Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
slapos
Commits
87637cb1
Commit
87637cb1
authored
Jun 19, 2020
by
Łukasz Nowak
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
caddy-frontend: Improve readability of most complex template
parent
78b214a2
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
195 additions
and
212 deletions
+195
-212
software/caddy-frontend/buildout.hash.cfg
software/caddy-frontend/buildout.hash.cfg
+1
-1
software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
.../caddy-frontend/templates/apache-custom-slave-list.cfg.in
+194
-211
No files found.
software/caddy-frontend/buildout.hash.cfg
View file @
87637cb1
...
@@ -30,7 +30,7 @@ md5sum = a544bf7586f5945bbf108abe9818c7dd
...
@@ -30,7 +30,7 @@ md5sum = a544bf7586f5945bbf108abe9818c7dd
[template-slave-list]
[template-slave-list]
_update_hash_filename_ = templates/apache-custom-slave-list.cfg.in
_update_hash_filename_ = templates/apache-custom-slave-list.cfg.in
md5sum =
83992a72b440e422e6d6dae54990f3b1
md5sum =
9da1616d203e4909af37e658aa923d95
[template-replicate-publish-slave-information]
[template-replicate-publish-slave-information]
_update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in
_update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in
...
...
software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
View file @
87637cb1
{% if software_type == slap_software_type %}
{%- if software_type == slap_software_type %}
{%- set kedifa_updater_mapping = [] %}
{% set kedifa_updater_mapping = [] %}
{%- set cached_server_dict = {} %}
{% set cached_server_dict = {} %}
{%- set part_list = [] %}
{% set part_list = [] %}
{%- set cache_port = caddy_configuration.get('cache-port') %}
{% set cache_port = caddy_configuration.get('cache-port') %}
{%- set cached_port = caddy_configuration.get('cache-through-port') %}
{% set cached_port = caddy_configuration.get('cache-through-port') %}
{%- set ssl_cached_port = caddy_configuration.get('ssl-cache-through-port') %}
{% set ssl_cached_port = caddy_configuration.get('ssl-cache-through-port') %}
{%- set cache_access = "http://%s:%s" % (local_ipv4, cache_port) %}
{% set cache_access = "http://%s:%s" % (local_ipv4, cache_port) %}
{%- set ssl_cache_access = "http://%s:%s/HTTPS" % (local_ipv4, cache_port) %}
{% set ssl_cache_access = "http://%s:%s/HTTPS" % (local_ipv4, cache_port) %}
{%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] %}
{% set TRUE_VALUES = ['y', 'yes', '1', 'true'] %}
{%- set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': local_ipv4, 'http_port': http_port, 'https_port': https_port} %}
{% set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': local_ipv4, 'http_port': http_port, 'https_port': https_port} %}
{%- set slave_log_dict = {} %}
{% set slave_log_dict = {} %}
{%- if extra_slave_instance_list %}
{% if extra_slave_instance_list %}
{%- set slave_instance_information_list = [] %}
{% set slave_instance_information_list = [] %}
{%- set slave_instance_list = slave_instance_list + json_module.loads(extra_slave_instance_list) %}
{% set slave_instance_list = slave_instance_list + json_module.loads(extra_slave_instance_list) %}
{%- endif %}
{% endif %}
{%- if master_key_download_url %}
{%- do kedifa_updater_mapping.append((master_key_download_url, master_certificate, apache_certificate)) %}
{%- else %}
{%- do kedifa_updater_mapping.append(('notreadyyet', master_certificate, apache_certificate)) %}
{%- endif %}
{%- if slave_kedifa_information %}
{%- set slave_kedifa_information = json_module.loads(slave_kedifa_information) %}
{%- else %}
{%- set slave_kedifa_information = {} %}
{%- endif -%}
[jinja2-template-base]
[jinja2-template-base]
recipe = slapos.recipe.template:jinja2
recipe = slapos.recipe.template:jinja2
extensions = jinja2.ext.do
extensions = jinja2.ext.do
...
@@ -30,18 +39,6 @@ sharedscripts = true
...
@@ -30,18 +39,6 @@ sharedscripts = true
notifempty = true
notifempty = true
create = true
create = true
{% if master_key_download_url %}
{% do kedifa_updater_mapping.append((master_key_download_url, master_certificate, apache_certificate)) %}
{% else %}
{% do kedifa_updater_mapping.append(('notreadyyet', master_certificate, apache_certificate)) %}
{% endif %}
{% if slave_kedifa_information %}
{% set slave_kedifa_information = json_module.loads(slave_kedifa_information) %}
{% else %}
{% set slave_kedifa_information = {} %}
{% endif %}
# empty sections if no slaves are available
# empty sections if no slaves are available
[slave-log-directory-dict]
[slave-log-directory-dict]
[slave-password]
[slave-password]
...
@@ -49,169 +46,160 @@ create = true
...
@@ -49,169 +46,160 @@ create = true
# empty section if no cached slaves are available
# empty section if no cached slaves are available
[slave-log-cache-direct-directory-dict]
[slave-log-cache-direct-directory-dict]
{# Loop thought slave list to set up slaves #}
{#- Loop thought slave list to set up slaves #}
{% for slave_instance in slave_instance_list %}
{%- for slave_instance in slave_instance_list %}
{# Manage ciphers #}
{#- Manage ciphers #}
{% set slave_ciphers = slave_instance.get('ciphers', '').strip().split() %}
{%- set slave_ciphers = slave_instance.get('ciphers', '').strip().split() %}
{% if slave_ciphers %}
{%- if slave_ciphers %}
{% set slave_cipher_list = ' '.join(slave_ciphers) %}
{%- set slave_cipher_list = ' '.join(slave_ciphers) %}
{% else %}
{%- else %}
{% set slave_cipher_list = ciphers.strip() %}
{%- set slave_cipher_list = ciphers.strip() %}
{% endif %}
{%- endif %}
{% do slave_instance.__setitem__('cipher_list', slave_cipher_list) %}
{%- do slave_instance.__setitem__('cipher_list', slave_cipher_list) %}
{% set slave_type = slave_instance.get('type', '') %}
{%- set slave_type = slave_instance.get('type', '') %}
{% set enable_cache = (('' ~ slave_instance.get('enable_cache', '')).lower() in TRUE_VALUES and slave_type != 'redirect') %}
{%- set enable_cache = (('' ~ slave_instance.get('enable_cache', '')).lower() in TRUE_VALUES and slave_type != 'redirect') %}
{% set slave_reference = slave_instance.get('slave_reference') %}
{%- set slave_reference = slave_instance.get('slave_reference') %}
{% set slave_kedifa = slave_kedifa_information.get(slave_reference) %}
{%- set slave_kedifa = slave_kedifa_information.get(slave_reference) %}
{% if slave_kedifa %}
{%- if slave_kedifa %}
{% set key_download_url = slave_kedifa.get('key-download-url') %}
{%- set key_download_url = slave_kedifa.get('key-download-url') %}
{% else %}
{%- else %}
{% set key_download_url = 'notreadyyet' %}
{%- set key_download_url = 'notreadyyet' %}
{% endif %}
{%- endif %}
{% set slave_section_title = 'dynamic-template-slave-instance-%s' % slave_reference %}
{%- set slave_section_title = 'dynamic-template-slave-instance-%s' % slave_reference %}
{% set slave_parameter_dict = generic_instance_parameter_dict.copy() %}
{%- set slave_parameter_dict = generic_instance_parameter_dict.copy() %}
{% set slave_publish_dict = {} %}
{%- set slave_publish_dict = {} %}
{% set slave_configuration_section_name = 'slave-instance-%s-configuration' % slave_reference %}
{%- set slave_configuration_section_name = 'slave-instance-%s-configuration' % slave_reference %}
{% set slave_logrotate_section = slave_reference + "-logs" %}
{%- set slave_logrotate_section = slave_reference + "-logs" %}
{% set slave_logrotate_cache_direct_section = slave_reference + "-cache-direct-logs" %}
{%- set slave_logrotate_cache_direct_section = slave_reference + "-cache-direct-logs" %}
{% set slave_password_section = slave_reference + "-password" %}
{%- set slave_password_section = slave_reference + "-password" %}
{% set slave_ln_section = slave_reference + "-ln" %}
{%- set slave_ln_section = slave_reference + "-ln" %}
{#- extend parts #}
{# extend parts #}
{%- do part_list.extend([slave_ln_section]) %}
{% do part_list.extend([slave_ln_section]) %}
{%- do part_list.extend([slave_logrotate_section, slave_section_title]) %}
{% do part_list.extend([slave_logrotate_section, slave_section_title]) %}
{%- set slave_log_folder = '${logrotate-directory:logrotate-backup}/' + slave_reference + "-logs" %}
{%- if enable_cache %}
{% set slave_log_folder = '${logrotate-directory:logrotate-backup}/' + slave_reference + "-logs" %}
{%- set slave_log_cache_direct_folder = '${logrotate-directory:logrotate-backup}/' + slave_logrotate_cache_direct_section %}
{% if enable_cache %}
{%- do part_list.extend([slave_logrotate_cache_direct_section]) %}
{% set slave_log_cache_direct_folder = '${logrotate-directory:logrotate-backup}/' + slave_logrotate_cache_direct_section %}
{%- endif %}
{% do part_list.extend([slave_logrotate_cache_direct_section]) %}
{#- Pass HTTP2 switch #}
{% endif %}
{%- do slave_instance.__setitem__('enable_http2_by_default', enable_http2_by_default) %}
{%- do slave_instance.__setitem__('global_disable_http2', global_disable_http2) %}
{# Pass HTTP2 switch #}
{#- Pass proxy_try_duration and proxy_try_interval #}
{% do slave_instance.__setitem__('enable_http2_by_default', enable_http2_by_default) %}
{%- do slave_instance.__setitem__('proxy_try_duration', proxy_try_duration) %}
{% do slave_instance.__setitem__('global_disable_http2', global_disable_http2) %}
{%- do slave_instance.__setitem__('proxy_try_interval', proxy_try_interval) %}
{#- Set Up log files #}
{# Pass proxy_try_duration and proxy_try_interval #}
{%- do slave_parameter_dict.__setitem__('access_log', '/'.join([caddy_log_directory, '%s_access_log' % slave_reference])) %}
{% do slave_instance.__setitem__('proxy_try_duration', proxy_try_duration) %}
{%- do slave_parameter_dict.__setitem__('error_log', '/'.join([caddy_log_directory, '%s_error_log' % slave_reference])) %}
{% do slave_instance.__setitem__('proxy_try_interval', proxy_try_interval) %}
{%- do slave_instance.__setitem__('access_log', slave_parameter_dict.get('access_log')) %}
{%- do slave_instance.__setitem__('error_log', slave_parameter_dict.get('error_log')) %}
{# Set Up log files #}
{%- if enable_cache %}
{% do slave_parameter_dict.__setitem__('access_log', '/'.join([caddy_log_directory, '%s_access_log' % slave_reference])) %}
{%- do slave_parameter_dict.__setitem__('access_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_access_log' % slave_reference])) %}
{% do slave_parameter_dict.__setitem__('error_log', '/'.join([caddy_log_directory, '%s_error_log' % slave_reference])) %}
{%- do slave_parameter_dict.__setitem__('error_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_error_log' % slave_reference])) %}
{% do slave_instance.__setitem__('access_log', slave_parameter_dict.get('access_log')) %}
{%- do slave_instance.__setitem__('access_log_cache_direct', slave_parameter_dict.get('access_log_cache_direct')) %}
{% do slave_instance.__setitem__('error_log', slave_parameter_dict.get('error_log')) %}
{%- do slave_instance.__setitem__('error_log_cache_direct', slave_parameter_dict.get('error_log_cache_direct')) %}
{% if enable_cache %}
{%- endif %}
{% do slave_parameter_dict.__setitem__('access_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_access_log' % slave_reference])) %}
{#- Add slave log directory to the slave log access dict #}
{% do slave_parameter_dict.__setitem__('error_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_error_log' % slave_reference])) %}
{%- do slave_log_dict.__setitem__(slave_reference, slave_log_folder) %}
{% do slave_instance.__setitem__('access_log_cache_direct', slave_parameter_dict.get('access_log_cache_direct')) %}
{%- set slave_log_access_url = 'https://' + slave_reference.lower() + ':${'+ slave_password_section +':passwd}@[' + frontend_configuration.get('caddy-ipv6') + ']:' + frontend_configuration.get('caddy-https-port') + '/' + slave_reference.lower() + '/' %}
{% do slave_instance.__setitem__('error_log_cache_direct', slave_parameter_dict.get('error_log_cache_direct')) %}
{%- do slave_publish_dict.__setitem__('log-access', slave_log_access_url) %}
{% endif %}
{%- do slave_publish_dict.__setitem__('slave-reference', slave_reference) %}
{%- do slave_publish_dict.__setitem__('public-ipv4', public_ipv4) %}
{# Add slave log directory to the slave log access dict #}
{#- Set slave domain if none was defined #}
{% do slave_log_dict.__setitem__(slave_reference, slave_log_folder) %}
{%- if slave_instance.get('custom_domain', None) == None %}
{%- set domain_prefix = slave_instance.get('slave_reference').replace("-", "").replace("_", "").lower() %}
{% set slave_log_access_url = 'https://' + slave_reference.lower() + ':${'+ slave_password_section +':passwd}@[' + frontend_configuration.get('caddy-ipv6') + ']:' + frontend_configuration.get('caddy-https-port') + '/' + slave_reference.lower() + '/' %}
{%- do slave_instance.__setitem__('custom_domain', "%s.%s" % (domain_prefix, slapparameter_dict.get('domain'))) %}
{% do slave_publish_dict.__setitem__('log-access', slave_log_access_url) %}
{%- endif %}
{% do slave_publish_dict.__setitem__('slave-reference', slave_reference) %}
{%- if enable_cache and 'url' in slave_instance %}
{% do slave_publish_dict.__setitem__('public-ipv4', public_ipv4) %}
{%- if 'domain' in slave_instance %}
{%- if not slave_instance.get('custom_domain') %}
{# Set slave domain if none was defined #}
{%- do slave_instance.__setitem__('custom_domain', slave_instance.get('domain')) %}
{% if slave_instance.get('custom_domain', None) == None %}
{%- endif %}
{% set domain_prefix = slave_instance.get('slave_reference').replace("-", "").replace("_", "").lower() %}
{%- endif %}
{% do slave_instance.__setitem__('custom_domain', "%s.%s" % (domain_prefix, slapparameter_dict.get('domain'))) %}
{%- do slave_instance.__setitem__('backend_url', slave_instance.get('url')) %}
{% endif %}
{%- do slave_instance.__setitem__('https_backend_url', slave_instance.get('https-url', slave_instance.get('url'))) %}
{%- do slave_instance.__setitem__('url', cache_access) %}
{% if enable_cache and 'url' in slave_instance %}
{%- do slave_instance.__setitem__('https-url', ssl_cache_access) %}
{% if 'domain' in slave_instance %}
{%- do cached_server_dict.__setitem__(slave_reference, slave_configuration_section_name) %}
{% if not slave_instance.get('custom_domain') %}
{%- endif %}
{% do slave_instance.__setitem__('custom_domain', slave_instance.get('domain')) %}
{%- do slave_publish_dict.__setitem__('domain', slave_instance.get('custom_domain')) %}
{% endif %}
{%- do slave_publish_dict.__setitem__('url', "http://%s" % slave_instance.get('custom_domain')) %}
{% endif %}
{%- do slave_publish_dict.__setitem__('site_url', "http://%s" % slave_instance.get('custom_domain')) %}
{% do slave_instance.__setitem__('backend_url', slave_instance.get('url')) %}
{%- do slave_publish_dict.__setitem__('secure_access', 'https://%s' % slave_instance.get('custom_domain')) %}
{% do slave_instance.__setitem__('https_backend_url', slave_instance.get('https-url', slave_instance.get('url'))) %}
{% do slave_instance.__setitem__('url', cache_access) %}
{% do slave_instance.__setitem__('https-url', ssl_cache_access) %}
{% do cached_server_dict.__setitem__(slave_reference, slave_configuration_section_name) %}
{% endif %}
{% do slave_publish_dict.__setitem__('domain', slave_instance.get('custom_domain')) %}
{% do slave_publish_dict.__setitem__('url', "http://%s" % slave_instance.get('custom_domain')) %}
{% do slave_publish_dict.__setitem__('site_url', "http://%s" % slave_instance.get('custom_domain')) %}
{% do slave_publish_dict.__setitem__('secure_access', 'https://%s' % slave_instance.get('custom_domain')) %}
[slave-log-directory-dict]
[slave-log-directory-dict]
{{slave_reference}} = {{ slave_log_folder }}
{{slave_reference}} = {{ slave_log_folder }}
{% if enable_cache %}
{%
-
if enable_cache %}
[slave-log-cache-direct-directory-dict]
[slave-log-cache-direct-directory-dict]
{{slave_reference}}_cache_direct = {{ slave_log_cache_direct_folder }}
{{slave_reference}}_cache_direct = {{ slave_log_cache_direct_folder }}
{% endif %}
{%
-
endif %}
[slave-password]
[slave-password]
{{ slave_reference }} = {{ '${' + slave_password_section + ':passwd}' }}
{{ slave_reference }} = {{ '${' + slave_password_section + ':passwd}' }}
{# Set slave logrotate entry #}
{#
-
Set slave logrotate entry #}
[{{slave_logrotate_section}}]
[{{slave_logrotate_section}}]
<= logrotate-entry-base
<= logrotate-entry-base
name = ${:_buildout_section_name_}
name = ${:_buildout_section_name_}
log = {{slave_parameter_dict.get('access_log')}} {{slave_parameter_dict.get('error_log')}}
log = {{slave_parameter_dict.get('access_log')}} {{slave_parameter_dict.get('error_log')}}
backup = {{ slave_log_folder }}
backup = {{ slave_log_folder }}
{% if enable_cache %}
{%- if enable_cache %}
[{{slave_logrotate_cache_direct_section}}]
[{{slave_logrotate_cache_direct_section}}]
<= logrotate-entry-base
<= logrotate-entry-base
name = ${:_buildout_section_name_}
name = ${:_buildout_section_name_}
log = {{slave_parameter_dict.get('access_log_cache_direct')}} {{slave_parameter_dict.get('error_log_cache_direct')}}
log = {{slave_parameter_dict.get('access_log_cache_direct')}} {{slave_parameter_dict.get('error_log_cache_direct')}}
backup = {{ slave_log_cache_direct_folder }}
backup = {{ slave_log_cache_direct_folder }}
{% endif %}
{%- endif %}
{#- integrate current logs inside #}
{# integrate current logs inside #}
[{{slave_ln_section}}]
[{{slave_ln_section}}]
recipe = plone.recipe.command
recipe = plone.recipe.command
stop-on-error = false
stop-on-error = false
command = ln -s {{slave_parameter_dict.get('error_log')}} {{ slave_log_folder }}/error.log && ln -s {{slave_parameter_dict.get('access_log')}} {{ slave_log_folder }}/access.log
command = ln -s {{slave_parameter_dict.get('error_log')}} {{ slave_log_folder }}/error.log && ln -s {{slave_parameter_dict.get('access_log')}} {{ slave_log_folder }}/access.log
{# Set password for slave #}
{#- Set password for slave #}
[{{slave_password_section}}]
[{{slave_password_section}}]
recipe = slapos.cookbook:generate.password
recipe = slapos.cookbook:generate.password
storage-path = {{caddy_configuration_directory}}/.{{slave_reference}}.passwd
storage-path = {{caddy_configuration_directory}}/.{{slave_reference}}.passwd
bytes = 8
bytes = 8
{# ################################################## #}
{#- ################################################## #}
{# Set Slave Certificates if needed #}
{#- Set Slave Certificates if needed #}
{# Set certificate key for custom configuration #}
{#- Set certificate key for custom configuration #}
{% set cert_name = slave_reference.replace('-','.') + '.pem' %}
{%- set cert_name = slave_reference.replace('-','.') + '.pem' %}
{% set certificate = '%s/%s' % (autocert, cert_name) %}
{%- set certificate = '%s/%s' % (autocert, cert_name) %}
{% do slave_parameter_dict.__setitem__('certificate', certificate )%}
{%- do slave_parameter_dict.__setitem__('certificate', certificate )%}
{#- Set ssl certificates for each slave #}
{# Set ssl certificates for each slave #}
{%- for cert_name in ('ssl_csr', 'ssl_proxy_ca_crt')%}
{% for cert_name in ('ssl_csr', 'ssl_proxy_ca_crt')%}
{%- if cert_name in slave_instance %}
{% if cert_name in slave_instance %}
{%- set cert_title = '%s-%s' % (slave_reference, cert_name.replace('ssl_', '')) %}
{% set cert_title = '%s-%s' % (slave_reference, cert_name.replace('ssl_', '')) %}
{%- set cert_file = '/'.join([custom_ssl_directory, cert_title.replace('-','.')]) %}
{% set cert_file = '/'.join([custom_ssl_directory, cert_title.replace('-','.')]) %}
{%- do part_list.append(cert_title) %}
{% do part_list.append(cert_title) %}
{%- do slave_parameter_dict.__setitem__(cert_name, cert_file) %}
{% do slave_parameter_dict.__setitem__(cert_name, cert_file) %}
{%- do slave_instance.__setitem__('path_to_' + cert_name, cert_file) %}
{% do slave_instance.__setitem__('path_to_' + cert_name, cert_file) %}
{#- Store certificates on fs #}
{# Store certificates on fs #}
[{{ cert_title }}]
[{{ cert_title }}]
< = jinja2-template-base
< = jinja2-template-base
template = {{ empty_template }}
template = {{ empty_template }}
rendered = {{ cert_file }}
rendered = {{ cert_file }}
extra-context =
extra-context =
key content {{ cert_title + '-config:value' }}
key content {{ cert_title + '-config:value' }}
# BBB: SlapOS Master non-zero knowledge BEGIN
{#- BBB: SlapOS Master non-zero knowledge BEGIN #}
# Store certificate in config
{#- Store certificate in config #}
[{{ cert_title + '-config' }}]
[{{ cert_title + '-config' }}]
value = {{ dumps(slave_instance.get(cert_name)) }}
value = {{ dumps(slave_instance.get(cert_name)) }}
{% endif %}
{%- endif %}
{% endfor %}
{%- endfor %}
{#- Set Up Certs #}
{#- Set Up Certs #}
{% if 'ssl_key' in slave_instance and 'ssl_crt' in slave_instance %}
{%
-
if 'ssl_key' in slave_instance and 'ssl_crt' in slave_instance %}
{% set cert_title = '%s-crt' % (slave_reference) %}
{%
-
set cert_title = '%s-crt' % (slave_reference) %}
{% set cert_file = '/'.join([bbb_ssl_directory, cert_title.replace('-','.')]) %}
{%
-
set cert_file = '/'.join([bbb_ssl_directory, cert_title.replace('-','.')]) %}
{% do kedifa_updater_mapping.append((key_download_url, certificate, cert_file)) %}
{%
-
do kedifa_updater_mapping.append((key_download_url, certificate, cert_file)) %}
{% do part_list.append(cert_title) %}
{%
-
do part_list.append(cert_title) %}
{% do slave_parameter_dict.__setitem__("ssl_crt", cert_file) %}
{%
-
do slave_parameter_dict.__setitem__("ssl_crt", cert_file) %}
[{{cert_title}}]
[{{cert_title}}]
< = jinja2-template-base
< = jinja2-template-base
...
@@ -220,13 +208,14 @@ rendered = {{ cert_file }}
...
@@ -220,13 +208,14 @@ rendered = {{ cert_file }}
cert-content = {{ dumps(slave_instance.get('ssl_crt') + '\n' + slave_instance.get('ssl_ca_crt', '') + '\n' + slave_instance.get('ssl_key')) }}
cert-content = {{ dumps(slave_instance.get('ssl_crt') + '\n' + slave_instance.get('ssl_ca_crt', '') + '\n' + slave_instance.get('ssl_key')) }}
extra-context =
extra-context =
key content :cert-content
key content :cert-content
{% else %}
{%- else %}
{% do kedifa_updater_mapping.append((key_download_url, certificate, master_certificate)) %}
{%- do kedifa_updater_mapping.append((key_download_url, certificate, master_certificate)) %}
{% endif %}
{%- endif %}
# BBB: SlapOS Master non-zero knowledge END
{#- BBB: SlapOS Master non-zero knowledge END #}
{#- ########################################## #}
{#- Set Slave Configuration #}
{# ########################################## #}
{# Set Slave Configuration #}
[{{ slave_configuration_section_name }}]
[{{ slave_configuration_section_name }}]
certificate = {{ certificate }}
certificate = {{ certificate }}
https_port = {{ dumps('' ~ https_port) }}
https_port = {{ dumps('' ~ https_port) }}
...
@@ -235,11 +224,11 @@ local_ipv4 = {{ dumps('' ~ local_ipv4) }}
...
@@ -235,11 +224,11 @@ local_ipv4 = {{ dumps('' ~ local_ipv4) }}
cached_port = {{ dumps('' ~ cached_port) }}
cached_port = {{ dumps('' ~ cached_port) }}
ssl_cached_port = {{ ('' ~ ssl_cached_port) }}
ssl_cached_port = {{ ('' ~ ssl_cached_port) }}
request_timeout = {{ ('' ~ request_timeout) }}
request_timeout = {{ ('' ~ request_timeout) }}
{%
for key, value in slave_instance.iteritems() %}
{%
-
for key, value in slave_instance.iteritems() %}
{%
if value is not none %}
{%
-
if value is not none %}
{{ key }} = {{ dumps('' ~ value) }}
{{ key }} = {{ dumps('' ~ value) }}
{%
endif %}
{%
-
endif %}
{%
endfor %}
{%
-
endfor %}
[{{ slave_section_title }}]
[{{ slave_section_title }}]
< = jinja2-template-base
< = jinja2-template-base
...
@@ -254,10 +243,10 @@ filename = {{ '%s.conf' % slave_reference }}
...
@@ -254,10 +243,10 @@ filename = {{ '%s.conf' % slave_reference }}
{{ '\n' }}
{{ '\n' }}
{% set monitor_ipv6_test = slave_instance.get('monitor-ipv6-test', '') %}
{%
-
set monitor_ipv6_test = slave_instance.get('monitor-ipv6-test', '') %}
{% if monitor_ipv6_test %}
{%
-
if monitor_ipv6_test %}
{% set monitor_ipv6_section_title = 'check-%s-ipv6-packet-list-test' % slave_instance.get('slave_reference') %}
{%
-
set monitor_ipv6_section_title = 'check-%s-ipv6-packet-list-test' % slave_instance.get('slave_reference') %}
{% do part_list.append(monitor_ipv6_section_title) %}
{%
-
do part_list.append(monitor_ipv6_section_title) %}
[{{ monitor_ipv6_section_title }}]
[{{ monitor_ipv6_section_title }}]
<= monitor-promise-base
<= monitor-promise-base
module = check_icmp_packet_lost
module = check_icmp_packet_lost
...
@@ -265,12 +254,11 @@ name = {{ monitor_ipv6_section_title }}.py
...
@@ -265,12 +254,11 @@ name = {{ monitor_ipv6_section_title }}.py
config-address = {{ dumps(monitor_ipv6_test) }}
config-address = {{ dumps(monitor_ipv6_test) }}
# promise frequency in minutes (2 times/day)
# promise frequency in minutes (2 times/day)
config-frequency = 720
config-frequency = 720
{% endif %}
{%- endif %}
{%- set monitor_ipv4_test = slave_instance.get('monitor-ipv4-test', '') %}
{% set monitor_ipv4_test = slave_instance.get('monitor-ipv4-test', '') %}
{%- if monitor_ipv4_test %}
{% if monitor_ipv4_test %}
{%- set monitor_ipv4_section_title = 'check-%s-ipv4-packet-list-test' % slave_instance.get('slave_reference') %}
{% set monitor_ipv4_section_title = 'check-%s-ipv4-packet-list-test' % slave_instance.get('slave_reference') %}
{%- do part_list.append(monitor_ipv4_section_title) %}
{% do part_list.append(monitor_ipv4_section_title) %}
[{{ monitor_ipv4_section_title }}]
[{{ monitor_ipv4_section_title }}]
<= monitor-promise-base
<= monitor-promise-base
module = check_icmp_packet_lost
module = check_icmp_packet_lost
...
@@ -279,46 +267,41 @@ config-address = {{ dumps(monitor_ipv4_test) }}
...
@@ -279,46 +267,41 @@ config-address = {{ dumps(monitor_ipv4_test) }}
config-ipv4 = true
config-ipv4 = true
# promise frequency in minutes (2 times/day)
# promise frequency in minutes (2 times/day)
config-frequency = 720
config-frequency = 720
{% endif %}
{%- endif %}
{# ############################### #}
{#
-
############################### #}
{# Publish Slave Information #}
{#
-
Publish Slave Information #}
{% if not extra_slave_instance_list %}
{%
-
if not extra_slave_instance_list %}
{% set publish_section_title = 'publish-%s-connection-information' % slave_instance.get('slave_reference') %}
{%
-
set publish_section_title = 'publish-%s-connection-information' % slave_instance.get('slave_reference') %}
{% do part_list.append(publish_section_title) %}
{%
-
do part_list.append(publish_section_title) %}
[{{ publish_section_title }}]
[{{ publish_section_title }}]
recipe = slapos.cookbook:publish
recipe = slapos.cookbook:publish
{% for key, value in slave_publish_dict.iteritems() %}
{%
-
for key, value in slave_publish_dict.iteritems() %}
{{ key }} = {{ value }}
{{ key }} = {{ value }}
{% endfor %}
{%- endfor %}
{% else %}
{%- else %}
{% do slave_instance_information_list.append(slave_publish_dict) %}
{%- do slave_instance_information_list.append(slave_publish_dict) %}
{% endif %}
{%- endif %}
{%- endfor %} {# Slave iteration ends for slave_instance in slave_instance_list #}
{# End of the main for loop#}
{% endfor %}
[slave-log-directories]
[slave-log-directories]
<= slave-log-directory-dict
<= slave-log-directory-dict
recipe = slapos.cookbook:mkdirectory
recipe = slapos.cookbook:mkdirectory
{% do part_list.append('slave-log-directories') %}
{%
-
do part_list.append('slave-log-directories') %}
[slave-log-cache-direct-directories]
[slave-log-cache-direct-directories]
<= slave-log-cache-direct-directory-dict
<= slave-log-cache-direct-directory-dict
recipe = slapos.cookbook:mkdirectory
recipe = slapos.cookbook:mkdirectory
{% do part_list.append('slave-log-cache-direct-directories') %}
{%- do part_list.append('slave-log-cache-direct-directories') %}
{%- do part_list.append('caddy-log-access') %}
{% do part_list.append('caddy-log-access') %}
{#- ############################################## #}
{#- ## Prepare virtualhost for slaves using cache #}
{%- for slave_reference, slave_configuration_section_name in cached_server_dict.iteritems() %}
{%- set cached_slave_configuration_section_title = '%s-cached-virtualhost' % slave_reference %}
{%- do part_list.append(cached_slave_configuration_section_title) %}
###############################################
### Prepare virtualhost for slaves using cache
{% for slave_reference, slave_configuration_section_name in cached_server_dict.iteritems() %}
{% set cached_slave_configuration_section_title = '%s-cached-virtualhost' % slave_reference %}
{% do part_list.append(cached_slave_configuration_section_title) %}
[{{ cached_slave_configuration_section_title }}]
[{{ cached_slave_configuration_section_title }}]
< = jinja2-template-base
< = jinja2-template-base
template = {{ template_cached_slave_configuration }}
template = {{ template_cached_slave_configuration }}
...
@@ -328,8 +311,7 @@ extensions = jinja2.ext.do
...
@@ -328,8 +311,7 @@ extensions = jinja2.ext.do
extra-context =
extra-context =
section slave_parameter {{ slave_configuration_section_name }}
section slave_parameter {{ slave_configuration_section_name }}
{{ '\n' }}
{{ '\n' }}
{% endfor %}
{%- endfor %}
{#- Define IPv6 to IPV4 tunneling #}
{#- Define IPv6 to IPV4 tunneling #}
[tunnel-6to4-base]
[tunnel-6to4-base]
recipe = slapos.cookbook:wrapper
recipe = slapos.cookbook:wrapper
...
@@ -359,7 +341,8 @@ ipv6-port = {{ cached_port }}
...
@@ -359,7 +341,8 @@ ipv6-port = {{ cached_port }}
ipv4-port = {{ ssl_cached_port }}
ipv4-port = {{ ssl_cached_port }}
ipv6-port = {{ ssl_cached_port }}
ipv6-port = {{ ssl_cached_port }}
{# Define log access #}
{#- Define log access #}
[caddy-log-access-parameters]
[caddy-log-access-parameters]
caddy_log_directory = {{ dumps(caddy_log_directory) }}
caddy_log_directory = {{ dumps(caddy_log_directory) }}
caddy_configuration_directory = {{ dumps(caddy_configuration_directory) }}
caddy_configuration_directory = {{ dumps(caddy_configuration_directory) }}
...
@@ -382,15 +365,15 @@ extra-context =
...
@@ -382,15 +365,15 @@ extra-context =
section parameter_dict caddy-log-access-parameters
section parameter_dict caddy-log-access-parameters
{# Publish information for the instance #}
{#
-
Publish information for the instance #}
[publish-caddy-information]
[publish-caddy-information]
recipe = slapos.cookbook:publish.serialised
recipe = slapos.cookbook:publish.serialised
public-ipv4 = {{ public_ipv4 }}
public-ipv4 = {{ public_ipv4 }}
private-ipv4 = {{ local_ipv4 }}
private-ipv4 = {{ local_ipv4 }}
{% if extra_slave_instance_list %}
{%
-
if extra_slave_instance_list %}
{# sort_keys are important in order to avoid shuffling parameters on each run #}
{#
-
sort_keys are important in order to avoid shuffling parameters on each run #}
slave-instance-information-list = {{ json_module.dumps(slave_instance_information_list, sort_keys=True) }}
slave-instance-information-list = {{ json_module.dumps(slave_instance_information_list, sort_keys=True) }}
{% endif %}
{%
-
endif %}
monitor-base-url = {{ monitor_base_url }}
monitor-base-url = {{ monitor_base_url }}
csr_id-url = https://[${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port}/csr_id.txt
csr_id-url = https://[${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port}/csr_id.txt
csr_id-certificate = ${get-csr_id-certificate:certificate}
csr_id-certificate = ${get-csr_id-certificate:certificate}
...
@@ -418,9 +401,9 @@ update-command = ${:command}
...
@@ -418,9 +401,9 @@ update-command = ${:command}
recipe = slapos.recipe.template:jinja2
recipe = slapos.recipe.template:jinja2
file = {{ kedifa_updater_mapping_file }}
file = {{ kedifa_updater_mapping_file }}
template = inline:
template = inline:
{% for mapping in kedifa_updater_mapping %}
{%
-
for mapping in kedifa_updater_mapping %}
{{ mapping[0] }} {{ mapping[1] }} {{ mapping[2] }}
{{ mapping[0] }} {{ mapping[1] }} {{ mapping[2] }}
{% endfor %}
{%
-
endfor %}
rendered = ${:file}
rendered = ${:file}
...
@@ -440,12 +423,12 @@ extends =
...
@@ -440,12 +423,12 @@ extends =
parts +=
parts +=
kedifa-updater
kedifa-updater
kedifa-updater-run
kedifa-updater-run
{% for part in part_list %}
{%
-
for part in part_list %}
{{ ' %s' % part }}
{{ ' %s' % part }}
{% endfor %}
{%
-
endfor %}
{% if 'caddy-log-access' not in part_list %}
{%
-
if 'caddy-log-access' not in part_list %}
caddy-log-access-empty
caddy-log-access-empty
{% endif %}
{%
-
endif %}
publish-caddy-information
publish-caddy-information
tunnel-6to4-base-http_port
tunnel-6to4-base-http_port
tunnel-6to4-base-https_port
tunnel-6to4-base-https_port
...
@@ -531,4 +514,4 @@ recipe = collective.recipe.shelloutput
...
@@ -531,4 +514,4 @@ recipe = collective.recipe.shelloutput
commands =
commands =
certificate = cat ${certificate-csr_id:certificate}
certificate = cat ${certificate-csr_id:certificate}
{%
endif %
}
{%
- endif %} {# if software_type == slap_software_type #
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment