Require apache scheme.

This allow to generate non SSL configuration

Require apache scheme.
This allow to generate non SSL configuration
ff0425ed · Romain Courteaud · 1d8cd90d · ff0425ed · ff0425ed · ff0425ed
Commit ff0425ed authored Jan 17, 2012 by Romain Courteaud
3 changed files
--- a/slapos/recipe/apache_zope_backend/__init__.py
+++ b/slapos/recipe/apache_zope_backend/__init__.py
@@ -33,10 +33,25 @@ class Recipe(GenericBaseRecipe):
    ip = self.options['ip']
    port = self.options['port']
    backend = self.options['backend']
-    key = self.options['key-file']
-    certificate = self.options['cert-file']
-    access_control_string = self.options['access-control-string']
+
    apache_conf = dict()
+
+    scheme = self.options['scheme']
+    if scheme == 'http':
+      required_path_list = []
+      apache_conf['ssl_snippet'] = ''
+    elif scheme == 'https':
+      key = self.options['key-file']
+      certificate = self.options['cert-file']
+      required_path_list = [key, certificate]
+      apache_conf['key'] = key
+      apache_conf['certificate'] = certificate
+      apache_conf['ssl_snippet'] = pkg_resources.resource_string(__name__,
+          'template/snippet.ssl.in') % apache_conf
+    else:
+      raise ValueError, "Unsupported scheme %s" % scheme
+
+    access_control_string = self.options['access-control-string']
    apache_conf['pid_file'] = self.options['pid-file']
    apache_conf['lock_file'] = self.options['lock-file']
    apache_conf['ip'] = ip
@@ -45,8 +60,6 @@ class Recipe(GenericBaseRecipe):
    apache_conf['error_log'] = self.options['error-log']
    apache_conf['access_log'] = self.options['access-log']
    apache_conf['server_name'] = '%s' % apache_conf['ip']
-    apache_conf['certificate'] = certificate
-    apache_conf['key'] = key
    apache_conf['path'] = '/'
    apache_conf['access_control_string'] = access_control_string
    apache_conf['rewrite_rule'] = "RewriteRule (.*) %s$1 [L,P]" % backend
@@ -58,7 +71,7 @@ class Recipe(GenericBaseRecipe):
    wrapper = self.createPythonScript(self.options['wrapper'], __name__ +
      '.apache.runApache', [
            dict(
-              required_path_list=[key, certificate],
+              required_path_list=required_path_list,
              binary=self.options['apache-binary'],
              config=apache_config_file
            )

--- a/slapos/recipe/apache_zope_backend/template/apache.zope.conf.in
+++ b/slapos/recipe/apache_zope_backend/template/apache.zope.conf.in
@@ -32,16 +32,7 @@ TraceEnable Off
 # As backend is trusting REMOTE_USER header unset it always
 RequestHeader unset REMOTE_USER

-# SSL Configuration
-SSLEngine on
-SSLCertificateFile %(certificate)s
-SSLCertificateKeyFile %(key)s
-SSLRandomSeed startup builtin
-SSLRandomSeed connect builtin
-SSLProtocol -ALL +SSLv3 +TLSv1
-SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
-
-SSLProxyEngine On
+%(ssl_snippet)s

 # Log configuration
 ErrorLog "%(error_log)s"

--- a/slapos/recipe/apache_zope_backend/template/snippet.ssl.in
+++ b/slapos/recipe/apache_zope_backend/template/snippet.ssl.in
+
+# SSL Configuration
+SSLEngine on
+SSLCertificateFile %(certificate)s
+SSLCertificateKeyFile %(key)s
+SSLRandomSeed startup builtin
+SSLRandomSeed connect builtin
+SSLProtocol -ALL +SSLv3 +TLSv1
+SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
+
+SSLProxyEngine On