An error occurred fetching the project authors.
- 27 Jun, 2022 1 commit
-
-
Łukasz Nowak authored
-
- 28 Apr, 2022 1 commit
-
-
Thomas Leymonerie authored
Use slapos.recipe.template instead of slapos.recipe.template if possible Harmonize template keys : rendered -> output template -> url template = inline: -> inline = Delete "mode" key See merge request nexedi/slapos!1151
-
- 21 Mar, 2022 1 commit
-
-
Łukasz Nowak authored
Via header for response and request is fully stabilized and present according to the RFC now. Important information, like protocol and protocol version are exposed. Hops which were present in the request are stored and descriptively named. Versions of components are exposed in hidden way and in the same time the frontend administrator and frontend user are able to analyze the versions, and the version history present on the node is transmitted back. Additionally each node can be identified by frontend admins and users for request and response headers, allowing more debugging. Improve the tests by extending assertSlaveBase and reuse it instead of duplicating the code everywhere.
-
- 07 Mar, 2022 2 commits
-
-
Łukasz Nowak authored
Cleanups: * simplify nginx management with real template * rename sections to provide explanation in their name so it's less cryptic
-
Łukasz Nowak authored
Instead of trusting CSR id published by the node which tries to join the cluster add a tool which is able to compare exposed CSR with one in caucase and then decide to accept node in the cluster. This tool does what usual user would do, and it's logic implemented as a script leads to much simpler profiles. For sake of clean profiles csr_id has been removed, except when it's used for self joining of the user to the cluster.
-
- 11 Oct, 2021 1 commit
-
-
Julien Muchembled authored
Adapt all promise sections to changes in plugin promise recipe.
-
- 24 Sep, 2021 1 commit
-
-
Łukasz Nowak authored
Each node requests a frontend instance used to publish information about itself, but there was missing a promise on the node itself, if the frontend instance is operational. Even if there is global cluster check of those information, it does not trigger node reprocessing, thus adding additional promise on each node.
-
- 23 Aug, 2021 1 commit
-
-
Boxiang Sun authored
Changes explanation: slave_reference.lower(): The configparser which the current buildout using is case sensitive, which cause some options cannot be found. slap_software_type: The recipe softwaretype need this option, but switch-softwaretype doesn't. caddyprofiledeps: It provides the deps of caddy. Switch to switch-softwaretype leads to the error like "ImportError: No module named furl". Force caddyprofiledeps installed first can solve this issue.
-
- 29 Jun, 2021 1 commit
-
-
Xavier Thompson authored
Change all `check_port_listening` promises to `check_socket_listening` and rename all associated `config-hostname` arguments to `config-host`
-
- 15 Jun, 2021 1 commit
-
-
Łukasz Nowak authored
By following: https://docs.trafficserver.apache.org/en/9.0.x/release-notes/upgrading.en.html configuration has been adapted. Tests to new version string has been adapted with smaller fixes, including a bit more time for log to appear in squid.log.
-
- 12 May, 2021 1 commit
-
-
Łukasz Nowak authored
Accessing http with path starting with /HTTPS/ would result with 503 responses from ATS itself. Test is covering the problem and also asserting that fix does not damage https access with path starting with /HTTP/
-
- 26 Jan, 2021 1 commit
-
-
Łukasz Nowak authored
As decision making quite often requires access to more than one slave entry, it's better to keep the logic above configuration generation. Also configuration generation is already complex, and it's better to have it simplified, especially in case of switching the component. Use already prepared values from apache-custom-slave-list.cfg.in in default-virtualhost.conf.in to simplify even more. Pass variables to the other profiles without casting them to string, so that they work out of the box.
-
- 18 Nov, 2020 3 commits
-
-
Łukasz Nowak authored
Otherwise it's almost impossible to check for which node statistics are shown.
-
Łukasz Nowak authored
Despite the introspection has replaced old style Caddy-based log-access, some bits were not removed, so remove then now. fixes 0c830c4c
-
Łukasz Nowak authored
It was done in frontend partition, but missed in kedifa. fixes 3469e864
-
- 20 Oct, 2020 9 commits
-
-
Łukasz Nowak authored
stop-on-error during instantiation can lead to endless instantiation in some cases, which disallows to create services required for given part to pass, and in the same time in many cases the called scripts are smart enough to continue and restart on error.
-
Łukasz Nowak authored
SSL cache is unusable in context of caddy, same for the so called HTTPD home. Those are old Apache leftovers.
-
Łukasz Nowak authored
-
Łukasz Nowak authored
-
Łukasz Nowak authored
It's a dict, and in SlapOS usage of Jinja2 it's good to see the type of a variable immediately.
-
Łukasz Nowak authored
"parameter_dict" says nothing, whereas "software_parameter_dict" explains source and purpose of the information.
-
Łukasz Nowak authored
-
Łukasz Nowak authored
There is needless duplication of information.
-
Łukasz Nowak authored
That's true, that those are templates, but the important information which shall be in the name of the parameter is its purpose - a profile.
-
- 05 Oct, 2020 1 commit
-
-
Łukasz Nowak authored
Each node allows for global statistic access for full backend-haproxy, which is exposed using special frontend, and then transferred back to the master partition, so that the administrator can access it.
-
- 30 Sep, 2020 1 commit
-
-
Łukasz Nowak authored
Changes: * traffic_cop was removed, so use traffic_manager directly * logging.config was changed to logging.yaml * made records.config and storage.config similar to original files * proxy.config.admin.synthetic_port option was removed * proxy.config.process_manager.mgmt_port option was removed * test: ignore traffic.out in logs * test: update ATS version * pqsn field was removed and replaced with shn, so follow upstream: https://github.com/apache/trafficserver/commit/b0969c91ebc52b37f4c3195ec17d4d0c1c18650c * add a test to prove squid.log working, as upgrade resulted with not created file
-
- 25 Sep, 2020 2 commits
-
-
Łukasz Nowak authored
Thanks to using check_execute_command with logrotate -d one can assure, that logrotate is for sure correctly configured.
-
Łukasz Nowak authored
By disabling delaycompress filenames are going to be stable, on delaying the compression is not needed.
-
- 15 Sep, 2020 3 commits
-
-
Łukasz Nowak authored
By copy paste mistake wrong log files were configured for log rotation, resulting with damaging logrotate for the whole partition.
-
Łukasz Nowak authored
By using nginx it's possible to set it up to expose logs nicely with the real frontend. furl is used to rewrite URL from the frontend to add proper username and password information.
-
Łukasz Nowak authored
-
- 30 Jul, 2020 2 commits
-
-
Łukasz Nowak authored
Backend logs are exposed as usual access and error logs. By using rsyslogd templates and regex filtering, the rsyslogd reacts itself and creates needed files per each slave which accesses it. Thanks to this, it's configuration is static from point of view of SlapOS profiles, and can be generated once. As the rsyslogd configuration became fully special to backend-haproxy, the rsyslogd template filename and its references has been correctly renamed.
-
Łukasz Nowak authored
Logs are critical for caddy-frontend, so let's configure rotate-num locally, as changes in the stack can come unattended, and can result with loosing logs.
-
- 17 Jul, 2020 3 commits
-
-
Łukasz Nowak authored
By default do not offer authentication certificate, the switch authenticate-to-backend can be used on cluster or slave level to control this feature.
-
Łukasz Nowak authored
rsyslogd is used, as haproxy does not support writing log files by its own.
-
Łukasz Nowak authored
This is needed in order to provide future support for client certificates to the backend. Also it means that haproxy is used in all cases, with or without cache, and as a result the "cached" version of caddy is dropped. Let haproxy setup maxconn by itself, as it's wise enough. Also trust that it'll detect and use proper limits, instead enforcing them in the shell with ulimit trick (ulimit -n $(ulimit -Hn)). As empty server alias can impact the configuration, add proper test for checking it.
-
- 14 Jul, 2020 2 commits
-
-
Łukasz Nowak authored
Instead of passing various kedifa information to the profile generating configuration use section kedifa-configuration and access later such grouped values.
-
Łukasz Nowak authored
In context of frontend node reuse passed directory section to slave configuration to improve readability and simplify future enhancements.
-
- 22 Jun, 2020 2 commits
-
-
Łukasz Nowak authored
QUIC is not used at all, and became superseded by HTTP/3
-
Łukasz Nowak authored
-