See sqlite-mixin.cfg to skip the building of MariaDB.

Since usage of cryptography in "caddy-frontend/test: Switch to cryptography"
certificates are programmatically  done.

Caddy has its own approach to security and browser support, and it is
trusted, so keep it this way. If incompatibilities would be found, they
will be tackled by each one.

Current way of testing caddy-frontend SR is enough.

It is done in "caddy-frontend: Restart 6tunnel services on SR upgrade"

Apache-migration is not needed, as the profiles can be used in place, and
upcoming development will drop a lot of needs.

This reverts commit 6eec01b7.

The test_supervisor_state run on each test case has exactly the same
functionality, so just drop not needed additional test.

/reviewed-on nexedi/slapos!466

"software/caddy-frontend: auto-restart services on SR upgrade." begun
implementation of automatic restart of services on SR upgrade, but not all
services has been caught - 6tunnel was missing.

/reviewed-on nexedi/slapos!473

Those values are free to be used by tests in order to obtain working
IPv4 and IPv6 addresses.

/reviewed-on nexedi/slapos!470

Those values are free to be used by tests in order to obtain working
IPv4 and IPv6 addresses or other parameters fetched during test node
instantiation.

Note that old-style keys (like LOCAL_IPV4 and LOCAL_IPV6) are kept for
backward compatibility.

/reviewed-on !471

Some tests need to play with IPv6, and it would be better, if they would use
IPv6 on which the test system has control.

/reviewed-on nexedi/slapos!467

Do not emit needless diff into log.

Do not stop processing in case of validation failure.

Caddy reloads configuration on USR1 not on HUP.

/reviewed-on nexedi/slapos!465

This way when setting `udp:<port>` in `nat-rules` instance parameter, it won't mess up with buildout's syntax.

PS: It seems the UDP won't work at all since `6tunnel` doesn't support TCP tunneling, so this is more of a cosmetic fix.

/reviewed-on nexedi/slapos!464

This reverts commit 9243ace4

There are some bizarre issues with notebook, which happen randomly.

/reviewed-on nexedi/slapos!463

once a release including https://github.com/proftpd/proftpd/issues/674
is made we can update to openssl 1.1

/reviewed-on nexedi/slapos!460

/reviewed-on nexedi/slapos!445

Caddy v0.11.1 fixes QUIC issues.

Not released yet functionality for regular expression cookie rewriting
is available: https://github.com/mholt/caddy/pull/2144

Not released yet functionality for ca_certifices in proxy:
https://github.com/mholt/caddy/pull/2380

Zenexer fixes for regerssion in v0.11.1

Note: Since Caddy release v0.11.0 certificates has to match sites
      served by Caddy. This will result in lack of response for sites served
      on HTTPS for which certificate names (subject COMMON_NAME,
      subjectAltName DNS or IP) does not match site name.

nodejs 8 does not seem to support higher version.

/reviewed-on nexedi/slapos!461

Caddy since 0.11.1 requires that certificate match the exposed site, so in
order to being able to serve ip access sites each frontend node needs
to generate certificate with its IP in the subjectAltName.

Not released yet functionality for regular expression cookie rewriting
is available: https://github.com/mholt/caddy/pull/2144

Caddy v0.11.1 fixes QUIC issues.

Zenexer fixes for regerssion in v0.11.1

Note: Since Caddy release v0.11.0 certificates has to match sites
      served by Caddy. This will result in lack of response for sites served
      on HTTPS for which certificate names (subject COMMON_NAME,
      subjectAltName DNS or IP) does not match site name.