Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Eric Zheng
slapos
Commits
01c54888
Commit
01c54888
authored
Mar 30, 2012
by
Cédric de Saint Martin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Refactor apache frontend to support zope rewrite rules as well
parent
2f39a74c
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
71 additions
and
48 deletions
+71
-48
slapos/recipe/apache_frontend/__init__.py
slapos/recipe/apache_frontend/__init__.py
+69
-46
slapos/recipe/apache_frontend/template/apache.conf.in
slapos/recipe/apache_frontend/template/apache.conf.in
+2
-2
No files found.
slapos/recipe/apache_frontend/__init__.py
View file @
01c54888
...
@@ -51,72 +51,59 @@ class Recipe(BaseSlapRecipe):
...
@@ -51,72 +51,59 @@ class Recipe(BaseSlapRecipe):
self
.
killpidfromfile
=
zc
.
buildout
.
easy_install
.
scripts
(
self
.
killpidfromfile
=
zc
.
buildout
.
easy_install
.
scripts
(
[(
'killpidfromfile'
,
'slapos.recipe.erp5.killpidfromfile'
,
[(
'killpidfromfile'
,
'slapos.recipe.erp5.killpidfromfile'
,
'killpidfromfile'
)],
self
.
ws
,
sys
.
executable
,
self
.
bin_directory
)[
0
]
'killpidfromfile'
)],
self
.
ws
,
sys
.
executable
,
self
.
bin_directory
)[
0
]
self
.
path_list
.
append
(
self
.
killpidfromfile
)
self
.
path_list
.
append
(
self
.
killpidfromfile
)
frontend_port_number
=
self
.
parameter_dict
.
get
(
"port"
,
4443
)
frontend_port_number
=
self
.
parameter_dict
.
get
(
"port"
,
4443
)
frontend_domain_name
=
self
.
parameter_dict
.
get
(
"domain"
,
frontend_domain_name
=
self
.
parameter_dict
[
"domain"
]
"host.vifib.net"
)
base_varnish_port
=
26009
base_varnish_port
=
26009
slave_instance_list
=
self
.
parameter_dict
.
get
(
"slave_instance_list"
,
[])
slave_instance_list
=
self
.
parameter_dict
.
get
(
"slave_instance_list"
,
[])
rewrite_rule_list
=
[]
rewrite_rule_list
=
[]
rewrite_rule_zope_list
=
[]
slave_dict
=
{}
slave_dict
=
{}
service_dict
=
{}
service_dict
=
{}
# Check if default port
if
frontend_port_number
is
443
:
if
frontend_port_number
is
443
:
base_url
=
"%s/"
%
frontend_domain_name
base_url
=
"%s/"
%
frontend_domain_name
else
:
else
:
base_url
=
"%s:%s/"
%
(
frontend_domain_name
,
frontend_port_number
)
base_url
=
"%s:%s/"
%
(
frontend_domain_name
,
frontend_port_number
)
for
slave_instance
in
slave_instance_list
:
for
slave_instance
in
slave_instance_list
:
url
=
slave_instance
.
get
(
"url"
)
url
=
slave_instance
.
get
(
"url"
,
None
)
reference
=
slave_instance
.
get
(
"slave_reference"
)
# Check for mandatory slave fields
if
url
is
None
:
if
url
is
None
:
self
.
logger
.
warn
(
'No "url" parameter is defined for %s slave'
\
'instance. Ignoring it.'
%
reference
)
continue
continue
reference
=
slave_instance
.
get
(
"slave_reference"
)
subdomain
=
reference
.
replace
(
"-"
,
""
).
lower
()
subdomain
=
reference
.
replace
(
"-"
,
""
).
lower
()
slave_dict
[
reference
]
=
"https://%s.%s"
%
(
subdomain
,
base_url
)
slave_dict
[
reference
]
=
"https://%s.%s"
%
(
subdomain
,
base_url
)
enable_cache
=
slave_instance
.
get
(
"enable_cache"
,
""
)
if
slave_instance
.
get
(
"enable_cache"
,
""
).
upper
()
in
(
'1'
,
'TRUE'
):
if
enable_cache
.
upper
()
in
(
'1'
,
'TRUE'
):
# XXX-Cedric : need to refactor to clean code? (to many variables)
# Varnish should use stunnel to connect to the backend
rewrite_rule
=
self
.
configureVarnishSlave
(
base_varnish_control_port
=
base_varnish_port
base_varnish_port
,
url
,
slave_instance
,
frontend_domain_name
)
base_varnish_port
+=
1
# Use regex
host_regex
=
"((
\
[
\
w*|[0-9]+
\
.)(
\
:|)).*(
\
]|
\
.[0-9]+)"
slave_host
=
re
.
search
(
host_regex
,
url
).
group
(
0
)
port_regex
=
"
\
w+(
\
/|)$"
matcher
=
re
.
search
(
port_regex
,
url
)
if
matcher
is
not
None
:
slave_port
=
matcher
.
group
(
0
)
slave_port
=
slave_port
.
replace
(
"/"
,
""
)
elif
url
.
startswith
(
"https://"
):
slave_port
=
443
else
:
slave_port
=
80
service_name
=
"varnish_%s"
%
reference
varnish_ip
=
self
.
getLocalIPv4Address
()
stunnel_port
=
base_varnish_port
+
1
self
.
installVarnishCache
(
service_name
,
ip
=
varnish_ip
,
port
=
base_varnish_port
,
control_port
=
base_varnish_control_port
,
backend_host
=
varnish_ip
,
backend_port
=
stunnel_port
,
size
=
"1G"
)
service_dict
[
service_name
]
=
dict
(
public_ip
=
varnish_ip
,
public_port
=
stunnel_port
,
private_ip
=
slave_host
.
replace
(
"["
,
""
).
replace
(
"]"
,
""
),
private_port
=
slave_port
)
rewrite_rule_list
.
append
(
"%s.%s http://%s:%s"
%
\
(
reference
.
replace
(
"-"
,
""
),
frontend_domain_name
,
varnish_ip
,
base_varnish_port
))
base_varnish_port
+=
2
base_varnish_port
+=
2
else
:
else
:
rewrite_rule_list
.
append
(
"%s.%s %s"
%
(
subdomain
,
frontend_domain_name
,
rewrite_rule
=
"%s.%s %s"
%
(
subdomain
,
frontend_domain_name
,
url
)
url
))
# Finally, if successful, we add the rewrite rule to our list of rules
if
rewrite_rule
:
# We check if we have a zope slave. It requires different rewrite
# rule structure.
# So we will have one RewriteMap for normal websites, and one
# RewriteMap for Zope Virtual Host Monster websites.
if
slave_instance
.
get
(
"zope"
,
""
).
upper
()
in
(
'1'
,
'TRUE'
):
rewrite_rule_zope_list
.
append
(
rewrite_rule
)
else
:
rewrite_rule_list
.
append
(
rewrite_rule
)
# Certificate stuff
valid_certificate_str
=
self
.
parameter_dict
.
get
(
"domain_ssl_ca_cert"
)
valid_certificate_str
=
self
.
parameter_dict
.
get
(
"domain_ssl_ca_cert"
)
valid_key_str
=
self
.
parameter_dict
.
get
(
"domain_ssl_ca_key"
)
valid_key_str
=
self
.
parameter_dict
.
get
(
"domain_ssl_ca_key"
)
if
valid_certificate_str
is
None
and
valid_key_str
is
None
:
if
valid_certificate_str
is
None
and
valid_key_str
is
None
:
ca_conf
=
self
.
installCertificateAuthority
()
ca_conf
=
self
.
installCertificateAuthority
()
key
,
certificate
=
self
.
requestCertificate
(
frontend_domain_name
)
key
,
certificate
=
self
.
requestCertificate
(
frontend_domain_name
)
...
@@ -125,7 +112,6 @@ class Recipe(BaseSlapRecipe):
...
@@ -125,7 +112,6 @@ class Recipe(BaseSlapRecipe):
frontend_domain_name
,
valid_certificate_str
,
valid_key_str
)
frontend_domain_name
,
valid_certificate_str
,
valid_key_str
)
key
=
ca_conf
.
pop
(
"key"
)
key
=
ca_conf
.
pop
(
"key"
)
certificate
=
ca_conf
.
pop
(
"certificate"
)
certificate
=
ca_conf
.
pop
(
"certificate"
)
if
service_dict
!=
{}:
if
service_dict
!=
{}:
if
valid_certificate_str
is
not
None
and
valid_key_str
is
not
None
:
if
valid_certificate_str
is
not
None
and
valid_key_str
is
not
None
:
self
.
installCertificateAuthority
()
self
.
installCertificateAuthority
()
...
@@ -144,17 +130,56 @@ class Recipe(BaseSlapRecipe):
...
@@ -144,17 +130,56 @@ class Recipe(BaseSlapRecipe):
port
=
frontend_port_number
,
port
=
frontend_port_number
,
name
=
frontend_domain_name
,
name
=
frontend_domain_name
,
rewrite_rule_list
=
rewrite_rule_list
,
rewrite_rule_list
=
rewrite_rule_list
,
rewrite_rule_zope_list
=
rewrite_rule_zope_list
,
key
=
key
,
certificate
=
certificate
)
key
=
key
,
certificate
=
certificate
)
# Send connection informations about each slave
for
reference
,
url
in
slave_dict
.
iteritems
():
for
reference
,
url
in
slave_dict
.
iteritems
():
self
.
setConnectionDict
(
dict
(
site_url
=
url
),
reference
)
self
.
setConnectionDict
(
dict
(
site_url
=
url
),
reference
)
# Then set it for master instance
self
.
setConnectionDict
(
self
.
setConnectionDict
(
dict
(
site_url
=
apache_parameter_dict
[
"site_url"
],
dict
(
site_url
=
apache_parameter_dict
[
"site_url"
],
domain_ipv6_address
=
self
.
getGlobalIPv6Address
(),
domain_ipv6_address
=
self
.
getGlobalIPv6Address
(),
domain_ipv4_address
=
self
.
getLocalIPv4Address
()))
domain_ipv4_address
=
self
.
getLocalIPv4Address
()))
return
self
.
path_list
return
self
.
path_list
def
configureVarnishSlave
(
self
,
base_varnish_port
,
url
,
slave_instance
,
service_dict
,
frontend_domain_name
):
reference
=
slave_instance
.
get
(
"slave_reference"
)
# Varnish should use stunnel to connect to the backend
base_varnish_control_port
=
base_varnish_port
base_varnish_port
+=
1
# Use regex
host_regex
=
"((
\
[
\
w*|[0-9]+
\
.)(
\
:|)).*(
\
]|
\
.[0-9]+)"
slave_host
=
re
.
search
(
host_regex
,
url
).
group
(
0
)
port_regex
=
"
\
w+(
\
/|)$"
matcher
=
re
.
search
(
port_regex
,
url
)
if
matcher
is
not
None
:
slave_port
=
matcher
.
group
(
0
)
slave_port
=
slave_port
.
replace
(
"/"
,
""
)
elif
url
.
startswith
(
"https://"
):
slave_port
=
443
else
:
slave_port
=
80
service_name
=
"varnish_%s"
%
reference
varnish_ip
=
self
.
getLocalIPv4Address
()
stunnel_port
=
base_varnish_port
+
1
self
.
installVarnishCache
(
service_name
,
ip
=
varnish_ip
,
port
=
base_varnish_port
,
control_port
=
base_varnish_control_port
,
backend_host
=
varnish_ip
,
backend_port
=
stunnel_port
,
size
=
"1G"
)
service_dict
[
service_name
]
=
dict
(
public_ip
=
varnish_ip
,
public_port
=
stunnel_port
,
private_ip
=
slave_host
.
replace
(
"["
,
""
).
replace
(
"]"
,
""
),
private_port
=
slave_port
)
return
"%s.%s http://%s:%s"
%
\
(
reference
.
replace
(
"-"
,
""
),
frontend_domain_name
,
varnish_ip
,
base_varnish_port
)
def
installLogrotate
(
self
):
def
installLogrotate
(
self
):
"""Installs logortate main configuration file and registers its to cron"""
"""Installs logortate main configuration file and registers its to cron"""
logrotate_d
=
os
.
path
.
abspath
(
os
.
path
.
join
(
self
.
etc_directory
,
logrotate_d
=
os
.
path
.
abspath
(
os
.
path
.
join
(
self
.
etc_directory
,
...
@@ -397,8 +422,6 @@ class Recipe(BaseSlapRecipe):
...
@@ -397,8 +422,6 @@ class Recipe(BaseSlapRecipe):
# Create configuration file and rewritemaps
# Create configuration file and rewritemaps
apachemap_name
=
"apachemap.txt"
apachemap_name
=
"apachemap.txt"
# XXX-Cedric : implement zope specific rewrites list. Current apachemap is
# generic and does not use VirtualHost Monster.
apachemapzope_name
=
"apachemapzope.txt"
apachemapzope_name
=
"apachemapzope.txt"
self
.
createConfigurationFile
(
apachemap_name
,
"
\
n
"
.
join
(
rewrite_rule_list
))
self
.
createConfigurationFile
(
apachemap_name
,
"
\
n
"
.
join
(
rewrite_rule_list
))
self
.
createConfigurationFile
(
apachemapzope_name
,
self
.
createConfigurationFile
(
apachemapzope_name
,
...
...
slapos/recipe/apache_frontend/template/apache.conf.in
View file @
01c54888
...
@@ -47,8 +47,8 @@ RewriteMap apachemapgeneric txt:%(apachemap_path)s
...
@@ -47,8 +47,8 @@ RewriteMap apachemapgeneric txt:%(apachemap_path)s
# First, we check if we have a zope backend server
# First, we check if we have a zope backend server
# If so, let's use Virtual Host Daemon rewrite
# If so, let's use Virtual Host Daemon rewrite
#
RewriteCond ${apachemapzope:%%{SERVER_NAME}} >""
RewriteCond ${apachemapzope:%%{SERVER_NAME}} >""
#RewriteRule ^/(\w+)($|/.*) ${apachemapzope:$1}/VirtualHostBase/https/%(apache_domain)s:%(port)s/VirtualHostRoot/_vh_$1$2
[L,P]
RewriteRule ^/(.*)$ ${apachemapzope:%%{SERVER_NAME}}/VirtualHostBase/https/%%{SERVER_NAME}:%%{SERVER_PORT}/VirtualHostRoot/$1
[L,P]
# If we have generic backend server, let's rewrite without virtual host daemon
# If we have generic backend server, let's rewrite without virtual host daemon
RewriteCond ${apachemapgeneric:%%{SERVER_NAME}} >""
RewriteCond ${apachemapgeneric:%%{SERVER_NAME}} >""
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment