Commit d5aeb3d1 authored by Łukasz Nowak's avatar Łukasz Nowak Committed by Łukasz Nowak

Fix/caddy frontend prefer gzip type zope

/reviewed-on nexedi/slapos!481
parent 3c01d90e
...@@ -58,7 +58,7 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b ...@@ -58,7 +58,7 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b
[template-default-slave-virtualhost] [template-default-slave-virtualhost]
filename = templates/default-virtualhost.conf.in filename = templates/default-virtualhost.conf.in
md5sum = b7879a40ed7f8a49b764c82e7283811f md5sum = e21bf673c35f049e7457ec78de9a1964
[template-cached-slave-virtualhost] [template-cached-slave-virtualhost]
filename = templates/cached-virtualhost.conf.in filename = templates/cached-virtualhost.conf.in
......
...@@ -42,12 +42,12 @@ ...@@ -42,12 +42,12 @@
log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}"
errors {{ slave_parameter.get('error_log') }} errors {{ slave_parameter.get('error_log') }}
{%- if prefer_gzip %} {%- if prefer_gzip and not (slave_type == 'zope' and backend_url) %}
rewrite { rewrite {
if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)" if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
to /prefer-gzip{uri} to /prefer-gzip{uri}
} }
{%- endif %} {#- if prefer_gzip #} {%- endif %} {#- if prefer_gzip and not (slave_type == 'zope' and backend_url) #}
{%- if slave_type == 'zope' and backend_url %} {%- if slave_type == 'zope' and backend_url %}
# Zope configuration # Zope configuration
...@@ -90,10 +90,18 @@ ...@@ -90,10 +90,18 @@
/ {scheme}://{host}/{{ default_path }} / {scheme}://{host}/{{ default_path }}
} {# redir #} } {# redir #}
{%- endif %} {#- if default_path #} {%- endif %} {#- if default_path #}
{%- if prefer_gzip %}
rewrite {
regexp (.*)
if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
to /prefer-gzip/VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-https-port', '443') | int }}%2F{{ slave_parameter.get('path', '') }}%2FVirtualHostRoot/{1}
}
{%- else %}
rewrite { rewrite {
regexp (.*) regexp (.*)
to /VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-https-port', '443') | int }}%2F{{ slave_parameter.get('path', '') }}%2FVirtualHostRoot/{1} to /VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-https-port', '443') | int }}%2F{{ slave_parameter.get('path', '') }}%2FVirtualHostRoot/{1}
} {# rewrite #} } {# rewrite #}
{%- endif %} {#- if prefer_gzip #}
{%- elif slave_type == 'redirect' and backend_url %} {#- if slave_type == 'zope' and backend_url #} {%- elif slave_type == 'redirect' and backend_url %} {#- if slave_type == 'zope' and backend_url #}
# Redirect configuration # Redirect configuration
redir 302 { redir 302 {
...@@ -155,12 +163,12 @@ ...@@ -155,12 +163,12 @@
log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}"
errors {{ slave_parameter.get('error_log') }} errors {{ slave_parameter.get('error_log') }}
{%- if prefer_gzip %} {%- if prefer_gzip and not (slave_type == 'zope' and backend_url) %}
rewrite { rewrite {
if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)" if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
to /prefer-gzip{uri} to /prefer-gzip{uri}
} }
{%- endif %} {#- if prefer_gzip #} {%- endif %} {#- if prefer_gzip and not (slave_type == 'zope' and backend_url) #}
{%- if https_only %} {%- if https_only %}
# Enforced redirection to SSL-enabled host # Enforced redirection to SSL-enabled host
...@@ -211,10 +219,18 @@ ...@@ -211,10 +219,18 @@
/ {scheme}://{host}/{{ default_path }} / {scheme}://{host}/{{ default_path }}
} {# redir #} } {# redir #}
{%- endif %} {#- if default_path #} {%- endif %} {#- if default_path #}
{%- if prefer_gzip %}
rewrite {
regexp (.*)
if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
to /prefer-gzip/VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-http-port', '80') | int }}%2F{{ slave_parameter.get('path', '') }}%2FVirtualHostRoot/{1}
}
{%- else %}
rewrite { rewrite {
regexp (.*) regexp (.*)
to /VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-http-port', '80') | int }}%2F{{ slave_parameter.get('path', '') }}%2FVirtualHostRoot/{1} to /VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-http-port', '80') | int }}%2F{{ slave_parameter.get('path', '') }}%2FVirtualHostRoot/{1}
} {# rewrite #} } {# rewrite #}
{% endif %} {#- if prefer_gzip #}
{%- else %} {#- if https_only #} {%- else %} {#- if https_only #}
# Default configuration # Default configuration
{%- if default_path %} {%- if default_path %}
......
...@@ -337,7 +337,9 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase): ...@@ -337,7 +337,9 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase):
@classmethod @classmethod
def getSoftwareURLList(cls): def getSoftwareURLList(cls):
return (os.path.abspath(os.path.join(os.path.dirname(__file__), '..', 'software.cfg')), ) return (
os.path.abspath(
os.path.join(os.path.dirname(__file__), '..', 'software.cfg')), )
@classmethod @classmethod
def setUpClass(cls): def setUpClass(cls):
...@@ -833,6 +835,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -833,6 +835,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'url': cls.backend_url, 'url': cls.backend_url,
'type': 'zope', 'type': 'zope',
}, },
'type-zope-prefer-gzip-encoding-to-backend': {
'url': cls.backend_url,
'prefer-gzip-encoding-to-backend': 'true',
'type': 'zope',
},
'type-zope-ssl-proxy-verify_ssl_proxy_ca_crt': { 'type-zope-ssl-proxy-verify_ssl_proxy_ca_crt': {
'url': cls.backend_https_url, 'url': cls.backend_https_url,
'type': 'zope', 'type': 'zope',
...@@ -990,9 +997,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -990,9 +997,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
expected_parameter_dict = { expected_parameter_dict = {
'monitor-base-url': None, 'monitor-base-url': None,
'domain': 'example.com', 'domain': 'example.com',
'accepted-slave-amount': '43', 'accepted-slave-amount': '44',
'rejected-slave-amount': '4', 'rejected-slave-amount': '4',
'slave-amount': '47', 'slave-amount': '48',
'rejected-slave-dict': { 'rejected-slave-dict': {
"_apache_custom_http_s-rejected": ["slave not authorized"], "_apache_custom_http_s-rejected": ["slave not authorized"],
"_caddy_custom_http_s": ["slave not authorized"], "_caddy_custom_http_s": ["slave not authorized"],
...@@ -1639,6 +1646,93 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1639,6 +1646,93 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'/VirtualHostRoot/test-path' '/VirtualHostRoot/test-path'
) )
def test_type_zope_prefer_gzip_encoding_to_backend(self):
parameter_dict = self.parseSlaveParameterDict(
'type-zope-prefer-gzip-encoding-to-backend')
self.assertLogAccessUrlWithPop(parameter_dict)
self.assertEqual(
{
'domain': 'typezopeprefergzipencodingtobackend.example.com',
'replication_number': '1',
'url': 'http://typezopeprefergzipencodingtobackend.example.com',
'site_url': 'http://typezopeprefergzipencodingtobackend.example.com',
'secure_access':
'https://typezopeprefergzipencodingtobackend.example.com',
'public-ipv4': SLAPOS_TEST_IPV4,
},
parameter_dict
)
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual(
self.certificate_pem,
der2pem(result.peercert))
try:
j = result.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertFalse('remote_user' in j['Incoming Headers'].keys())
self.assertEqualResultJson(
result,
'Path',
'/VirtualHostBase/https//'
'typezopeprefergzipencodingtobackend.example.com:443/'
'/VirtualHostRoot/test-path'
)
result = self.fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqualResultJson(
result,
'Path',
'/VirtualHostBase/http//'
'typezopeprefergzipencodingtobackend.example.com:80/'
'/VirtualHostRoot/test-path'
)
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
headers={'Accept-Encoding': 'gzip, deflate'})
self.assertEqual(
self.certificate_pem,
der2pem(result.peercert))
try:
j = result.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertFalse('remote_user' in j['Incoming Headers'].keys())
self.assertEqualResultJson(
result,
'Path',
'/VirtualHostBase/https//'
'typezopeprefergzipencodingtobackend.example.com:443/'
'/VirtualHostRoot/test-path'
)
self.assertEqual(
'gzip', result.json()['Incoming Headers']['accept-encoding'])
result = self.fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
headers={'Accept-Encoding': 'gzip, deflate'})
self.assertEqualResultJson(
result,
'Path',
'/VirtualHostBase/http//'
'typezopeprefergzipencodingtobackend.example.com:80/'
'/VirtualHostRoot/test-path'
)
self.assertEqual(
'gzip', result.json()['Incoming Headers']['accept-encoding'])
def test_type_zope_virtualhostroot_http_port(self): def test_type_zope_virtualhostroot_http_port(self):
parameter_dict = self.parseSlaveParameterDict( parameter_dict = self.parseSlaveParameterDict(
'type-zope-virtualhostroot-http-port') 'type-zope-virtualhostroot-http-port')
...@@ -2673,6 +2767,20 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2673,6 +2767,20 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
self.assertEqual( self.assertEqual(
'deflate', result.json()['Incoming Headers']['accept-encoding']) 'deflate', result.json()['Incoming Headers']['accept-encoding'])
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual(
self.certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path')
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqualResultJson(result, 'Path', '/test-path')
def test_disabled_cookie_list(self): def test_disabled_cookie_list(self):
parameter_dict = self.parseSlaveParameterDict('disabled-cookie-list') parameter_dict = self.parseSlaveParameterDict('disabled-cookie-list')
self.assertLogAccessUrlWithPop(parameter_dict) self.assertLogAccessUrlWithPop(parameter_dict)
......
...@@ -69,6 +69,8 @@ TestSlave-1/var/log/httpd/_type-zope-default-path_access_log ...@@ -69,6 +69,8 @@ TestSlave-1/var/log/httpd/_type-zope-default-path_access_log
TestSlave-1/var/log/httpd/_type-zope-default-path_error_log TestSlave-1/var/log/httpd/_type-zope-default-path_error_log
TestSlave-1/var/log/httpd/_type-zope-path_access_log TestSlave-1/var/log/httpd/_type-zope-path_access_log
TestSlave-1/var/log/httpd/_type-zope-path_error_log TestSlave-1/var/log/httpd/_type-zope-path_error_log
TestSlave-1/var/log/httpd/_type-zope-prefer-gzip-encoding-to-backend_access_log
TestSlave-1/var/log/httpd/_type-zope-prefer-gzip-encoding-to-backend_error_log
TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify-unverified_access_log TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify-unverified_access_log
TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify-unverified_error_log TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify-unverified_error_log
TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log
......
...@@ -73,6 +73,8 @@ TestSlave-1/etc/monitor-promise/check-_type-zope-error-log-last-day ...@@ -73,6 +73,8 @@ TestSlave-1/etc/monitor-promise/check-_type-zope-error-log-last-day
TestSlave-1/etc/monitor-promise/check-_type-zope-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_type-zope-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_type-zope-path-error-log-last-day TestSlave-1/etc/monitor-promise/check-_type-zope-path-error-log-last-day
TestSlave-1/etc/monitor-promise/check-_type-zope-path-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_type-zope-path-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_type-zope-prefer-gzip-encoding-to-backend-error-log-last-day
TestSlave-1/etc/monitor-promise/check-_type-zope-prefer-gzip-encoding-to-backend-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify-unverified-error-log-last-day TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify-unverified-error-log-last-day
TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify-unverified-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify-unverified-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-day TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-day
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment