Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
isaak yansane-sisk
slapos
Commits
f9223b04
Commit
f9223b04
authored
May 20, 2013
by
Cédric Le Ninivin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
apache-frontend: Support ssl certificates in apache frontend
parent
74364c9a
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
63 additions
and
5 deletions
+63
-5
software/apache-frontend/apache-slave-list.cfg.in
software/apache-frontend/apache-slave-list.cfg.in
+25
-4
software/apache-frontend/common.cfg
software/apache-frontend/common.cfg
+17
-0
software/apache-frontend/empty.in
software/apache-frontend/empty.in
+1
-0
software/apache-frontend/instance.cfg
software/apache-frontend/instance.cfg
+20
-1
No files found.
software/apache-frontend/apache-slave-list.cfg.in
View file @
f9223b04
{% set cached_server_dict = {} -%}
{% set cached_server_dict = {} -%}
{% set part_list = [] -%}
{% set part_list = [] -%}
{% set
instance_parameter_dict = {'cache_access': cache_access
} -%}
{% set
generic_instance_parameter_dict = {'cache_access': cache_access,
} -%}
[jinja2-template-base]
[jinja2-template-base]
recipe = slapos.recipe.template:jinja2
recipe = slapos.recipe.template:jinja2
rendered = {{ apache_configuration_directory }}/${:filename}
rendered = {{ apache_configuration_directory }}/${:filename}
...
@@ -11,9 +11,9 @@ context =
...
@@ -11,9 +11,9 @@ context =
${:extra-context}
${:extra-context}
{% for slave_instance in slave_instance_list -%}
{% for slave_instance in slave_instance_list -%}
{% set slave_reference = slave_instance.get('slave_reference') -%}
{% set slave_reference = slave_instance.get('slave_reference') -%}
{% set slave_section_title = 'dynamic-template-slave-instance-%s' % slave_reference -%}
{% set slave_section_title = 'dynamic-template-slave-instance-%s' % slave_reference -%}
{% set slave_parameter_dict = generic_instance_parameter_dict.copy() -%}
{% do part_list.append(slave_section_title) -%}
{% do part_list.append(slave_section_title) -%}
[{{ slave_section_title }}]
[{{ slave_section_title }}]
< = jinja2-template-base
< = jinja2-template-base
...
@@ -26,13 +26,34 @@ extra-context =
...
@@ -26,13 +26,34 @@ extra-context =
raw http_port {{ http_port }}
raw http_port {{ http_port }}
{{ '\n' }}
{{ '\n' }}
# Set ssl certificates for each slave
{% for cert_name in ('ssl_key', 'ssl_crt', 'ssl_ca_crt', 'ssl_csr')-%}
{% if cert_name in slave_instance -%}
{% set cert_title = '%s-%s' % (slave_reference, cert_name.replace('ssl_', '')) -%}
{% set cert_file = '/'.join([custom_ssl_directory, cert_title.replace('-','.')]) -%}
{% do part_list.append(cert_title) -%}
{% do slave_parameter_dict.update([(cert_name, cert_file)]) -%}
[{{ cert_title }}]
< = jinja2-template-base
template = {{ empty_template }}
rendered = {{ cert_file }}
extra-context =
key content {{ cert_title + '-config:value' }}
[{{ cert_title + '-config' }}]
value = {{ dumps(slave_instance.get(cert_name)) }}
{% endif -%}
{% endfor -%}
# Set apache configuration for slave
[{{ ('slave-instance-%s-configuration' % slave_reference) }}]
[{{ ('slave-instance-%s-configuration' % slave_reference) }}]
{% set apache_custom_http = ((slave_instance.get('apache_custom_http', '')) %
instanc
e_parameter_dict) -%}
{% set apache_custom_http = ((slave_instance.get('apache_custom_http', '')) %
slav
e_parameter_dict) -%}
{% set apache_custom_https = ((slave_instance.get('apache_custom_https', '')) %
instanc
e_parameter_dict) -%}
{% set apache_custom_https = ((slave_instance.get('apache_custom_https', '')) %
slav
e_parameter_dict) -%}
custom-http = {{ dumps(apache_custom_http) }}
custom-http = {{ dumps(apache_custom_http) }}
custom-https = {{ dumps(apache_custom_https) }}
custom-https = {{ dumps(apache_custom_https) }}
{{ '\n' }}
{{ '\n' }}
# The slave use cache
{% if 'enable_cache' in slave_instance and 'url' in slave_instance and 'server_name' in slave_instance -%}
{% if 'enable_cache' in slave_instance and 'url' in slave_instance and 'server_name' in slave_instance -%}
{% do cached_server_dict.update([(slave_instance.get('server_name'), slave_instance.get('url'))]) -%}
{% do cached_server_dict.update([(slave_instance.get('server_name'), slave_instance.get('url'))]) -%}
{% endif -%}
{% endif -%}
...
...
software/apache-frontend/common.cfg
View file @
f9223b04
...
@@ -16,6 +16,7 @@ extends =
...
@@ -16,6 +16,7 @@ extends =
parts =
parts =
slapos-cookbook
slapos-cookbook
slapos-toolbox
template
template
binutils
binutils
apache-2.2
apache-2.2
...
@@ -45,6 +46,17 @@ repository = http://git.erp5.org/repos/slapos.git
...
@@ -45,6 +46,17 @@ repository = http://git.erp5.org/repos/slapos.git
branch = starteggs-frontend
branch = starteggs-frontend
git-executable = ${git:location}/bin/git
git-executable = ${git:location}/bin/git
[slapos-toolbox]
recipe = zc.recipe.egg
#python = ${eggs:python}
eggs =
${lxml-python:egg}
slapos.toolbox
scripts =
killpidfromfile
onetimedownload
[check-recipe]
[check-recipe]
recipe = plone.recipe.command
recipe = plone.recipe.command
stop-on-error = true
stop-on-error = true
...
@@ -86,3 +98,8 @@ mode = 640
...
@@ -86,3 +98,8 @@ mode = 640
recipe = slapos.recipe.build:download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/apache_cached_rewrite.txt.in
url = ${:_profile_base_location_}/apache_cached_rewrite.txt.in
mode = 640
mode = 640
[template-empty]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/empty.in
mode = 640
software/apache-frontend/empty.in
0 → 100644
View file @
f9223b04
{{ content }}
\ No newline at end of file
software/apache-frontend/instance.cfg
View file @
f9223b04
...
@@ -11,7 +11,8 @@ parts =
...
@@ -11,7 +11,8 @@ parts =
logrotate-entry-apache
logrotate-entry-apache
apache-frontend
apache-frontend
apache-cached
apache-cached
frontend-apache-graceful
cached-apache-graceful
switch-softwaretype
switch-softwaretype
eggs-directory = ${buildout:eggs-directory}
eggs-directory = ${buildout:eggs-directory}
...
@@ -86,6 +87,8 @@ extra-context =
...
@@ -86,6 +87,8 @@ extra-context =
key https_port instance-parameter:configuration.port
key https_port instance-parameter:configuration.port
key slave_instance_list instance-parameter:slave-instance-list
key slave_instance_list instance-parameter:slave-instance-list
key rewrite_cached_configuration apache-configuration:cached-rewrite-file
key rewrite_cached_configuration apache-configuration:cached-rewrite-file
key custom_ssl_directory apache-directory:vh-ssl
raw empty_template ${template-empty:target}
raw cache_access http://$${instance-parameter:ipv4-random}:$${apache-configuration:cache-port}
raw cache_access http://$${instance-parameter:ipv4-random}:$${apache-configuration:cache-port}
raw template_slave_configuration ${template-slave-configuration:target}
raw template_slave_configuration ${template-slave-configuration:target}
raw template_rewrite_cached ${template-rewrite-cached:target}
raw template_rewrite_cached ${template-rewrite-cached:target}
...
@@ -164,6 +167,7 @@ document-root = $${directory:srv}/htdocs
...
@@ -164,6 +167,7 @@ document-root = $${directory:srv}/htdocs
slave-configuration = $${directory:srv}/apache-slave-conf.d/
slave-configuration = $${directory:srv}/apache-slave-conf.d/
cache = $${directory:var}/cache
cache = $${directory:var}/cache
mod-ssl = $${:cache}/httpd_mod_ssl
mod-ssl = $${:cache}/httpd_mod_ssl
vh-ssl = $${:slave-configuration}/ssl
[apache-configuration]
[apache-configuration]
frontend-configuration = $${directory:etc}/apache_frontend.conf
frontend-configuration = $${directory:etc}/apache_frontend.conf
...
@@ -282,3 +286,18 @@ public-ipv4 = $${instance-parameter:configuration.public-ipv4}
...
@@ -282,3 +286,18 @@ public-ipv4 = $${instance-parameter:configuration.public-ipv4}
access-log-path = $${directory:log}/squid-access.log
access-log-path = $${directory:log}/squid-access.log
cache-log-path = $${directory:log}/squid-cache.log
cache-log-path = $${directory:log}/squid-cache.log
pid-filename-path = $${directory:run}/squid.pid
pid-filename-path = $${directory:run}/squid.pid
[squid-reload]
recipe = slapos.cookbook:wrapper
command-line = ${buildout:bin-directory}/killpidfromfile $${squid-cache:pid-filename-path} SIGHUP
wrapper-path = $${directory:service}/squid-reload
[frontend-apache-graceful]
recipe = slapos.cookbook:wrapper
command-line = ${buildout:bin-directory}/killpidfromfile $${apache-configuration:pid-file} SIGUSR1
wrapper-path = $${directory:service}/frontend-apache-graceful
[cached-apache-graceful]
recipe = slapos.cookbook:wrapper
command-line = ${buildout:bin-directory}/killpidfromfile $${apache-configuration:cache-pid-file} SIGUSR1
wrapper-path = $${directory:service}/cached-apache-graceful
\ No newline at end of file
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment