssl_binary,
openssl_configuration, request_dir):
self.key = key
self.certificate = certificate
self.openssl_binary = openssl_binary
self.openssl_configuration = openssl_configuration
self.request_dir = request_dir
def checkAuthority(self):
file_list = [ self.key, self.certificate ]
ca_ready = True
for f in file_list:
if not os.path.exists(f):
ca_ready = False
break
if ca_ready:
return
for f in file_list:
if os.path.exists(f):
os.unlink(f)
try:
# no CA, let us create new one
popenCommunicate([self.openssl_binary, 'req', '-nodes', '-config',
self.openssl_configuration, '-new', '-x509', '-extensions', 'v3_ca',
'-keyout', self.key, '-out', self.certificate, '-days', '10950'],
# Authority name will be random, so no instance has the same issuer
'Certificate Authority %s\n' % uuid.uuid1())
except:
try:
for f in file_list:
if os.path.exists(f):
os.unlink(f)
except:
# do not raise during cleanup
pass
raise
def _checkCertificate(self, common_name, key, certificate):
file_list = [key, certificate]
ready = True
for f in file_list:
if not os.path.exists(f):
ready = False
break
if ready:
return False
for f in file_list:
if os.path.exists(f):
os.unlink(f)
csr = certificate + '.csr'
try:
popenCommunicate([self.openssl_binary, 'req', '-config',
self.openssl_configuration, '-nodes', '-new', '-keyout',
key, '-out', csr, '-days', '3650'],
common_name + '\n')
try:
popenCommunicate([self.openssl_binary, 'ca', '-batch', '-config',
self.openssl_configuration, '-out', certificate,
'-infiles', csr])
finally:
if os.path.exists(csr):
os.unlink(csr)
except:
try:
for f in file_list:
if os.path.exists(f):
os.unlink(f)
except:
# do not raise during cleanup
pass
raise
else:
return True
def checkRequestDir(self):
for request_file in os.listdir(self.request_dir):
parser = ConfigParser.RawConfigParser()
parser.readfp(open(os.path.join(self.request_dir, request_file), 'r'))
if self._checkCertificate(parser.get('certificate', 'name'),
parser.get('certificate', 'key_file'), parser.get('certificate',
'certificate_file')):
print 'Created certificate %r' % parser.get('certificate', 'name')
def runCertificateAuthority(args):
ca_conf = args[0]
ca = CertificateAuthority(ca_conf['key'], ca_conf['certificate'],
ca_conf['openssl_binary'], ca_conf['openssl_configuration'],
ca_conf['request_dir'])
while True:
ca.checkAuthority()
ca.checkRequestDir()
time.sleep(60)
......@@ -5,6 +5,7 @@
PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
ServerName %(server_name)s
DocumentRoot %(document_root)s
%(listen)s
......@@ -37,15 +38,24 @@ CustomLog "%(access_log)s" common
%(path_enable)s
# Magic of Zope related rewrite
RewriteMap apachemapzope txt:%(apachemapzope_path)s
# Rewrite part
RewriteEngine On
# XXX-Cedric : apply only known apachemapzope rules.
RewriteRule ^/(\w+)($|/.*) ${apachemapzope:$1}/VirtualHostBase/https/%(apache_domain)s:%(port)s/VirtualHostRoot/_vh_$1$2 [L,P]
# Sadly, Zope isn't used everywhere. So let's add a generic purpose rule
# Define the two rewritemaps : one for zope, one generic
RewriteMap apachemapzope txt:%(apachemapzope_path)s
RewriteMap apachemapgeneric txt:%(apachemap_path)s
RewriteRule ^/(\w+)($|/.*) ${apachemapgeneric:$1}/$2 [L,P]
# First, we check if we have a zope backend server
# If so, let's use Virtual Host Daemon rewrite
#RewriteCond ${apachemapzope:%%{SERVER_NAME}} >""
#RewriteRule ^/(\w+)($|/.*) ${apachemapzope:$1}/VirtualHostBase/https/%(apache_domain)s:%(port)s/VirtualHostRoot/_vh_$1$2 [L,P]
# If we have generic backend server, let's rewrite without virtual host daemon
RewriteCond ${apachemapgeneric:%%{SERVER_NAME}} >""
RewriteRule ^/(.*)$ ${apachemapgeneric:%%{SERVER_NAME}}/$1 [L,P]
# If nothing exist : put a nice error
ErrorDocument 404 /notfound.html
# List of modules
LoadModule authz_host_module modules/mod_authz_host.so
......
<html>
<head>
<title>Instance not found</title>
</head>
<body>
<h1>This instance has not been found.</h1>
<p>If this error persists, please check your instance URL and status on SlapOS Master.</p>
</body>
</html>
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment