caddy-frontend: Use instance_parameter_dict name

It's a dict, and in SlapOS usage of Jinja2 it's good to see the type of a variable immediately.

caddy-frontend: Use instance_parameter_dict name
It's a dict, and in SlapOS usage of Jinja2 it's good to see the type of a variable immediately.
61ebfefe · Łukasz Nowak · 041a49c3 · 61ebfefe · 61ebfefe · 61ebfefe
Commit 61ebfefe authored Oct 09, 2020 by Łukasz Nowak
6 changed files
--- a/software/caddy-frontend/buildout.hash.cfg
+++ b/software/caddy-frontend/buildout.hash.cfg
@@ -14,7 +14,7 @@
 # not need these here).
 [template]
 filename = instance.cfg.in
-md5sum = d1df1988d793357de74643771b3cd62a
+md5sum = 58f330d2655f5438c445a6181d32f259

 [profile-common]
 filename = instance-common.cfg.in
@@ -22,15 +22,15 @@ md5sum = 5784bea3bd608913769ff9a8afcccb68

 [profile-caddy-frontend]
 filename = instance-apache-frontend.cfg.in
-md5sum = 70fba21c38c309d5237b972626faf096
+md5sum = 48d549d1327859cac83536806de8ee99

 [profile-caddy-replicate]
 filename = instance-apache-replicate.cfg.in
-md5sum = 5fe2de2096fa9da9f549bd44e3c69c0e
+md5sum = 04feda2f6b2f50615384c773843d895e

 [profile-slave-list]
 _update_hash_filename_ = templates/apache-custom-slave-list.cfg.in
-md5sum = 23b6d77683b369707407cc78660864d5
+md5sum = 74f075296c782e9f7b6d6fbdfe05768f

 [profile-replicate-publish-slave-information]
 _update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in
@@ -114,7 +114,7 @@ md5sum = 38792c2dceae38ab411592ec36fff6a8

 [profile-kedifa]
 filename = instance-kedifa.cfg.in
-md5sum = c8cfbfe7a2ef43cc7731f5ad9dd52d8d
+md5sum = 68345fbe2792a617079fafc443264290

 [template-backend-haproxy-rsyslogd-conf]
 _update_hash_filename_ = templates/backend-haproxy-rsyslogd.conf.in

--- a/software/caddy-frontend/instance-apache-frontend.cfg.in
+++ b/software/caddy-frontend/instance-apache-frontend.cfg.in
-{%- if instance_parameter['slap-software-type'] == software_type -%}
+{%- if instance_parameter_dict['slap-software-type'] == software_type -%}
 {% import "caucase" as caucase with context %}
 {%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] -%}
 [buildout]
@@ -106,7 +106,7 @@ template-log-access = {{ software_parameter_dict['template_log_access'] }}
 log-access-configuration = ${directory:etc}/log-access.conf
 ip-access-certificate = ${self-signed-ip-access:certificate}
 caddy-directory = {{ software_parameter_dict['caddy_location'] }}
-caddy-ipv6 = {{ instance_parameter['ipv6-random'] }}
+caddy-ipv6 = {{ instance_parameter_dict['ipv6-random'] }}
 caddy-https-port = ${configuration:port}
 nginx = {{ software_parameter_dict['nginx'] }}
 nginx_mime = {{ software_parameter_dict['nginx_mime'] }}
@@ -122,7 +122,7 @@ slave-introspection-domain = ${slave-introspection-frontend:connection-domain}
 recipe = plone.recipe.command
 update-command = ${:command}
 ipv6 = ${slap-network-information:global-ipv6}
-ipv4 = {{instance_parameter['ipv4-random']}}
+ipv4 = {{instance_parameter_dict['ipv4-random']}}
 certificate = ${caddy-directory:master-autocert-dir}/ip-access-${:ipv6}-${:ipv4}.crt
 stop-on-error = True
 command =
@@ -145,7 +145,7 @@ command =
 recipe = plone.recipe.command
 update-command = ${:command}
 ipv6 = ${slap-network-information:global-ipv6}
-ipv4 = {{instance_parameter['ipv4-random']}}
+ipv4 = {{instance_parameter_dict['ipv4-random']}}
 certificate = ${caddy-directory:master-autocert-dir}/fallback-access.crt
 stop-on-error = True
 command =
@@ -156,7 +156,7 @@ command =
     -new -newkey rsa:2048 -sha256 \
     -nodes -x509 -days 36500 \
     -keyout ${:certificate} \
-     -subj "/CN=Fallback certificate/OU={{ instance_parameter['configuration.frontend-name'] }}" \
+     -subj "/CN=Fallback certificate/OU={{ instance_parameter_dict['configuration.frontend-name'] }}" \
     -out ${:certificate}'

 [jinja2-template-base]
@@ -164,8 +164,8 @@ recipe = slapos.recipe.template:jinja2
 rendered = ${buildout:directory}/${:filename}
 extensions = jinja2.ext.do
 extra-context =
-slapparameter_dict = {{ dumps(instance_parameter['configuration']) }}
-slap_software_type = {{ dumps(instance_parameter['slap-software-type']) }}
+slapparameter_dict = {{ dumps(instance_parameter_dict['configuration']) }}
+slap_software_type = {{ dumps(instance_parameter_dict['slap-software-type']) }}
 context =
    import json_module json
    raw profile_common {{ software_parameter_dict['profile_common'] }}
@@ -195,7 +195,7 @@ crl = ${:d}/kedifa-login-crl.pem
 [kedifa-login-csr]
 recipe = plone.recipe.command
 organization = {{ slapparameter_dict['cluster-identification'] }}
-organizational_unit = {{ instance_parameter['configuration.frontend-name'] }}
+organizational_unit = {{ instance_parameter_dict['configuration.frontend-name'] }}
 command =
 {% if slapparameter_dict['kedifa-caucase-url'] %}
  if [ ! -f ${:template-csr} ] && [ ! -f ${:key} ]  ; then
@@ -248,7 +248,7 @@ crl = ${:d}/crl.pem
 [backend-client-login-csr]
 recipe = plone.recipe.command
 organization = {{ slapparameter_dict['cluster-identification'] }}
-organizational_unit = {{ instance_parameter['configuration.frontend-name'] }}
+organizational_unit = {{ instance_parameter_dict['configuration.frontend-name'] }}
 command =
 {% if slapparameter_dict['backend-client-caucase-url'] %}
  if [ ! -f ${:template-csr} ] && [ ! -f ${:key} ]  ; then
@@ -288,7 +288,7 @@ bin_directory = {{ software_parameter_dict['bin_directory'] }}
 caddy_executable = {{ software_parameter_dict['caddy'] }}
 sixtunnel_executable = {{ software_parameter_dict['sixtunnel'] }}/bin/6tunnel
 organization = {{ slapparameter_dict['cluster-identification'] }}
-organizational-unit = {{ instance_parameter['configuration.frontend-name'] }}
+organizational-unit = {{ instance_parameter_dict['configuration.frontend-name'] }}
 backend-client-caucase-url = {{ slapparameter_dict['backend-client-caucase-url'] }}
 extra-context =
    key caddy_configuration_directory caddy-directory:slave-configuration
@@ -318,7 +318,7 @@ extra-context =
 ## Configuration passed by section
    section configuration configuration
    section backend_haproxy_configuration backend-haproxy-configuration
-    section instance_parameter instance-parameter
+    section instance_parameter_dict instance-parameter-section
    section frontend_configuration frontend-configuration
    section caddy_configuration caddy-configuration
    section kedifa_configuration kedifa-configuration
@@ -328,7 +328,7 @@ extra-context =
 < = jinja2-template-base
 template = {{ software_parameter_dict['template_caddy_frontend_configuration'] }}
 rendered = ${caddy-configuration:frontend-configuration}
-local_ipv4 =  {{ dumps(instance_parameter['ipv4-random']) }}
+local_ipv4 =  {{ dumps(instance_parameter_dict['ipv4-random']) }}
 extra-context =
    key httpd_home software-release-path:caddy-location
    key httpd_mod_ssl_cache_directory caddy-directory:mod-ssl
@@ -359,12 +359,12 @@ template = inline:
  -conf ${dynamic-caddy-frontend-template:rendered} \
  -log ${caddy-configuration:error-log} \
  -log-roll-mb 0 \
-{% if instance_parameter['configuration.global-disable-http2'].lower() in TRUE_VALUES %}
+{% if instance_parameter_dict['configuration.global-disable-http2'].lower() in TRUE_VALUES %}
  -http2=false \
 {% else %}
  -http2=true \
 {% endif %}
-  -grace {{ instance_parameter['configuration.mpm-graceful-shutdown-timeout'] }}s \
+  -grace {{ instance_parameter_dict['configuration.mpm-graceful-shutdown-timeout'] }}s \
  -disable-http-challenge \
  -disable-tls-alpn-challenge \
   "$@"
@@ -459,7 +459,7 @@ logrotate-backup = ${logrotate-directory:logrotate-backup}/trafficserver
 [trafficserver-variable]
 wrapper-path = ${directory:service}/trafficserver
 reload-path = ${directory:etc-run}/trafficserver-reload
-local-ip = {{ instance_parameter['ipv4-random'] }}
+local-ip = {{ instance_parameter_dict['ipv4-random'] }}
 input-port = 23432
 hostname = ${configuration:frontend-name}
 plugin-config =
@@ -524,7 +524,7 @@ template = inline:
  map / http://{{ ipv4 }}:{{ http_port }}
 {%- endraw %}
 extra-context =
-  raw ipv4 {{ instance_parameter['ipv4-random'] }}
+  raw ipv4 {{ instance_parameter_dict['ipv4-random'] }}
  key https_port backend-haproxy-configuration:https-port
  key http_port backend-haproxy-configuration:http-port

@@ -668,42 +668,42 @@ config-verification-script = ${promise-helper-last-configuration-state:rendered}
 <= monitor-promise-base
 module = check_port_listening
 name = caddy_frontend_ipv4_https.py
-config-hostname = {{ instance_parameter['ipv4-random'] }}
+config-hostname = {{ instance_parameter_dict['ipv4-random'] }}
 config-port = ${configuration:port}

 [promise-caddy-frontend-v4-http]
 <= monitor-promise-base
 module = check_port_listening
 name = caddy_frontend_ipv4_http.py
-config-hostname = {{ instance_parameter['ipv4-random'] }}
+config-hostname = {{ instance_parameter_dict['ipv4-random'] }}
 config-port = ${configuration:plain_http_port}

 [promise-caddy-frontend-v6-https]
 <= monitor-promise-base
 module = check_port_listening
 name = caddy_frontend_ipv6_https.py
-config-hostname = {{ instance_parameter['ipv6-random'] }}
+config-hostname = {{ instance_parameter_dict['ipv6-random'] }}
 config-port = ${configuration:port}

 [promise-caddy-frontend-v6-http]
 <= monitor-promise-base
 module = check_port_listening
 name = caddy_frontend_ipv6_http.py
-config-hostname = {{ instance_parameter['ipv6-random'] }}
+config-hostname = {{ instance_parameter_dict['ipv6-random'] }}
 config-port = ${configuration:plain_http_port}

 [promise-backend-haproxy-http]
 <= monitor-promise-base
 module = check_port_listening
 name = backend_haproxy_http.py
-config-hostname = {{ instance_parameter['ipv4-random'] }}
+config-hostname = {{ instance_parameter_dict['ipv4-random'] }}
 config-port = ${backend-haproxy-configuration:http-port}

 [promise-backend-haproxy-https]
 <= monitor-promise-base
 module = check_port_listening
 name = backend_haproxy_https.py
-config-hostname = {{ instance_parameter['ipv4-random'] }}
+config-hostname = {{ instance_parameter_dict['ipv4-random'] }}
 config-port = ${backend-haproxy-configuration:https-port}

 [backend-haproxy-configuration]
@@ -849,8 +849,8 @@ hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
 # Note: Workaround for monitor stack, which uses monitor-httpd-port parameter
 #       directly, and in our case it can come from the network, thus resulting
 #       with need to strip !py!'u'
-monitor-httpd-port = {{ instance_parameter['configuration.monitor-httpd-port'] | int }}
-password = {{ instance_parameter['configuration.monitor-password'] | string }}
+monitor-httpd-port = {{ instance_parameter_dict['configuration.monitor-httpd-port'] | int }}
+password = {{ instance_parameter_dict['configuration.monitor-password'] | string }}

 [monitor-conf-parameters]
 private-path-list += 
@@ -881,7 +881,7 @@ extra-context =
 template = {{ software_parameter_dict['template_wrapper'] }}
 rendered = ${directory:bin}/monitor-caddy-server-status-wrapper
 mode = 0700
-command = {{ software_parameter_dict['curl'] }}/bin/curl -s http://{{ instance_parameter['ipv4-random'] }}:${configuration:plain_http_port}/server-status -u ${monitor-instance-parameter:username}:${monitor-htpasswd:passwd} 2>&1
+command = {{ software_parameter_dict['curl'] }}/bin/curl -s http://{{ instance_parameter_dict['ipv4-random'] }}:${configuration:plain_http_port}/server-status -u ${monitor-instance-parameter:username}:${monitor-htpasswd:passwd} 2>&1
 extra-context =
  key content monitor-caddy-server-status-wrapper:command

@@ -912,20 +912,20 @@ extra-context =
 [slave-introspection-frontend]
 <= slap-connection
 recipe = slapos.cookbook:requestoptional
-name = Slave Introspection Frontend {{ instance_parameter['configuration.frontend-name'] }}
+name = Slave Introspection Frontend {{ instance_parameter_dict['configuration.frontend-name'] }}
 software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
 slave = true
-config-url = https://[${slap-network-information:global-ipv6}]:{{ instance_parameter['configuration.slave-introspection-https-port'] }}/
+config-url = https://[${slap-network-information:global-ipv6}]:{{ instance_parameter_dict['configuration.slave-introspection-https-port'] }}/
 config-https-only = true
 return = domain secure_access

 [backend-haproxy-statistic-frontend]
 <= slap-connection
 recipe = slapos.cookbook:requestoptional
-name = Backend Haproxy Statistic Frontend {{ instance_parameter['configuration.frontend-name'] }}
+name = Backend Haproxy Statistic Frontend {{ instance_parameter_dict['configuration.frontend-name'] }}
 software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
 slave = true
-config-url = https://[${slap-network-information:global-ipv6}]:{{ instance_parameter['configuration.backend-haproxy-statistic-port'] }}/
+config-url = https://[${slap-network-information:global-ipv6}]:{{ instance_parameter_dict['configuration.backend-haproxy-statistic-port'] }}/
 config-https-only = true
 return = domain secure_access

@@ -994,7 +994,7 @@ context =
 <= monitor-promise-base
 module = check_port_listening
 name = slave_introspection_https.py
-config-hostname = {{ instance_parameter['ipv6-random'] }}
+config-hostname = {{ instance_parameter_dict['ipv6-random'] }}
 config-port = ${frontend-configuration:slave-introspection-https-port}

 [logrotate-entry-slave-introspection]
@@ -1013,19 +1013,19 @@ config-command =
  ${logrotate:wrapper-path} -d

 [configuration]
-{%- for key, value in instance_parameter.iteritems() -%}
+{%- for key, value in instance_parameter_dict.iteritems() -%}
 {%-   if key.startswith('configuration.') %}
 {{ key.replace('configuration.', '') }} = {{ dumps(value) }}
 {%-   endif -%}
 {%- endfor %}

-[instance-parameter]
+[instance-parameter-section]
 {#- There are dangerous keys like recipe, etc #}
 {#- XXX: Some other approach would be useful #}
 {%- set DROP_KEY_LIST = ['recipe', '__buildout_signature__', 'computer', 'partition', 'url', 'key', 'cert'] %}
-{%- for key, value in instance_parameter.iteritems() -%}
+{%- for key, value in instance_parameter_dict.iteritems() -%}
 {%-   if not key.startswith('configuration.') and key not in DROP_KEY_LIST %}
 {{ key }} = {{ dumps(value) }}
 {%-   endif -%}
 {%- endfor -%}
-{%- endif -%} {# if instance_parameter['slap-software-type'] == software_type #}
+{%- endif -%} {# if instance_parameter_dict['slap-software-type'] == software_type #}
--- a/software/caddy-frontend/instance-apache-replicate.cfg.in
+++ b/software/caddy-frontend/instance-apache-replicate.cfg.in
-{% if instance_parameter['slap-software-type'] in software_type %}
+{% if instance_parameter_dict['slap-software-type'] in software_type %}
 {% set aibcc_enabled = True %}
 {% import "caucase" as caucase with context %}
 {#- SERVER_POLLUTED_KEY_LIST is a list of keys which comes from various SlapOS Master implementations, which mix request and publish keys on each slave information -#}
@@ -11,8 +11,8 @@
 {% set master_partition_monitor_monitor_httpd_port = 8401 %}
 {% set kedifa_partition_monitor_httpd_port = 8402 %}
 {% set frontend_monitor_httpd_base_port = 8410 %}
-{% set caucase_host = '[' ~ instance_parameter['ipv6-random'] ~ ']' %}
-{% set caucase_netloc = caucase_host ~ ':' ~ instance_parameter['configuration.caucase_backend_client_port'] %}
+{% set caucase_host = '[' ~ instance_parameter_dict['ipv6-random'] ~ ']' %}
+{% set caucase_netloc = caucase_host ~ ':' ~ instance_parameter_dict['configuration.caucase_backend_client_port'] %}
 {% set caucase_url = 'http://' ~ caucase_netloc %}
 [jinja2-template-base]
 recipe = slapos.recipe.template:jinja2
@@ -26,12 +26,12 @@ context =
 {% set popen = functools_module.partial(subprocess_module.Popen, stdout=subprocess_module.PIPE, stderr=subprocess_module.STDOUT, stdin=subprocess_module.PIPE) %}
 {% set part_list = [] %}
 {% set single_type_key = 'single-' %}
-{% if instance_parameter['slap-software-type'] == "replicate" %}
+{% if instance_parameter_dict['slap-software-type'] == "replicate" %}
 {%   set frontend_type = slapparameter_dict.pop('-frontend-type', 'single-default') %}
-{% elif instance_parameter['slap-software-type'] in ['default', 'RootSoftwareInstance'] %}
+{% elif instance_parameter_dict['slap-software-type'] in ['default', 'RootSoftwareInstance'] %}
 {%   set frontend_type = "%s%s" % (single_type_key, 'custom-personal') %}
 {% else %}
-{%   set frontend_type = "%s%s" % (single_type_key, instance_parameter['slap-software-type']) %}
+{%   set frontend_type = "%s%s" % (single_type_key, instance_parameter_dict['slap-software-type']) %}
 {% endif %}
 {% set frontend_quantity = slapparameter_dict.pop('-frontend-quantity', '1') | int %}
 {% set slave_list_name = 'extra_slave_instance_list' %}
@@ -685,7 +685,7 @@ service = ${:etc}/service
 promise-output = ${:srv}/promise-output

 [rejected-slave-publish-configuration]
-ip = {{ instance_parameter['ipv6-random'] }}
+ip = {{ instance_parameter_dict['ipv6-random'] }}
 port = 14455

 [rejected-slave-publish]

--- a/software/caddy-frontend/instance-kedifa.cfg.in
+++ b/software/caddy-frontend/instance-kedifa.cfg.in
-{%- if instance_parameter['slap-software-type'] == software_type -%}
+{%- if instance_parameter_dict['slap-software-type'] == software_type -%}
 {% import "caucase" as caucase with context %}
 # KeDiFa instance profile
 [buildout]
@@ -25,14 +25,14 @@ parts =
 # Note: Workaround for monitor stack, which uses monitor-httpd-port parameter
 #       directly, and in our case it can come from the network, thus resulting
 #       with need to strip !py!'u'
-monitor-httpd-port = {{ instance_parameter['configuration.monitor-httpd-port'] | int }}
-password = {{ instance_parameter['configuration.monitor-password'] | string }}
+monitor-httpd-port = {{ instance_parameter_dict['configuration.monitor-httpd-port'] | int }}
+password = {{ instance_parameter_dict['configuration.monitor-password'] | string }}

 [caucased]
 hash-existing-files = ${buildout:directory}/software_release/buildout.cfg

-{%  set caucase_host = '[' ~ instance_parameter['ipv6-random'] ~ ']' %}
-{%  set caucase_netloc = caucase_host ~ ':' ~ instance_parameter['configuration.caucase_port'] -%}
+{%  set caucase_host = '[' ~ instance_parameter_dict['ipv6-random'] ~ ']' %}
+{%  set caucase_netloc = caucase_host ~ ':' ~ instance_parameter_dict['configuration.caucase_port'] -%}
 {%  set caucase_url = 'http://' ~ caucase_netloc -%}
 {{  caucase.caucased(
      prefix='caucased',
@@ -139,12 +139,12 @@ update-command = ${:command}
 command =
  if ! [ -f ${:key} ] && ! [ -f ${:certificate} ] ; then
    {{ software_parameter_dict['openssl'] }} req -new -newkey rsa:2048 -sha256 -subj \
-      "/O=${kedifa-csr:organization}/OU=${kedifa-csr:organizational_unit}/CN={{ instance_parameter['ipv6-random'] }}" \
+      "/O=${kedifa-csr:organization}/OU=${kedifa-csr:organizational_unit}/CN={{ instance_parameter_dict['ipv6-random'] }}" \
      -days 5 -nodes -x509 -keyout ${:key} -out ${:certificate}
  fi

 [expose-csr_id-configuration]
-ip = {{ instance_parameter['ipv6-random'] }}
+ip = {{ instance_parameter_dict['ipv6-random'] }}
 port = 17000
 key = ${certificate-csr_id:key}
 certificate = ${certificate-csr_id:certificate}
@@ -191,8 +191,8 @@ commands =
 recipe = slapos.recipe.template:jinja2
 rendered = ${buildout:directory}/${:filename}
 extra-context =
-slapparameter_dict = {{ dumps(instance_parameter['configuration']) }}
-slap_software_type = {{ dumps(instance_parameter['slap-software-type']) }}
+slapparameter_dict = {{ dumps(instance_parameter_dict['configuration']) }}
+slap_software_type = {{ dumps(instance_parameter_dict['slap-software-type']) }}
 context =
    import json_module json
    raw profile_common {{ software_parameter_dict['profile_common'] }}
@@ -202,8 +202,8 @@ context =
    ${:extra-context}

 [kedifa-config]
-ip = {{ instance_parameter['ipv6-random'] }}
-port = {{ instance_parameter['configuration.kedifa_port'] }}
+ip = {{ instance_parameter_dict['ipv6-random'] }}
+port = {{ instance_parameter_dict['configuration.kedifa_port'] }}
 db = ${directory:kedifa}/kedifa.sqlite
 certificate = ${directory:etc-kedifa}/certificate.pem
 key = ${:certificate}
@@ -236,7 +236,7 @@ config-ca-cert-file = ${kedifa-config:ca-certificate}
 <= logrotate-entry-base
 name = kedifa
 log = ${kedifa-config:logfile}
-rotate-num = {{ instance_parameter['configuration.rotate-num'] | int }}
+rotate-num = {{ instance_parameter_dict['configuration.rotate-num'] | int }}
 delaycompress =

 [kedifa]
@@ -311,4 +311,4 @@ name = ${:_buildout_section_name_}.py
 config-command =
  ${logrotate:wrapper-path} -d

-{%- endif -%} {# if instance_parameter['slap-software-type'] == software_type #}
+{%- endif -%} {# if instance_parameter_dict['slap-software-type'] == software_type #}
--- a/software/caddy-frontend/instance.cfg.in
+++ b/software/caddy-frontend/instance.cfg.in
@@ -15,7 +15,7 @@ context =
    import json_module json
    key slapparameter_dict instance-parameter:configuration
    key slave_instance_list instance-parameter:slave-instance-list
-    section instance_parameter instance-parameter
+    section instance_parameter_dict instance-parameter
    section software_parameter_dict software-parameter-section
    ${:extra-context}


--- a/software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
+++ b/software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
@@ -4,15 +4,15 @@
 {%- set backend_slave_list = [] %}
 {%- set part_list = [] %}
 {%- set cache_port = caddy_configuration.get('cache-port') %}
-{%- set cache_access = "http://%s:%s" % (instance_parameter['ipv4-random'], cache_port) %}
-{%- set ssl_cache_access = "http://%s:%s/HTTPS" % (instance_parameter['ipv4-random'], cache_port) %}
-{%- set backend_haproxy_http_url = 'http://%s:%s' % (instance_parameter['ipv4-random'], backend_haproxy_configuration['http-port']) %}
-{%- set backend_haproxy_https_url = 'http://%s:%s' % (instance_parameter['ipv4-random'], backend_haproxy_configuration['https-port']) %}
+{%- set cache_access = "http://%s:%s" % (instance_parameter_dict['ipv4-random'], cache_port) %}
+{%- set ssl_cache_access = "http://%s:%s/HTTPS" % (instance_parameter_dict['ipv4-random'], cache_port) %}
+{%- set backend_haproxy_http_url = 'http://%s:%s' % (instance_parameter_dict['ipv4-random'], backend_haproxy_configuration['http-port']) %}
+{%- set backend_haproxy_https_url = 'http://%s:%s' % (instance_parameter_dict['ipv4-random'], backend_haproxy_configuration['https-port']) %}
 {%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] %}
-{%- set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': instance_parameter['ipv4-random'], 'http_port': configuration['plain_http_port'], 'https_port': configuration['port']} %}
+{%- set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': instance_parameter_dict['ipv4-random'], 'http_port': configuration['plain_http_port'], 'https_port': configuration['port']} %}
 {%- set slave_log_dict = {} %}
 {%- set slave_instance_information_list = [] %}
-{%- set slave_instance_list = instance_parameter['slave-instance-list'] %}
+{%- set slave_instance_list = instance_parameter_dict['slave-instance-list'] %}
 {%- if configuration['extra_slave_instance_list'] %}
 {%-   do slave_instance_list.extend(json_module.loads(configuration['extra_slave_instance_list'])) %}
 {%- endif %}
@@ -236,7 +236,7 @@ extra-context =
 certificate = {{ certificate }}
 https_port = {{ dumps('' ~ configuration['port']) }}
 http_port = {{ dumps('' ~ configuration['plain_http_port']) }}
-local_ipv4 = {{ dumps('' ~ instance_parameter['ipv4-random']) }}
+local_ipv4 = {{ dumps('' ~ instance_parameter_dict['ipv4-random']) }}
 {%-   for key, value in slave_instance.iteritems() %}
 {%-     if value is not none %}
 {{ key }} = {{ dumps('' ~ value) }}
@@ -334,7 +334,7 @@ ipv6-port = {{ configuration['port'] }}
 [caddy-log-access-parameters]
 caddy_log_directory = {{ dumps(caddy_log_directory) }}
 caddy_configuration_directory = {{ dumps(caddy_configuration_directory) }}
-local_ipv4 = {{ dumps(instance_parameter['ipv4-random']) }}
+local_ipv4 = {{ dumps(instance_parameter_dict['ipv4-random']) }}
 global_ipv6 = {{ dumps(global_ipv6) }}
 https_port = {{ dumps(configuration['port']) }}
 http_port = {{ dumps(configuration['plain_http_port']) }}
@@ -353,7 +353,7 @@ extra-context =
    section parameter_dict caddy-log-access-parameters

 [slave-introspection-parameters]
-local-ipv4 = {{ dumps(instance_parameter['ipv4-random']) }}
+local-ipv4 = {{ dumps(instance_parameter_dict['ipv4-random']) }}
 global-ipv6 = {{ dumps(global_ipv6) }}
 https-port = {{ frontend_configuration['slave-introspection-https-port'] }}
 ip-access-certificate = {{ frontend_configuration.get('ip-access-certificate') }}
@@ -386,7 +386,7 @@ hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
 [publish-caddy-information]
 recipe = slapos.cookbook:publish.serialised
 public-ipv4 = {{ configuration['public-ipv4'] }}
-private-ipv4 = {{ instance_parameter['ipv4-random'] }}
+private-ipv4 = {{ instance_parameter_dict['ipv4-random'] }}
 {%- if configuration['extra_slave_instance_list'] %}
 {#-   sort_keys are important in order to avoid shuffling parameters on each run #}
 slave-instance-information-list = {{ json_module.dumps(slave_instance_information_list, sort_keys=True) }}
@@ -453,7 +453,7 @@ extra-context =
 {%- for key, value in backend_haproxy_configuration.items() %}
 {{ key }} = {{ value }}
 {%- endfor %}
-local-ipv4 = {{ dumps('' ~ instance_parameter['ipv4-random']) }}
+local-ipv4 = {{ dumps('' ~ instance_parameter_dict['ipv4-random']) }}
 global-ipv6 = ${slap-network-information:global-ipv6}
 request-timeout = {{ dumps('' ~ configuration['request-timeout']) }}
 backend-connect-timeout = {{ dumps('' ~ configuration['backend-connect-timeout']) }}