Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Boxiang Sun
slapos
Commits
f9223b04
Commit
f9223b04
authored
May 20, 2013
by
Cédric Le Ninivin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
apache-frontend: Support ssl certificates in apache frontend
parent
74364c9a
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
63 additions
and
5 deletions
+63
-5
software/apache-frontend/apache-slave-list.cfg.in
software/apache-frontend/apache-slave-list.cfg.in
+25
-4
software/apache-frontend/common.cfg
software/apache-frontend/common.cfg
+17
-0
software/apache-frontend/empty.in
software/apache-frontend/empty.in
+1
-0
software/apache-frontend/instance.cfg
software/apache-frontend/instance.cfg
+20
-1
No files found.
software/apache-frontend/apache-slave-list.cfg.in
View file @
f9223b04
{% set cached_server_dict = {} -%}
{% set cached_server_dict = {} -%}
{% set part_list = [] -%}
{% set part_list = [] -%}
{% set
instance_parameter_dict = {'cache_access': cache_access
} -%}
{% set
generic_instance_parameter_dict = {'cache_access': cache_access,
} -%}
[jinja2-template-base]
[jinja2-template-base]
recipe = slapos.recipe.template:jinja2
recipe = slapos.recipe.template:jinja2
rendered = {{ apache_configuration_directory }}/${:filename}
rendered = {{ apache_configuration_directory }}/${:filename}
...
@@ -11,9 +11,9 @@ context =
...
@@ -11,9 +11,9 @@ context =
${:extra-context}
${:extra-context}
{% for slave_instance in slave_instance_list -%}
{% for slave_instance in slave_instance_list -%}
{% set slave_reference = slave_instance.get('slave_reference') -%}
{% set slave_reference = slave_instance.get('slave_reference') -%}
{% set slave_section_title = 'dynamic-template-slave-instance-%s' % slave_reference -%}
{% set slave_section_title = 'dynamic-template-slave-instance-%s' % slave_reference -%}
{% set slave_parameter_dict = generic_instance_parameter_dict.copy() -%}
{% do part_list.append(slave_section_title) -%}
{% do part_list.append(slave_section_title) -%}
[{{ slave_section_title }}]
[{{ slave_section_title }}]
< = jinja2-template-base
< = jinja2-template-base
...
@@ -26,13 +26,34 @@ extra-context =
...
@@ -26,13 +26,34 @@ extra-context =
raw http_port {{ http_port }}
raw http_port {{ http_port }}
{{ '\n' }}
{{ '\n' }}
# Set ssl certificates for each slave
{% for cert_name in ('ssl_key', 'ssl_crt', 'ssl_ca_crt', 'ssl_csr')-%}
{% if cert_name in slave_instance -%}
{% set cert_title = '%s-%s' % (slave_reference, cert_name.replace('ssl_', '')) -%}
{% set cert_file = '/'.join([custom_ssl_directory, cert_title.replace('-','.')]) -%}
{% do part_list.append(cert_title) -%}
{% do slave_parameter_dict.update([(cert_name, cert_file)]) -%}
[{{ cert_title }}]
< = jinja2-template-base
template = {{ empty_template }}
rendered = {{ cert_file }}
extra-context =
key content {{ cert_title + '-config:value' }}
[{{ cert_title + '-config' }}]
value = {{ dumps(slave_instance.get(cert_name)) }}
{% endif -%}
{% endfor -%}
# Set apache configuration for slave
[{{ ('slave-instance-%s-configuration' % slave_reference) }}]
[{{ ('slave-instance-%s-configuration' % slave_reference) }}]
{% set apache_custom_http = ((slave_instance.get('apache_custom_http', '')) %
instanc
e_parameter_dict) -%}
{% set apache_custom_http = ((slave_instance.get('apache_custom_http', '')) %
slav
e_parameter_dict) -%}
{% set apache_custom_https = ((slave_instance.get('apache_custom_https', '')) %
instanc
e_parameter_dict) -%}
{% set apache_custom_https = ((slave_instance.get('apache_custom_https', '')) %
slav
e_parameter_dict) -%}
custom-http = {{ dumps(apache_custom_http) }}
custom-http = {{ dumps(apache_custom_http) }}
custom-https = {{ dumps(apache_custom_https) }}
custom-https = {{ dumps(apache_custom_https) }}
{{ '\n' }}
{{ '\n' }}
# The slave use cache
{% if 'enable_cache' in slave_instance and 'url' in slave_instance and 'server_name' in slave_instance -%}
{% if 'enable_cache' in slave_instance and 'url' in slave_instance and 'server_name' in slave_instance -%}
{% do cached_server_dict.update([(slave_instance.get('server_name'), slave_instance.get('url'))]) -%}
{% do cached_server_dict.update([(slave_instance.get('server_name'), slave_instance.get('url'))]) -%}
{% endif -%}
{% endif -%}
...
...
software/apache-frontend/common.cfg
View file @
f9223b04
...
@@ -16,6 +16,7 @@ extends =
...
@@ -16,6 +16,7 @@ extends =
parts =
parts =
slapos-cookbook
slapos-cookbook
slapos-toolbox
template
template
binutils
binutils
apache-2.2
apache-2.2
...
@@ -45,6 +46,17 @@ repository = http://git.erp5.org/repos/slapos.git
...
@@ -45,6 +46,17 @@ repository = http://git.erp5.org/repos/slapos.git
branch = starteggs-frontend
branch = starteggs-frontend
git-executable = ${git:location}/bin/git
git-executable = ${git:location}/bin/git
[slapos-toolbox]
recipe = zc.recipe.egg
#python = ${eggs:python}
eggs =
${lxml-python:egg}
slapos.toolbox
scripts =
killpidfromfile
onetimedownload
[check-recipe]
[check-recipe]
recipe = plone.recipe.command
recipe = plone.recipe.command
stop-on-error = true
stop-on-error = true
...
@@ -86,3 +98,8 @@ mode = 640
...
@@ -86,3 +98,8 @@ mode = 640
recipe = slapos.recipe.build:download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/apache_cached_rewrite.txt.in
url = ${:_profile_base_location_}/apache_cached_rewrite.txt.in
mode = 640
mode = 640
[template-empty]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/empty.in
mode = 640
software/apache-frontend/empty.in
0 → 100644
View file @
f9223b04
{{ content }}
\ No newline at end of file
software/apache-frontend/instance.cfg
View file @
f9223b04
...
@@ -11,7 +11,8 @@ parts =
...
@@ -11,7 +11,8 @@ parts =
logrotate-entry-apache
logrotate-entry-apache
apache-frontend
apache-frontend
apache-cached
apache-cached
frontend-apache-graceful
cached-apache-graceful
switch-softwaretype
switch-softwaretype
eggs-directory = ${buildout:eggs-directory}
eggs-directory = ${buildout:eggs-directory}
...
@@ -86,6 +87,8 @@ extra-context =
...
@@ -86,6 +87,8 @@ extra-context =
key https_port instance-parameter:configuration.port
key https_port instance-parameter:configuration.port
key slave_instance_list instance-parameter:slave-instance-list
key slave_instance_list instance-parameter:slave-instance-list
key rewrite_cached_configuration apache-configuration:cached-rewrite-file
key rewrite_cached_configuration apache-configuration:cached-rewrite-file
key custom_ssl_directory apache-directory:vh-ssl
raw empty_template ${template-empty:target}
raw cache_access http://$${instance-parameter:ipv4-random}:$${apache-configuration:cache-port}
raw cache_access http://$${instance-parameter:ipv4-random}:$${apache-configuration:cache-port}
raw template_slave_configuration ${template-slave-configuration:target}
raw template_slave_configuration ${template-slave-configuration:target}
raw template_rewrite_cached ${template-rewrite-cached:target}
raw template_rewrite_cached ${template-rewrite-cached:target}
...
@@ -164,6 +167,7 @@ document-root = $${directory:srv}/htdocs
...
@@ -164,6 +167,7 @@ document-root = $${directory:srv}/htdocs
slave-configuration = $${directory:srv}/apache-slave-conf.d/
slave-configuration = $${directory:srv}/apache-slave-conf.d/
cache = $${directory:var}/cache
cache = $${directory:var}/cache
mod-ssl = $${:cache}/httpd_mod_ssl
mod-ssl = $${:cache}/httpd_mod_ssl
vh-ssl = $${:slave-configuration}/ssl
[apache-configuration]
[apache-configuration]
frontend-configuration = $${directory:etc}/apache_frontend.conf
frontend-configuration = $${directory:etc}/apache_frontend.conf
...
@@ -282,3 +286,18 @@ public-ipv4 = $${instance-parameter:configuration.public-ipv4}
...
@@ -282,3 +286,18 @@ public-ipv4 = $${instance-parameter:configuration.public-ipv4}
access-log-path = $${directory:log}/squid-access.log
access-log-path = $${directory:log}/squid-access.log
cache-log-path = $${directory:log}/squid-cache.log
cache-log-path = $${directory:log}/squid-cache.log
pid-filename-path = $${directory:run}/squid.pid
pid-filename-path = $${directory:run}/squid.pid
[squid-reload]
recipe = slapos.cookbook:wrapper
command-line = ${buildout:bin-directory}/killpidfromfile $${squid-cache:pid-filename-path} SIGHUP
wrapper-path = $${directory:service}/squid-reload
[frontend-apache-graceful]
recipe = slapos.cookbook:wrapper
command-line = ${buildout:bin-directory}/killpidfromfile $${apache-configuration:pid-file} SIGUSR1
wrapper-path = $${directory:service}/frontend-apache-graceful
[cached-apache-graceful]
recipe = slapos.cookbook:wrapper
command-line = ${buildout:bin-directory}/killpidfromfile $${apache-configuration:cache-pid-file} SIGUSR1
wrapper-path = $${directory:service}/cached-apache-graceful
\ No newline at end of file
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment