An error occurred fetching the project authors.
  1. 27 Jun, 2022 1 commit
  2. 28 Apr, 2022 1 commit
  3. 21 Mar, 2022 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Improve and stabilise Via header · d45e9cdf
      Łukasz Nowak authored
      Via header for response and request is fully stabilized and present according
      to the RFC now.
      
      Important information, like protocol and protocol version are exposed.
      
      Hops which were present in the request are stored and descriptively named.
      
      Versions of components are exposed in hidden way and in the same time the
      frontend administrator and frontend user are able to analyze the versions,
      and the version history present on the node is transmitted back.
      
      Additionally each node can be identified by frontend admins and users for
      request and response headers, allowing more debugging.
      
      Improve the tests by extending assertSlaveBase and reuse it instead of
      duplicating the code everywhere.
      d45e9cdf
  4. 07 Mar, 2022 2 commits
    • Łukasz Nowak's avatar
      caddy-frontend: Cleanup CSR exposure · 6a531a74
      Łukasz Nowak authored
      Cleanups:
      
       * simplify nginx management with real template
       * rename sections to provide explanation in their name so it's less cryptic
      6a531a74
    • Łukasz Nowak's avatar
      caddy-frontend: Switch to full CSR analysis · 615bfd3e
      Łukasz Nowak authored
      Instead of trusting CSR id published by the node which tries to join the
      cluster add a tool which is able to compare exposed CSR with one in caucase
      and then decide to accept node in the cluster. This tool does what usual user
      would do, and it's logic implemented as a script leads to much simpler profiles.
      
      For sake of clean profiles csr_id has been removed, except when it's used for
      self joining of the user to the cluster.
      615bfd3e
  5. 11 Oct, 2021 1 commit
  6. 24 Sep, 2021 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Add missing promise on each exposed node · acc99f4c
      Łukasz Nowak authored
      Each node requests a frontend instance used to publish information about
      itself, but there was missing a promise on the node itself, if the frontend
      instance is operational. Even if there is global cluster check of those
      information, it does not trigger node reprocessing, thus adding additional
      promise on each node.
      acc99f4c
  7. 23 Aug, 2021 1 commit
    • Boxiang Sun's avatar
      sotware/caddy-frontend: switch to switch-softwaretype · 457152bb
      Boxiang Sun authored
      Changes explanation:
      slave_reference.lower(): The configparser which the current buildout
      using is case sensitive, which cause some options cannot be found.
      slap_software_type: The recipe softwaretype need this option, but
      switch-softwaretype doesn't.
      caddyprofiledeps: It provides the deps of caddy. Switch to
      switch-softwaretype leads to the error like "ImportError: No module
      named furl". Force caddyprofiledeps installed first can solve this
      issue.
      457152bb
  8. 29 Jun, 2021 1 commit
  9. 15 Jun, 2021 1 commit
  10. 12 May, 2021 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Solve ATS configuration asymmetry · 478ca801
      Łukasz Nowak authored
      Accessing http with path starting with /HTTPS/ would result with 503 responses
      from ATS itself.
      
      Test is covering the problem and also asserting that fix does not damage https
      access with path starting with /HTTP/
      478ca801
  11. 26 Jan, 2021 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Move out logic from configuration file generation · fc23be53
      Łukasz Nowak authored
      As decision making quite often requires access to more than one slave entry,
      it's better to keep the logic above configuration generation. Also
      configuration generation is already complex, and it's better to have it
      simplified, especially in case of switching the component.
      
      Use already prepared values from apache-custom-slave-list.cfg.in in
      default-virtualhost.conf.in to simplify even more.
      
      Pass variables to the other profiles without casting them to string, so that
      they work out of the box.
      fc23be53
  12. 18 Nov, 2020 3 commits
  13. 20 Oct, 2020 9 commits
  14. 05 Oct, 2020 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Provide backend-haproxy statistic · 8d5910dc
      Łukasz Nowak authored
      Each node allows for global statistic access for full backend-haproxy, which
      is exposed using special frontend, and then transferred back to the master
      partition, so that the administrator can access it.
      8d5910dc
  15. 30 Sep, 2020 1 commit
  16. 25 Sep, 2020 2 commits
  17. 15 Sep, 2020 3 commits
  18. 30 Jul, 2020 2 commits
    • Łukasz Nowak's avatar
      caddy-frontend: Expose backend log files to slaves · 65700284
      Łukasz Nowak authored
      Backend logs are exposed as usual access and error logs.
      
      By using rsyslogd templates and regex filtering, the rsyslogd reacts itself
      and creates needed files per each slave which accesses it. Thanks to this, it's
      configuration is static from point of view of SlapOS profiles, and can be
      generated once.
      
      As the rsyslogd configuration became fully special to backend-haproxy, the
      rsyslogd template filename and its references has been correctly renamed.
      65700284
    • Łukasz Nowak's avatar
      caddy-frontend: Configure log retention locally · 58206fa6
      Łukasz Nowak authored
      Logs are critical for caddy-frontend, so let's configure rotate-num locally,
      as changes in the stack can come unattended, and can result with loosing logs.
      58206fa6
  19. 17 Jul, 2020 3 commits
    • Łukasz Nowak's avatar
      caddy-frontend: Setup backend client auth · 3be5f4ce
      Łukasz Nowak authored
      By default do not offer authentication certificate, the switch
      authenticate-to-backend can be used on cluster or slave level to control
      this feature.
      3be5f4ce
    • Łukasz Nowak's avatar
      caddy-frontend: Implement log file for backend-haproxy · 5b024d04
      Łukasz Nowak authored
      rsyslogd is used, as haproxy does not support writing log files by its own.
      5b024d04
    • Łukasz Nowak's avatar
      caddy-frontend: Put haproxy just before the backend · ec3d4ae9
      Łukasz Nowak authored
      This is needed in order to provide future support for client certificates
      to the backend.
      
      Also it means that haproxy is used in all cases, with or without cache, and as
      a result the "cached" version of caddy is dropped.
      
      Let haproxy setup maxconn by itself, as it's wise enough.
      
      Also trust that it'll detect and use proper limits, instead enforcing them in
      the shell with ulimit trick (ulimit -n $(ulimit -Hn)).
      
      As empty server alias can impact the configuration, add proper test for
      checking it.
      ec3d4ae9
  20. 14 Jul, 2020 2 commits
  21. 22 Jun, 2020 2 commits