Commit bc594e1c authored by Łukasz Nowak's avatar Łukasz Nowak

caddy-frontend: Avoid stop-on-error during instantiation

stop-on-error during instantiation can lead to endless instantiation in some
cases, which disallows to create services required for given part to pass, and
in the same time in many cases the called scripts are smart enough to continue
and restart on error.
parent f7021142
No related merge requests found
......@@ -22,15 +22,15 @@ md5sum = 5784bea3bd608913769ff9a8afcccb68
filename =
md5sum = 91fce5ebea302e9c9ccc20c140b76608
md5sum = e7d7e1448b6420657e953026573311ca
filename =
md5sum = ab85ee7bd22e559d87bb214bb22a0e9e
md5sum = 7f07b19d7f3d2941b30dddadcf32c924
_update_hash_filename_ = templates/
md5sum = aeef424418e29a9d5257bf12582bfe04
md5sum = 64d57678c12f539247fe2532c5b8d6b8
_update_hash_filename_ = templates/
......@@ -114,7 +114,7 @@ md5sum = 38792c2dceae38ab411592ec36fff6a8
filename =
md5sum = afac9171681f5b6f1da1a367219348cf
md5sum = 3daebc4b37088fa01183a853920d4143
_update_hash_filename_ = templates/
......@@ -118,6 +118,7 @@ update-command = ${:command}
ipv6 = ${slap-network-information:global-ipv6}
ipv4 = {{instance_parameter_dict['ipv4-random']}}
certificate = ${caddy-directory:master-autocert-dir}/ip-access-${:ipv6}-${:ipv4}.crt
{#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True
command =
[ -f ${:certificate} ] && exit 0
......@@ -141,6 +142,7 @@ update-command = ${:command}
ipv6 = ${slap-network-information:global-ipv6}
ipv4 = {{instance_parameter_dict['ipv4-random']}}
certificate = ${caddy-directory:master-autocert-dir}/fallback-access.crt
{#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True
command =
[ -f ${:certificate} ] && exit 0
......@@ -202,6 +204,7 @@ command =
update-command = ${:command}
template-csr = ${kedifa-login-config:template-csr}
key = ${kedifa-login-config:key}
{#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True
{{ caucase.updater(
......@@ -254,6 +257,7 @@ command =
update-command = ${:command}
template-csr = ${backend-client-login-config:template-csr}
key = ${backend-client-login-config:key}
{#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True
{{ caucase.updater(
......@@ -461,6 +461,7 @@ command =
update-command = ${:command}
csr = ${aikc-config:csr}
key = ${aikc-config:key}
{#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True
......@@ -487,7 +488,8 @@ mode = 0700
{% do part_list.append('aikc-create-user') %}
recipe = plone.recipe.command
stop-on-error = True
{#- The called command is smart enough to survive errors and retry #}
stop-on-error = False
update-command = ${:command}
command =
if ! [ -f ${aikc-config:user-created} ] ; then
......@@ -556,7 +558,8 @@ mode = 0700
{% do part_list.append('aikc-%s' % (csr,)) %}
[aikc-{{ csr }}]
recipe = plone.recipe.command
stop-on-error = True
{#- The called command is smart enough to survive errors and retry #}
stop-on-error = False
command =
${aikc-{{ csr }}-wrapper:rendered}
update-command = ${:command}
......@@ -593,6 +596,7 @@ command =
update-command = ${:command}
csr = ${aibcc-config:csr}
key = ${aibcc-config:key}
{#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True
......@@ -621,6 +625,7 @@ mode = 0700
recipe = plone.recipe.command
# the caucase for this part is provided in this profile, so we can't fail
# as otherwise caucase will never be started...
{#- XXX: Create promise #}
stop-on-error = False
update-command = ${:command}
command =
......@@ -689,7 +694,8 @@ mode = 0700
{% do part_list.append('aibcc-%s' % (csr,)) %}
[aibcc-{{ csr }}]
recipe = plone.recipe.command
stop-on-error = True
{#- The called command is smart enough to survive errors and retry #}
stop-on-error = False
command =
${aibcc-{{ csr }}-wrapper:rendered}
update-command = ${:command}
......@@ -738,6 +744,7 @@ recipe = plone.recipe.command
certificate = ${directory:etc}/rejected-slave.pem
key = ${:certificate}
{#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True
update-command = ${:command}
command =
......@@ -756,6 +763,7 @@ user = admin
recipe = plone.recipe.command
{#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True
file = ${directory:var}/nginx-rejected.htpasswd
command = {{ software_parameter_dict['htpasswd'] }} -cb ${:file} ${rejected-slave-password:user} ${rejected-slave-password:passwd}
......@@ -95,6 +95,7 @@ command =
update-command = ${:command}
template-csr = ${kedifa-config:template-csr}
key = ${kedifa-config:key}
{#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True
{{ caucase.updater(
......@@ -135,6 +136,7 @@ recipe = plone.recipe.command
certificate = ${directory:certificate-csr_id}/certificate.pem
key = ${directory:certificate-csr_id}/key.pem
{#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True
update-command = ${:command}
command =
......@@ -177,6 +177,7 @@ bytes = 8
[{{ slave_htpasswd_section }}]
recipe = plone.recipe.command
{#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True
file = {{ caddy_configuration_directory }}/.{{ slave_reference }}.htpasswd
command = {{ software_parameter_dict['htpasswd'] }} -cb ${:file} {{ slave_reference.lower() }} {{ '${' + slave_password_section + ':passwd}' }}
......@@ -418,6 +419,7 @@ hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
recipe = plone.recipe.command
{#- Can be stopped on error, as does not rely on self provided service but on service which comes from another partition #}
stop-on-error = True
command = {{ software_parameter_dict['kedifa-updater'] }} --prepare-only ${kedifa-updater-mapping:file} --on-update "{{ caddy_configuration['frontend-graceful-command'] }}"
update-command = ${:command}
......@@ -525,6 +527,7 @@ recipe = plone.recipe.command
certificate = {{ directory['caddy-csr_id'] }}/certificate.pem
key = {{ directory['caddy-csr_id'] }}/key.pem
{#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True
update-command = ${:command}
command =
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment