Commit ca925f86 authored by Cédric Le Ninivin's avatar Cédric Le Ninivin Committed by Nicolas Wavrant

monitor: Configurable and protected rewrite rule for local service

parent d2b123c4
...@@ -41,7 +41,7 @@ recipe = slapos.recipe.template ...@@ -41,7 +41,7 @@ recipe = slapos.recipe.template
url = ${:_profile_base_location_}/monitor.cfg.in url = ${:_profile_base_location_}/monitor.cfg.in
output = ${buildout:directory}/monitor.cfg output = ${buildout:directory}/monitor.cfg
filename = monitor.cfg filename = monitor.cfg
md5sum = 852a0e205e005969547cce8192e531cd md5sum = 20dc52c906e03a7c0b1234db7f999853
mode = 0644 mode = 0644
[monitor-bin] [monitor-bin]
...@@ -57,7 +57,7 @@ mode = 0644 ...@@ -57,7 +57,7 @@ mode = 0644
recipe = hexagonit.recipe.download recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename} url = ${:_profile_base_location_}/${:filename}
download-only = true download-only = true
md5sum = 335e618be6bbe02328cd3aaa30e29d9c md5sum = 2d48f8b8e01fa0fdde964ed1c1547f05
filename = cgi-httpd.conf.in filename = cgi-httpd.conf.in
mode = 0644 mode = 0644
...@@ -65,7 +65,7 @@ mode = 0644 ...@@ -65,7 +65,7 @@ mode = 0644
recipe = hexagonit.recipe.download recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/webfile-directory/${:filename} url = ${:_profile_base_location_}/webfile-directory/${:filename}
download-only = true download-only = true
md5sum = af1adc107b73290afb98d011f7307de1 md5sum = e759977b21c70213daa4c2701f2c2078
destination = ${buildout:directory}/parts/monitor-index destination = ${buildout:directory}/parts/monitor-index
filename = index.cgi.in filename = index.cgi.in
mode = 0644 mode = 0644
...@@ -75,7 +75,7 @@ recipe = hexagonit.recipe.download ...@@ -75,7 +75,7 @@ recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/webfile-directory/${:filename} url = ${:_profile_base_location_}/webfile-directory/${:filename}
download-only = true download-only = true
destination = ${buildout:directory}/parts/monitor-template-index destination = ${buildout:directory}/parts/monitor-template-index
md5sum = 05051a2ff81ce7dc2eef3106d75b33f9 md5sum = 7400c8cfa16a15a0d41f512b8bbb1581
filename = index.html.jinja2 filename = index.html.jinja2
mode = 0644 mode = 0644
......
...@@ -21,6 +21,9 @@ LoadModule autoindex_module modules/mod_autoindex.so ...@@ -21,6 +21,9 @@ LoadModule autoindex_module modules/mod_autoindex.so
LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authz_user_module modules/mod_authz_user.so LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authn_file_module modules/mod_authn_file.so LoadModule authn_file_module modules/mod_authn_file.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule rewrite_module modules/mod_rewrite.so
# SSL Configuration # SSL Configuration
<IfDefine !SSLConfigured> <IfDefine !SSLConfigured>
...@@ -61,3 +64,16 @@ Require valid-user ...@@ -61,3 +64,16 @@ Require valid-user
Options Indexes FollowSymLinks Options Indexes FollowSymLinks
Satisfy all Satisfy all
</Directory> </Directory>
<Location /rewrite>
AuthType Basic
AuthName "Private access"
AuthUserFile "{{ monitor_parameters.get('htaccess-file') }}"
Require valid-user
</Location>
ProxyVia On
RewriteEngine On
{% for key, value in monitor_rewrite_rule.iteritems() %}
RewriteRule ^/rewrite/{{ key }}($|/.*) {{ value }}/$1 [P,L]
{% endfor %}
...@@ -105,6 +105,7 @@ context = ...@@ -105,6 +105,7 @@ context =
key apache_update_command :update-apache-access key apache_update_command :update-apache-access
raw extra_eggs_interpreter ${buildout:directory}/bin/${extra-eggs:interpreter} raw extra_eggs_interpreter ${buildout:directory}/bin/${extra-eggs:interpreter}
raw default_page /static/welcome.html raw default_page /static/welcome.html
section rewrite_element monitor-rewrite-rule
[deploy-index-template] [deploy-index-template]
recipe = hexagonit.recipe.download recipe = hexagonit.recipe.download
...@@ -234,6 +235,8 @@ status-history-length = 5 ...@@ -234,6 +235,8 @@ status-history-length = 5
recipe = slapos.cookbook:zero-knowledge.read recipe = slapos.cookbook:zero-knowledge.read
filename = $${public:filename} filename = $${public:filename}
[monitor-rewrite-rule]
# XXX could it be something lighter? # XXX could it be something lighter?
[monitor-httpd-configuration] [monitor-httpd-configuration]
pid-file = $${monitor-directory:run}/cgi-httpd.pid pid-file = $${monitor-directory:run}/cgi-httpd.pid
...@@ -252,6 +255,7 @@ context = ...@@ -252,6 +255,7 @@ context =
section directory monitor-directory section directory monitor-directory
section monitor_parameters monitor-parameters section monitor_parameters monitor-parameters
section httpd_configuration monitor-httpd-configuration section httpd_configuration monitor-httpd-configuration
section monitor_rewrite_rule monitor-rewrite-rule
[cgi-httpd-wrapper] [cgi-httpd-wrapper]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
......
...@@ -23,6 +23,8 @@ monitor_password_script_path = "{{ monitor_password_script_path }}" ...@@ -23,6 +23,8 @@ monitor_password_script_path = "{{ monitor_password_script_path }}"
monitor_apache_password_command = "{{ apache_update_command }}" monitor_apache_password_command = "{{ apache_update_command }}"
monitor_rewrite = "{{ ' '.join(rewrite_element.keys()) }}"
######## ########
# Password functions # Password functions
####### #######
...@@ -185,4 +187,4 @@ else: ...@@ -185,4 +187,4 @@ else:
else: else:
html_base = jinja2.Template(open('{{ index_template }}').read()) html_base = jinja2.Template(open('{{ index_template }}').read())
print print
print html_base.render(tree=make_menu(), default_page="{{ default_page }}") print html_base.render(tree=make_menu(), default_page="{{ default_page }}", monitor_rewrite=monitor_rewrite)
...@@ -19,6 +19,11 @@ ...@@ -19,6 +19,11 @@
{% endfor %} {% endfor %}
<li class="pure-menu-heading category">Files</li> <li class="pure-menu-heading category">Files</li>
<li><a href="./private/" class="link"> User: admin</br> Password is yours</a></li> <li><a href="./private/" class="link"> User: admin</br> Password is yours</a></li>
<li class="pure-menu-heading category">Local Service</li>
{% set rewrite_list = monitor_rewrite.split() %}
{% for path in rewrite_list %}
<li><a href="./rewrite/{{path}}/" class="link">{{path}}</a></li>
{% endfor %}
</ul> </ul>
</div> </div>
</div> </div>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment