Draft for frontend recipe

parent 6cc76177
...@@ -89,9 +89,9 @@ class Recipe(BaseSlapRecipe): ...@@ -89,9 +89,9 @@ class Recipe(BaseSlapRecipe):
key = ca_conf.pop('key') key = ca_conf.pop('key')
certificate = ca_conf.pop('certificate') certificate = ca_conf.pop('certificate')
# Install node + js script
node_parameter_dict = self.installFrontendNode( node_parameter_dict = self.installFrontendNode(
ip_list=['%s' % self.getGlobalIPv6Address(), ip=self.getGlobalIPv6Address(),
self.getLocalIPv4Address()],
port=frontend_port_number, port=frontend_port_number,
plain_http=redirect_plain_http, plain_http=redirect_plain_http,
name=frontend_domain_name, name=frontend_domain_name,
...@@ -241,62 +241,28 @@ class Recipe(BaseSlapRecipe): ...@@ -241,62 +241,28 @@ class Recipe(BaseSlapRecipe):
certificate_authority_path=config['ca_dir'] certificate_authority_path=config['ca_dir']
) )
def _getApacheConfigurationDict(self, name, ip_list, port): def _getProxyTableContent(self, rewrite_rule_list):
apache_conf = dict() proxy_table_content = '{'
apache_conf['server_name'] = name for rewrite_rule in rewrite_rule_list:
apache_conf['pid_file'] = os.path.join(self.run_directory, rewrite_part = self.substituteTemplate(
name + '.pid') self.getTemplateFilename('proxytable-host.json.in'), rewrite_rule)
apache_conf['lock_file'] = os.path.join(self.run_directory, proxy_table_content = """%s
name + '.lock') %s""" % (proxy_table_content, rewrite_part)
apache_conf['ip_list'] = ip_list proxy_table_content = '%s}' % proxy_table_content
apache_conf['port'] = port return proxy_table_content
apache_conf['server_admin'] = 'admin@'
apache_conf['error_log'] = os.path.join(self.log_directory,
name + '-error.log')
apache_conf['access_log'] = os.path.join(self.log_directory,
name + '-access.log')
self.registerLogRotation(name, [apache_conf['error_log'],
apache_conf['access_log']], self.killpidfromfile + ' ' +
apache_conf['pid_file'] + ' SIGUSR1')
return apache_conf
def installFrontendNode(self, ip_list, port, key, certificate, plain_http, def installFrontendNode(self, ip, port, key, certificate, plain_http,
name, rewrite_rule_list, access_control_string=None): name, rewrite_rule_list):
apachemap_name = "apachemap.txt" map_name = "proxy_table.json"
map_content = self._getProxyTableContent(rewrite_rule_list)
map_file = self.createConfigurationFile(map_name, map_content)
self.createConfigurationFile(apachemap_name, "\n".join(rewrite_rule_list)) self.path_list.append(map_file)
apache_conf = self._getApacheConfigurationDict(name, ip_list, port) wrapper = zc.buildout.easy_install.scripts([(
apache_conf['ssl_snippet'] = self.substituteTemplate( name, 'slapos.recipe.librecipe.execute', 'execute')], self.ws,
self.getTemplateFilename('apache.ssl-snippet.conf.in'),
dict(login_certificate=certificate, login_key=key))
apache_conf["listen"] = "\n".join(["Listen %s:%s" % (ip, port) for ip in ip_list])
path = self.substituteTemplate(
self.getTemplateFilename('apache.conf.path-protected.in'),
dict(path='/', access_control_string='none'))
apache_conf.update(**dict(
path_enable=path,
apachemap_path=os.path.join(self.etc_directory, apachemap_name),
apache_domain=name,
port=port,
))
apache_conf_string = self.substituteTemplate(
self.getTemplateFilename('apache.conf.in'), apache_conf)
apache_config_file = self.createConfigurationFile(name + '.conf',
apache_conf_string)
self.path_list.append(apache_config_file)
self.path_list.extend(zc.buildout.easy_install.scripts([(
name, 'slapos.recipe.erp5.apache', 'runApache')], self.ws,
sys.executable, self.wrapper_directory, arguments=[ sys.executable, self.wrapper_directory, arguments=[
dict( ip, port, key, certificate, plain_http]
required_path_list=[key, certificate], )[0]
binary=self.options['httpd_binary'], self.path_list.extend(wrapper)
config=apache_config_file)
]))
return dict(site_url="https://%s:%s/" % (name, port)) return dict(site_url="https://%s:%s/" % (name, port))
"/%(reference)s": {
"port": %(port)s,
"host": "%(host)s",
"https": %(https)s
}
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment