Fix/caddy frontend prefer gzip type zope

/reviewed-on nexedi/slapos!481

Fix/caddy frontend prefer gzip type zope
/reviewed-on nexedi/slapos!481
d5aeb3d1 · Łukasz Nowak · Łukasz Nowak · 3c01d90e · d5aeb3d1 · d5aeb3d1
Commit d5aeb3d1 authored Dec 21, 2018 by Łukasz Nowak Committed by Łukasz Nowak Dec 28, 2018
5 changed files
--- a/software/caddy-frontend/buildout.hash.cfg
+++ b/software/caddy-frontend/buildout.hash.cfg
@@ -58,7 +58,7 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b
 [template-default-slave-virtualhost]
 filename = templates/default-virtualhost.conf.in
-md5sum = b7879a40ed7f8a49b764c82e7283811f
+md5sum = e21bf673c35f049e7457ec78de9a1964
 [template-cached-slave-virtualhost]
 filename = templates/cached-virtualhost.conf.in

--- a/software/caddy-frontend/templates/default-virtualhost.conf.in
+++ b/software/caddy-frontend/templates/default-virtualhost.conf.in
@@ -42,12 +42,12 @@
  log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}"
  errors {{ slave_parameter.get('error_log') }}
-{%- if prefer_gzip %}
+{%- if prefer_gzip and not (slave_type == 'zope' and backend_url) %}
  rewrite {
    if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
    to /prefer-gzip{uri}
  }
-{%- endif %} {#- if prefer_gzip #}
+{%- endif %} {#- if prefer_gzip and not (slave_type == 'zope' and backend_url) #}
 {%- if slave_type ==  'zope' and backend_url %}
  # Zope configuration
@@ -90,10 +90,18 @@
    / {scheme}://{host}/{{ default_path }}
  } {# redir #}
  {%- endif %} {#- if default_path #}
+{%- if prefer_gzip  %}
+  rewrite {
+    regexp (.*)
+    if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
+    to /prefer-gzip/VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-https-port', '443') | int }}%2F{{ slave_parameter.get('path', '') }}%2FVirtualHostRoot/{1}
+  }
+{%- else %}
  rewrite {
    regexp (.*)
    to /VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-https-port', '443') | int }}%2F{{ slave_parameter.get('path', '') }}%2FVirtualHostRoot/{1}
  } {# rewrite #}
+{%- endif %} {#- if prefer_gzip #}
 {%- elif slave_type ==  'redirect' and backend_url %} {#- if slave_type ==  'zope' and backend_url #}
  # Redirect configuration
  redir 302 {
@@ -155,12 +163,12 @@
  log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}"
  errors {{ slave_parameter.get('error_log') }}
-{%- if prefer_gzip %}
+{%- if prefer_gzip and not (slave_type == 'zope' and backend_url) %}
  rewrite {
    if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
    to /prefer-gzip{uri}
  }
-{%- endif %} {#- if prefer_gzip #}
+{%- endif %} {#- if prefer_gzip and not (slave_type == 'zope' and backend_url) #}
 {%- if https_only %}
  # Enforced redirection to SSL-enabled host
@@ -211,10 +219,18 @@
    / {scheme}://{host}/{{ default_path }}
  } {# redir #}
 {%-   endif %} {#-   if default_path #}
+{%- if prefer_gzip  %}
+  rewrite {
+    regexp (.*)
+    if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
+    to /prefer-gzip/VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-http-port', '80') | int }}%2F{{ slave_parameter.get('path', '') }}%2FVirtualHostRoot/{1}
+  }
+{%- else %}
  rewrite {
    regexp (.*)
    to /VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-http-port', '80') | int }}%2F{{ slave_parameter.get('path', '') }}%2FVirtualHostRoot/{1}
  } {# rewrite #}
+{% endif %} {#- if prefer_gzip #}
 {%- else %} {#- if https_only #}
  # Default configuration
 {%-   if default_path %}

--- a/software/caddy-frontend/test/test.py
+++ b/software/caddy-frontend/test/test.py
@@ -337,7 +337,9 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase):
  @classmethod
  def getSoftwareURLList(cls):
-    return (os.path.abspath(os.path.join(os.path.dirname(__file__), '..', 'software.cfg')), )
+    return (
+      os.path.abspath(
+        os.path.join(os.path.dirname(__file__), '..', 'software.cfg')), )
  @classmethod
  def setUpClass(cls):
@@ -833,6 +835,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
        'url': cls.backend_url,
        'type': 'zope',
      },
+      'type-zope-prefer-gzip-encoding-to-backend': {
+        'url': cls.backend_url,
+        'prefer-gzip-encoding-to-backend': 'true',
+        'type': 'zope',
+      },
      'type-zope-ssl-proxy-verify_ssl_proxy_ca_crt': {
        'url': cls.backend_https_url,
        'type': 'zope',
@@ -990,9 +997,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
    expected_parameter_dict = {
      'monitor-base-url': None,
      'domain': 'example.com',
-      'accepted-slave-amount': '43',
+      'accepted-slave-amount': '44',
      'rejected-slave-amount': '4',
-      'slave-amount': '47',
+      'slave-amount': '48',
      'rejected-slave-dict': {
        "_apache_custom_http_s-rejected": ["slave not authorized"],
        "_caddy_custom_http_s": ["slave not authorized"],
@@ -1639,6 +1646,93 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
      '/VirtualHostRoot/test-path'
    )
+  def test_type_zope_prefer_gzip_encoding_to_backend(self):
+    parameter_dict = self.parseSlaveParameterDict(
+      'type-zope-prefer-gzip-encoding-to-backend')
+    self.assertLogAccessUrlWithPop(parameter_dict)
+    self.assertEqual(
+      {
+        'domain': 'typezopeprefergzipencodingtobackend.example.com',
+        'replication_number': '1',
+        'url': 'http://typezopeprefergzipencodingtobackend.example.com',
+        'site_url': 'http://typezopeprefergzipencodingtobackend.example.com',
+        'secure_access':
+        'https://typezopeprefergzipencodingtobackend.example.com',
+        'public-ipv4': SLAPOS_TEST_IPV4,
+      },
+      parameter_dict
+    )
+    result = self.fakeHTTPSResult(
+      parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
+    self.assertEqual(
+      self.certificate_pem,
+      der2pem(result.peercert))
+    try:
+      j = result.json()
+    except Exception:
+      raise ValueError('JSON decode problem in:\n%s' % (result.text,))
+    self.assertFalse('remote_user' in j['Incoming Headers'].keys())
+    self.assertEqualResultJson(
+      result,
+      'Path',
+      '/VirtualHostBase/https//'
+      'typezopeprefergzipencodingtobackend.example.com:443/'
+      '/VirtualHostRoot/test-path'
+    )
+    result = self.fakeHTTPResult(
+      parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
+    self.assertEqualResultJson(
+      result,
+      'Path',
+      '/VirtualHostBase/http//'
+      'typezopeprefergzipencodingtobackend.example.com:80/'
+      '/VirtualHostRoot/test-path'
+    )
+    result = self.fakeHTTPSResult(
+      parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
+      headers={'Accept-Encoding': 'gzip, deflate'})
+    self.assertEqual(
+      self.certificate_pem,
+      der2pem(result.peercert))
+    try:
+      j = result.json()
+    except Exception:
+      raise ValueError('JSON decode problem in:\n%s' % (result.text,))
+    self.assertFalse('remote_user' in j['Incoming Headers'].keys())
+    self.assertEqualResultJson(
+      result,
+      'Path',
+      '/VirtualHostBase/https//'
+      'typezopeprefergzipencodingtobackend.example.com:443/'
+      '/VirtualHostRoot/test-path'
+    )
+    self.assertEqual(
+      'gzip', result.json()['Incoming Headers']['accept-encoding'])
+    result = self.fakeHTTPResult(
+      parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
+      headers={'Accept-Encoding': 'gzip, deflate'})
+    self.assertEqualResultJson(
+      result,
+      'Path',
+      '/VirtualHostBase/http//'
+      'typezopeprefergzipencodingtobackend.example.com:80/'
+      '/VirtualHostRoot/test-path'
+    )
+    self.assertEqual(
+      'gzip', result.json()['Incoming Headers']['accept-encoding'])
  def test_type_zope_virtualhostroot_http_port(self):
    parameter_dict = self.parseSlaveParameterDict(
      'type-zope-virtualhostroot-http-port')
@@ -2673,6 +2767,20 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
    self.assertEqual(
      'deflate', result.json()['Incoming Headers']['accept-encoding'])
+    result = self.fakeHTTPSResult(
+      parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
+    self.assertEqual(
+      self.certificate_pem,
+      der2pem(result.peercert))
+    self.assertEqualResultJson(result, 'Path', '/test-path')
+    result = self.fakeHTTPSResult(
+      parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
+    self.assertEqualResultJson(result, 'Path', '/test-path')
  def test_disabled_cookie_list(self):
    parameter_dict = self.parseSlaveParameterDict('disabled-cookie-list')
    self.assertLogAccessUrlWithPop(parameter_dict)

--- a/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_log-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_log-CADDY.txt
@@ -69,6 +69,8 @@ TestSlave-1/var/log/httpd/_type-zope-default-path_access_log
 TestSlave-1/var/log/httpd/_type-zope-default-path_error_log
 TestSlave-1/var/log/httpd/_type-zope-path_access_log
 TestSlave-1/var/log/httpd/_type-zope-path_error_log
+TestSlave-1/var/log/httpd/_type-zope-prefer-gzip-encoding-to-backend_access_log
+TestSlave-1/var/log/httpd/_type-zope-prefer-gzip-encoding-to-backend_error_log
 TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify-unverified_access_log
 TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify-unverified_error_log
 TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log

--- a/software/caddy-frontend/test/test_data/test.TestSlave.test_monitor_promise_list-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlave.test_monitor_promise_list-CADDY.txt
@@ -73,6 +73,8 @@ TestSlave-1/etc/monitor-promise/check-_type-zope-error-log-last-day
 TestSlave-1/etc/monitor-promise/check-_type-zope-error-log-last-hour
 TestSlave-1/etc/monitor-promise/check-_type-zope-path-error-log-last-day
 TestSlave-1/etc/monitor-promise/check-_type-zope-path-error-log-last-hour
+TestSlave-1/etc/monitor-promise/check-_type-zope-prefer-gzip-encoding-to-backend-error-log-last-day
+TestSlave-1/etc/monitor-promise/check-_type-zope-prefer-gzip-encoding-to-backend-error-log-last-hour
 TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify-unverified-error-log-last-day
 TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify-unverified-error-log-last-hour
 TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-day