An error occurred fetching the project authors.
- 27 Sep, 2019 1 commit
-
-
Łukasz Nowak authored
Server returns slave list with request and publish keys, but only request keys are important. In order to avoid needless updates and nonsense data remove those polluted keys before publishing information about each slave.
-
- 05 Sep, 2019 1 commit
-
-
Alain Takoudjou authored
Remove method `generateHashFromFiles` in all file `test.py`, import it from `slapos.recipe.librecipe`. /reviewed-on nexedi/slapos!617
-
- 30 Aug, 2019 3 commits
-
-
Łukasz Nowak authored
-
Rafael Monnerat authored
The Remote User is managed on the backend apache which will unset it anyway.
-
Julien Muchembled authored
As shown by https://github.com/zopefoundation/Zope/pull/655 and https://github.com/Pylons/waitress/commit/6d4dab6bed88917b973066a6d5222917661802b7 backends usually don't accept headers with underscores. SSL_CLIENT_SERIAL is removed because it's unused.
-
- 29 Aug, 2019 4 commits
-
-
Łukasz Nowak authored
If backend does not send Content-Type the frontend is responsible of adding correct one.
-
Łukasz Nowak authored
-
Łukasz Nowak authored
-
Łukasz Nowak authored
-
- 01 Aug, 2019 1 commit
-
-
Łukasz Nowak authored
-
- 18 Jul, 2019 1 commit
-
-
Łukasz Nowak authored
/reviewed-on nexedi/slapos!597
-
- 04 Jul, 2019 1 commit
-
-
Łukasz Nowak authored
We need to sleep to give chance for Caddy to pick up the signal.
-
- 03 Jul, 2019 2 commits
-
-
Łukasz Nowak authored
-
Łukasz Nowak authored
-
- 26 Jun, 2019 1 commit
-
-
Łukasz Nowak authored
This also means that caddy source is fetched directly from upstream, as all required fixes has been incorporated into the upstream. Drop direct usage of gowork for now, in order to have caddy built using go module, support for gowork with go modules might come later. Follow new way of certificate managament in Caddy 1 as noted https://github.com/mholt/caddy/issues/2588#issuecomment-505367152
-
- 20 Jun, 2019 1 commit
-
-
Łukasz Nowak authored
Frontend operator shall have easy access to information about rejected slaves, possibly the best in the JSON file. Also the keys for the human readable information are slave's titles, not references. The information is published via hand crafted HTTPS endpoint. Note: The SSL certificate is generated manually. Existing caucase is special for KeDiFa, this is another step to move all generated certificates (or otherwise self-signed) to internal, full automatic caucase.
-
- 12 Jun, 2019 1 commit
-
-
Łukasz Nowak authored
It is ready when all on-watch processes are not EXITED.
-
- 31 May, 2019 2 commits
-
-
Łukasz Nowak authored
Validation happens on each configuration change, but for sure it is checked each 2 hours. State of configuration is calculated in separate script.
-
Łukasz Nowak authored
Order of files does not matter for the assertion.
-
- 30 May, 2019 4 commits
-
-
Łukasz Nowak authored
-
Łukasz Nowak authored
It's interesting what appears in cron entries, as they are important for proper partition usage.
-
Łukasz Nowak authored
Always work from the slave_dir path for extensibility and allow no ignore paths if caller does not need to ignore anything.
-
Łukasz Nowak authored
Ignore path's shall be relative to checked directory.
-
- 28 May, 2019 4 commits
-
-
Łukasz Nowak authored
-
Łukasz Nowak authored
-
Łukasz Nowak authored
Some arguments needs Caddy process restart, so implement it with hash-files and also inform the master partition requester about parameters which will result with process restart.
-
Łukasz Nowak authored
Kedifa partition was missing monitoring at all, so add it and monitor kedifa and exposer ip and port. Partition running caddy was missing monitoring for exposer, so add it.
-
- 15 May, 2019 1 commit
-
-
Łukasz Nowak authored
Buildout's kedifa updater just prepares, and so real one has to be run.
-
- 08 May, 2019 2 commits
-
-
Łukasz Nowak authored
It is needed by users to check certificate of KeDiFa while uploading certificates.
-
Łukasz Nowak authored
Each time new slave appears the kedifa-updater has to be run immediately, in order for certificates to be properly setup. Otherwise caddy can be left in non-runnable state until next kedifa-updater would run again.
-
- 26 Apr, 2019 2 commits
-
-
Łukasz Nowak authored
-
Łukasz Nowak authored
Since caddy 1.0.0 it is less fragile for PEMs with some garbage, and can serve sites in such cases. It revealed, that test was wrongly written, as now the certificate can be a bit messy, and will be lodaded, but then won't be used, as it does not match the site.
-
- 23 Apr, 2019 2 commits
-
-
Łukasz Nowak authored
By default whole slave makes websocket connection to the backend. With websocket-path, only the path has websocket style connections, the rest is standard HTTP.
-
Łukasz Nowak authored
There is no need anymore to have two processes for normal and nginx slaves, as nginx ones are served by caddy anyway. Also inform the requester that type:eventsource is not implemented.
-
- 19 Apr, 2019 1 commit
-
-
Łukasz Nowak authored
-
- 16 Apr, 2019 1 commit
-
-
Łukasz Nowak authored
Instance to check custom configuration protection was removed, so follow this in master partition assertion.
-
- 15 Apr, 2019 1 commit
-
-
Łukasz Nowak authored
This reverts commit 7993ff81. Custom configuration checks are hard to be trusted, as they can impact too many aspects of running frontend. Frontend administrator knows the risks of custom configuration, and shall take proper care. /reviewed-on nexedi/slapos!543
-
- 12 Apr, 2019 3 commits
-
-
Łukasz Nowak authored
-
Łukasz Nowak authored
ATS cache fillup is uncontrollable during test run.
-
Łukasz Nowak authored
Instead of complex architecture in the profiles, reuse kedifa-updater capability to do backward compatibility certificate management thanks to its fall-back mechanism. kedifa-updater uses state file to know, if it ever succeed to download certificate from KeDiFa, and so it really makes it that pushing at least once certificate to KeDiFa, even if it is sometimes unresponsive, will switch to it. Fallback certificate is used, thus each slave listens immediately on HTTP and HTTPS. Thanks to this, asynchronous updates do not need to communicate with slapos node instance, and slapos node instance does not care about the certificates anymore.
-