Commit 7537a43c by Rafael Monnerat

Update Release Candidate

2 parents af575a66 28b8b07b
Showing 59 changed files with 1298 additions and 403 deletions
......@@ -18,12 +18,12 @@ shared = true
url = http://fontconfig.org/release/fontconfig-2.12.6.tar.bz2
md5sum = 733f5e2371ca77b69707bd7b30cc2163
pkg_config_depends = ${freetype:pkg_config_depends}:${freetype:location}/lib/pkgconfig:${libxml2:location}/lib/pkgconfig
# XXX-Cedric : should we use --with-add-fonts={somefont:location}/share,{someotherfont:location}/share?
configure-options =
--disable-static
--disable-docs
--enable-libxml2
--with-default-fonts=${fonts:location}
--with-add-fonts=no
environment =
PATH=${pkgconfig:location}/bin:${gperf:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${:pkg_config_depends}
......
......@@ -9,6 +9,7 @@ parts =
ipa-fonts
ocrb-fonts
android-fonts
dejavu-fonts
[fonts]
location = ${buildout:parts-directory}/${:_buildout_section_name_}
......@@ -50,6 +51,13 @@ md5sum = 2d41d5342eb5f61591ddeec5b80da74d
environment =
PATH=${xz-utils:location}/bin:%(PATH)s
# The DejaVu fonts are a font family based upon Bitstream Vera v1.10. Its purpose is to
# provide a wider range of characters while maintaining the original look-and-feel
[dejavu-fonts]
<= fonts-base
url = https://github.com/dejavu-fonts/dejavu-fonts/releases/download/version_2_37/dejavu-fonts-ttf-2.37.tar.bz2
md5sum = d0efec10b9f110a32e9b8f796e21782c
# Microsoft's TrueType core fonts
# non-free so not enabled by default
[msttcore-fonts]
......
......@@ -9,12 +9,13 @@ extends =
../gtk-2/buildout.cfg
../pkgconfig/buildout.cfg
../zlib/buildout.cfg
../libexpat/buildout.cfg
[graphviz]
recipe = slapos.recipe.cmmi
shared = true
url = http://www.graphviz.org/pub/graphviz/stable/SOURCES/graphviz-2.38.0.tar.gz
md5sum = 5b6a829b2ac94efcd5fa3c223ed6d3ae
url = https://ftp.osuosl.org/pub/blfs/conglomeration/graphviz/graphviz-2.40.1.tar.gz
md5sum = 4ea6fd64603536406166600bcc296fc8
pkg_config_depends = ${pango:location}/lib/pkgconfig:${pango:pkg_config_depends}
configure-options =
--with-included-ltdl
......@@ -22,6 +23,7 @@ configure-options =
--with-zlibdir=${zlib:location}/lib
--with-freetype2
--with-fontconfig
--with-expat
--disable-swig
--disable-sharp
--disable-go
......@@ -37,7 +39,6 @@ configure-options =
--disable-ruby
--disable-tcl
--without-x
--without-expat
--without-devil
--without-webp
--without-poppler
......@@ -59,5 +60,5 @@ configure-options =
environment =
PATH=${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${:pkg_config_depends}
CPPFLAGS=-I${zlib:location}/include
LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
CPPFLAGS=-I${zlib:location}/include -I${libexpat:location}/include
LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${libexpat:location}/lib -Wl,-rpath=${libexpat:location}/lib
[buildout]
parts =
msgpack-numpy
[msgpack-numpy]
recipe = zc.recipe.egg:custom
egg = msgpack-numpy
......@@ -4,4 +4,4 @@ parts =
[msgpack-python]
recipe = zc.recipe.egg:custom
egg = msgpack-python
egg = msgpack
......@@ -43,7 +43,7 @@ make-options =
make-targets =
install_sw && x=${:location}/etc/ssl/certs && rm -f $x/* &&
for i in ${ca-certificates:location}/certs/*/*.crt; do
ln -sv $i $x/`${:location}/bin/openssl x509 -hash -noout -in $i`.0
ln -sfv $i $x/`${:location}/bin/openssl x509 -hash -noout -in $i`.0
; done
environment =
PERL=${perl:location}/bin/perl
......
......@@ -54,6 +54,9 @@ install-inc =
# - extra arguments passed to perl Makefile.PL
extra-configure-args =
# - extra environ varialbles for configure and make
extra-env =
# Outputs:
# - site_perl, to use in inc in dependent packages
site_perl=${:location}/lib/site_perl/${perl:version}:${:location}:${:inc}
......@@ -64,12 +67,14 @@ perl-PATH = ${:location}/bin/
# dependencies
perl-bin = ${:perl-PATH}/perl
perl-PERL5LIB =
# Implementation
recipe = slapos.recipe.cmmi
url = https://www.cpan.org/modules/by-module/${:module}-${:version}.tar.gz
configure-command =
PERL5LIB="${:inc}:${:install-inc}" \
${:extra-env}
PERL5LIB="${:inc}:${:install-inc}:${:perl-PERL5LIB}" \
${perl:location}/bin/perl \
Makefile.PL \
PREFIX=${:location} \
......@@ -80,7 +85,7 @@ make-options =
INSTALLSITESCRIPT=${:location}/perl-bin/
make-binary=
PERL5LIB="${:inc}:${:install-inc}" make
${:extra-env} PERL5LIB="${:inc}:${:install-inc}:${:perl-PERL5LIB}" make
# this post-make-hook is same for all users of the macro.
post-make-hook = ${:_profile_base_location_}/../../component/perl/perl-CPAN-package-create-wrapper.py#d012f7ba3300b14b2c6b173351d410be:post_make_hook
......
......@@ -12,6 +12,10 @@ recipe = zc.recipe.egg:custom
egg = cryptography
environment = python-cryptography-env
setup-eggs = ${python-cffi:egg}
library-dirs =
${openssl:location}/lib/
rpath =
${openssl:location}/lib/
[python-cryptography-env]
PATH = ${pkgconfig:location}/bin:%(PATH)s
......
......@@ -29,7 +29,7 @@ unset CONFIG_SITE
# Bootstrap SlapOS, using forked version of buildout.
#
wget https://bootstrap.pypa.io/bootstrap-buildout.py
python -S bootstrap-buildout.py --buildout-version 2.5.2+slapos009 \
python -S bootstrap-buildout.py --buildout-version 2.5.2+slapos013 \
-f http://www.nexedi.org/static/packages/source/slapos.buildout/
#
......
[buildout]
# You need to define rootdir and destdir on an upper level
#rootdir = %TARGET_DIRECTORY%
#destdir = %BUILD_ROOT_DIRECTORY%
#builddir = %BUILD_DIRECTORY%
extends =
buildout.cfg
# Don't load extensions
extensions =
slapos.rebootstrap
extends-cache = extends-cache
download-cache = download-cache
# Uguu, upstream buildout.cfg must be patched as it works the other way
# around from a packager point of view at least, thus at the end static
# path, such as Python HOME directory, are wrong...
#
# Currently:
# ./configure --prefix=BUILD_DIRECTORY && make install
# Instead of:
# ./configure --prefix=INSTALL_DIRECTORY && make install DESTDIR=BUILD_DIRECTORY
[python2.7]
configure-options +=
--prefix=${buildout:rootdir}/parts/${:_buildout_section_name_}
environment +=
DESTDIR=${buildout:destdir}
[gettext]
# Add gettext library path to RPATH as its binaries are used to build
# glib for example
environment =
PATH=${perl:location}/bin:${lunzip:location}/bin:%(PATH)s
CPPFLAGS=-I${libxml2:location}/include -I${zlib:location}/include -I${ncurses:location}/include
LDFLAGS=-L${libxml2:location}/lib -Wl,-rpath=${libxml2:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${ncurses:location}/lib -Wl,-rpath=${ncurses:location}/lib -Wl,-rpath=${buildout:builddir}/parts/${:_buildout_section_name_}/lib
[bison]
configure-options +=
--prefix=${buildout:rootdir}/parts/${:_buildout_section_name_}
make-options +=
DESTDIR=${buildout:destdir}
environment +=
PERL5LIB=${perl:location}/lib/5.26.1/
[intltool]
environment +=
PERL5LIB=${perl:location}/lib/5.26.1/
[autoconf]
environment +=
PERL5LIB=${perl:location}/lib/5.26.1/
[automake]
environment +=
PERL5LIB=${perl:location}/lib/5.26.1/
[firewalld]
environment +=
PERL5LIB=${perl:location}/lib/5.26.1/
[dbus]
location = ${buildout:parts-directory}/${:_buildout_section_name_}
configure-options +=
--prefix=${buildout:rootdir}/parts/${:_buildout_section_name_}
make-options +=
DESTDIR=${buildout:destdir}
environment +=
LDFLAGS=-L${libexpat:location}/lib -L${buildout:parts-directory}/${:_buildout_section_name_}/lib -Wl,-rpath=${buildout:parts-directory}/${:_buildout_section_name_}/lib
LD_LIBRARY_PATH=${buildout:parts-directory}/${:_buildout_section_name_}/lib
post-install =
mkdir -p ${buildout:destdir}/parts/${:_buildout_section_name_}/var/run/dbus
[dbus-glib]
location = ${buildout:parts-directory}/${:_buildout_section_name_}
environment +=
CPPFLAGS=-I${libexpat:location}/include -I${dbus:location}/include/dbus-1.0 -I${dbus:location}/lib/dbus-1.0/include
LDFLAGS=-L${libexpat:location}/lib -L${gettext:location}/lib -Wl,-rpath=${zlib:location}/lib -L${dbus:location}/lib -Wl,-rpath=${dbus:location}/lib
LD_LIBRARY_PATH=${dbus:location}/lib
DBUS_CFLAGS=-I${dbus:location}/include/dbus-1.0 -I${dbus:location}/lib/dbus-1.0/include
[dbus-python]
pre-configure =
sed -i 's#/opt/slapos/parts/dbus/lib/libdbus-1.la#${dbus:location}/lib/libdbus-1.la#' ${dbus-glib:location}/lib/libdbus-glib-1.la
environment +=
LD_LIBRARY_PATH=${dbus:location}/lib
LDFLAGS=-L${glib:location}/lib -Wl,-rpath=${glib:location}/lib -L${dbus:location}/lib -Wl,-rpath=${dbus:location}/lib
post-install =
sed -i 's#${dbus:location}/lib/libdbus-1.la#/opt/slapos/parts/dbus/lib/libdbus-1.la#' ${dbus-glib:location}/lib/libdbus-glib-1.la
[openssl]
prefix = ${buildout:rootdir}/parts/${:_buildout_section_name_}
location = ${buildout:parts-directory}/${:_buildout_section_name_}
make-options +=
INSTALL_PREFIX=${buildout:destdir}
environment =
PERL5LIB=${perl:location}/lib/5.26.1/
PERL=${perl:location}/bin/perl
[bison-go]
<= bison
configure-options =
--prefix=${buildout:parts-directory}/${:_buildout_section_name_}
make-options =
[gobject-introspection]
pre-configure =
ln -s ${python2.7:location}/bin/python2.7 ${python2.7:location}/bin/python2.
sed -i 's#!/opt/slapos/parts/python2.7/bin/python2.7#!${python2.7:location}/bin/python2.7#' ${python2.7:location}/bin/python-config
libtoolize -c -f
aclocal -I${pkgconfig:location}/share/aclocal -I${gettext:location}/share/aclocal -I${libtool:location}/share/aclocal -I${glib:location}/share/aclocal
./autogen.sh
configure-options +=
--enable-shared
environment +=
PATH=${autoconf:location}/bin:${automake:location}/bin:${pkgconfig:location}/bin:${libtool:location}/bin:${intltool:location}/bin:${gettext:location}/bin:${glib:location}/bin:${flex:location}/bin:${bison-go:location}/bin:%(PATH)s
GIR_DIR=${buildout:parts-directory}/${:_buildout_section_name_}/share/gir-1.0
CPPFLAGS=-I${glib:location}/include/glib-2.0 -I${glib:location}/lib/glib-2.0/include -I${python2.7:location}/include/python2.7
LDFLAGS=-L${glib:location}/lib -Wl,-rpath=${glib:location}/lib -L${libffi:location}/lib -Wl,-rpath=${libffi:location}/lib -lffi -L${python2.7:location}/lib
ACLOCAL_PATH=${pkgconfig:location}/share/aclocal:${gettext:location}/share/aclocal:${libtool:location}/share/aclocal:${glib:location}/share/aclocal:${intltool:location}/share/aclocal
M4=${m4:location}/bin/m4
PERL5LIB=${perl:location}/lib/5.26.1/
post-install =
sed -i 's#!${python2.7:location}/bin/python2.7#!/opt/slapos/parts/python2.7/bin/python2.7#' ${python2.7:location}/bin/python-config
rm -rf ${bison-go:location}
[pygobject3]
pre-configure +=
sed -i 's#!/opt/slapos/parts/python2.7/bin/python2.7#!${python2.7:location}/bin/python2.7#' ${python2.7:location}/bin/python-config
environment +=
CPPFLAGS=-I${glib:location}/include/glib-2.0 -I${glib:location}/lib/glib-2.0/include -I${gettext:location}/include -I${libffi:location}/include -I${python2.7:location}/include/python2.7
LDFLAGS=-L${glib:location}/lib -Wl,-rpath=${glib:location}/lib -L${gettext:location}/lib -Wl,-rpath=${gettext:location}/lib -L${python2.7:location}/lib
post-install =
sed -i 's#!${python2.7:location}/bin/python2.7#!/opt/slapos/parts/python2.7/bin/python2.7#' ${python2.7:location}/bin/python-config
[ncurses]
configure-options =
--prefix=${buildout:parts-directory}/${:_buildout_section_name_}
--with-shared
--without-ada
--without-manpages
--without-tests
--without-normal
--without-debug
--without-gpm
--enable-rpath
[flex]
environment +=
BISON_PKGDATADIR=${bison:location}/share/bison/
[perl-CPAN-package]
perl-PERL5LIB=${perl:location}/lib/5.26.1/
pre-configure =
sed -i "s#'/opt/slapos/parts/perl#'${perl:location}#" ${perl:location}/lib/5.26.1/*-linux-thread-multi/Config.pm
sed -i "s#'/opt/slapos/parts/site_perl#'${buildout:destdir}/parts/site_perl#" ${perl:location}/lib/5.26.1/*-linux-thread-multi/Config.pm
post-install =
sed -i "s#'${perl:location}#'/opt/slapos/parts/perl#" ${perl:location}/lib/5.26.1/*-linux-thread-multi/Config.pm
sed -i "s#'${buildout:destdir}/parts/site_perl#'/opt/slapos/parts/site_perl#" ${perl:location}/lib/5.26.1/*-linux-thread-multi/Config.pm
[perl]
location = ${buildout:destdir}/parts/perl
configure-command =
sh Configure -des \
-Dprefix=${buildout:rootdir}/parts/${:_buildout_section_name_} \
-Dsiteprefix=${buildout:rootdir}/parts/site_${:_buildout_section_name_} \
-Dcflags=-I${gdbm:location}/include \
-Dldflags="-L${gdbm:location}/lib -Wl,-rpath=${gdbm:location}/lib" \
-Ui_db \
-Dnoextensions=ODBM_File \
-Dusethreads
environment +=
DESTDIR=${buildout:destdir}
[versions]
# More recently version of cliff uses pbr which will break package build on OBS.
cliff = 1.4.5
......@@ -23,6 +23,13 @@ strip-top-level-dir = true
url = http://www-us.apache.org/dist/tomcat/tomcat-7/v7.0.91/bin/apache-tomcat-7.0.91.tar.gz
md5sum = 8bfbb358b51f90374067879f8db1e91c
[tomcat9]
recipe = hexagonit.recipe.download
ignore-existing = true
strip-top-level-dir = true
url = https://www-eu.apache.org/dist/tomcat/tomcat-9/v9.0.12/bin/apache-tomcat-9.0.12.tar.gz
md5sum = 7283da4a3a6e939adcd8f919be4ba41a
[tomcat7-output]
# Shared binary location to ease migration
recipe = plone.recipe.command
......
{
"id": "http://json-schema.org/draft-04/schema#",
"$schema": "http://json-schema.org/draft-04/schema#",
"description": "Core schema meta-schema",
"definitions": {
"schemaArray": {
"type": "array",
"minItems": 1,
"items": {
"$ref": "#"
}
},
"positiveInteger": {
"type": "integer",
"minimum": 0
},
"positiveIntegerDefault0": {
"allOf": [
{
"$ref": "#/definitions/positiveInteger"
},
{
"default": 0
}
]
},
"simpleTypes": {
"enum": [
"array",
"boolean",
"integer",
"null",
"number",
"object",
"string"
]
},
"stringArray": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1,
"uniqueItems": true
}
},
"type": "object",
"properties": {
"id": {
"type": "string",
"format": "uri"
},
"$schema": {
"type": "string",
"format": "uri"
},
"title": {
"type": "string"
},
"description": {
"type": "string"
},
"default": {},
"multipleOf": {
"type": "number",
"minimum": 0,
"exclusiveMinimum": true
},
"maximum": {
"type": "number"
},
"exclusiveMaximum": {
"type": "boolean",
"default": false
},
"minimum": {
"type": "number"
},
"exclusiveMinimum": {
"type": "boolean",
"default": false
},
"maxLength": {
"$ref": "#/definitions/positiveInteger"
},
"minLength": {
"$ref": "#/definitions/positiveIntegerDefault0"
},
"pattern": {
"type": "string",
"format": "regex"
},
"additionalItems": {
"anyOf": [
{
"type": "boolean"
},
{
"$ref": "#"
}
],
"default": {}
},
"items": {
"anyOf": [
{
"$ref": "#"
},
{
"$ref": "#/definitions/schemaArray"
}
],
"default": {}
},
"maxItems": {
"$ref": "#/definitions/positiveInteger"
},
"minItems": {
"$ref": "#/definitions/positiveIntegerDefault0"
},
"uniqueItems": {
"type": "boolean",
"default": false
},
"maxProperties": {
"$ref": "#/definitions/positiveInteger"
},
"minProperties": {
"$ref": "#/definitions/positiveIntegerDefault0"
},
"required": {
"$ref": "#/definitions/stringArray"
},
"additionalProperties": {
"anyOf": [
{
"type": "boolean"
},
{
"$ref": "#"
}
],
"default": {}
},
"definitions": {
"type": "object",
"additionalProperties": {
"$ref": "#"
},
"default": {}
},
"properties": {
"type": "object",
"additionalProperties": {
"$ref": "#"
},
"default": {}
},
"patternProperties": {
"type": "object",
"additionalProperties": {
"$ref": "#"
},
"default": {}
},
"dependencies": {
"type": "object",
"additionalProperties": {
"anyOf": [
{
"$ref": "#"
},
{
"$ref": "#/definitions/stringArray"
}
]
}
},
"enum": {
"type": "array",
"minItems": 1,
"uniqueItems": true
},
"type": {
"anyOf": [
{
"$ref": "#/definitions/simpleTypes"
},
{
"type": "array",
"items": {
"$ref": "#/definitions/simpleTypes"
},
"minItems": 1,
"uniqueItems": true
}
]
},
"allOf": {
"$ref": "#/definitions/schemaArray"
},
"anyOf": {
"$ref": "#/definitions/schemaArray"
},
"oneOf": {
"$ref": "#/definitions/schemaArray"
},
"not": {
"$ref": "#"
}
},
"dependencies": {
"exclusiveMaximum": [
"maximum"
],
"exclusiveMinimum": [
"minimum"
]
},
"default": {}
}
......@@ -34,23 +34,36 @@ import slapos.test
import jsonschema
def getSchemaValidator(filename):
schema_json_file = "/".join(slapos.test.__file__.split("/")[:-1])
schema_json_file += "/%s" % filename
with open(schema_json_file, "r") as json_file:
json_dict = json.loads(json_file.read())
json_file.close()
return json_dict
def createValidatorTest(path, json_dict):
# Test that json is valid
def createInstanceParameterSchemaValidatorTest(path):
# Test that json is a valid json schema, supports several
# validator, depending on the `$schema` defined in the json.
validator_dict = {
"http://json-schema.org/draft-03/schema#": jsonschema.Draft3Validator,
"http://json-schema.org/draft-04/schema": jsonschema.Draft4Validator,
"http://json-schema.org/draft-04/schema#": jsonschema.Draft4Validator,
"http://json-schema.org/draft-06/schema#": jsonschema.Draft6Validator,
"http://json-schema.org/draft-07/schema#": jsonschema.Draft7Validator,
}
def run(self, *args, **kwargs):
with open(path, "r") as json_file:
self.assertEqual(jsonschema.validate(json.load(json_file), json_dict), None)
json_dict = json.load(json_file)
validator = validator_dict.get(
json_dict.get('$schema'),
jsonschema.Draft7Validator)
validator.check_schema(json_dict)
return run
def createSoftwareCfgValidatorTest(path, software_cfg_schema):
# Test that software json follows the schema for softwares json,
# which is defined in schema.json in this directory
def run(self, *args, **kwargs):
with open(path, "r") as json_file:
jsonschema.validate(json.load(json_file), software_cfg_schema)
return run
def createFormatTest(path, json_dict):
def createFormatTest(path):
# Test that json match our formatting rules
def run(self, *args, **kwargs):
with open(path, "r") as json_file:
......@@ -69,23 +82,26 @@ def createFormatTest(path, json_dict):
def generateSoftwareCfgTest():
json_dict = getSchemaValidator("schema.json")
software_cfg_schema = json.load(
open(os.path.join(
os.path.dirname(slapos.test.__file__),
"schema.json"), 'r'))
base_path = "/".join(slapos.test.__file__.split("/")[:-3])
for path in glob.glob("%s/software/*/software.cfg.json" % base_path):
test_name = "test_%s_software_cfg_json" % path.split("/")[-2]
setattr(TestJSONSchemaValidation, test_name, createValidatorTest(path, json_dict))
setattr(TestJSONSchemaValidation, test_name + '_format', createFormatTest(path, json_dict))
setattr(TestJSONSchemaValidation, test_name, createSoftwareCfgValidatorTest(path, software_cfg_schema))
setattr(TestJSONSchemaValidation, test_name + '_format', createFormatTest(path))
def generateJSONSchemaTest():
json_dict = getSchemaValidator("metaschema.json")
base_path = "/".join(slapos.test.__file__.split("/")[:-3])
for path in glob.glob("%s/software/*/*schema.json" % base_path):
software_type = path.split("/")[-2]
filename = path.split("/")[-1].replace("-", "_").replace(".", "_")
test_name = "test_schema_%s_%s" % (software_type, filename)
setattr(TestJSONSchemaValidation, test_name, createValidatorTest(path, json_dict))
setattr(TestJSONSchemaValidation, test_name + '_format', createFormatTest(path, json_dict))
setattr(TestJSONSchemaValidation, test_name, createInstanceParameterSchemaValidatorTest(path))
setattr(TestJSONSchemaValidation, test_name + '_format', createFormatTest(path))
class TestJSONSchemaValidation(unittest.TestCase):
pass
......
......@@ -2,6 +2,9 @@ Generally things to be done with ``caddy-frontend``:
* return warning on not implemented keys (from ``apache-frontend`` perspective) in master and slave request
* tests: add assertion with results of promises in etc/promise for each partition
* tests: compare python objects where possible instead of instead of strings (eg. load ``rejected-slave-dict``)
* tests: swich to `cryptography <https://pypi.org/project/cryptography/>`_ for certificate management
* README: cleanup the documentation, explain various specifics
* check the whole frontend slave snippet with ``caddy -validate`` during buildout run, and reject if does not pass validation
* ``apache-ca-certificate`` shall be merged with ``apache-certificate``
......
......@@ -26,11 +26,11 @@ md5sum = ab1795f92e32655d05c662c965d2b1f5
[template-apache-replicate]
filename = instance-apache-replicate.cfg.in
md5sum = 44d50bf8391b5a73b2ab72923efe6437
md5sum = 6a86edb96b171fbd0a59d0adc9cc906b
[template-slave-list]
filename = templates/apache-custom-slave-list.cfg.in
md5sum = 69992ad1dffe1c23237f3ef97193c95c
md5sum = b30bcd11c545d86c30d05db9cecb4f80
[template-slave-configuration]
filename = templates/custom-virtualhost.conf.in
......@@ -46,7 +46,7 @@ md5sum = 7c987ad75fcce6f5b925c7696ff41971
[template-custom-slave-list]
filename = templates/apache-custom-slave-list.cfg.in
md5sum = 69992ad1dffe1c23237f3ef97193c95c
md5sum = b30bcd11c545d86c30d05db9cecb4f80
[caddy-backend-url-validator]
filename = templates/caddy-backend-url-validator.in
......@@ -98,7 +98,7 @@ md5sum = 176cbca2070734a185a7ae5a4d1181c5
[template-nginx-notebook-slave-virtualhost]
filename = templates/nginx-notebook-slave.conf.in
md5sum = e018935e2cec2368991f743cab725741
md5sum = 2b765db72191197122554df17ad471d1
[template-apache-lazy-script-call]
filename = templates/apache-lazy-script-call.sh.in
......
......@@ -122,6 +122,9 @@ context =
{% do slave_error_list.append('slave https-url %r invalid' % (slave['https-url'],)) %}
{% endif %}
{% endif %}
{% if slave.get('ssl_ca_crt') and not (slave.get('ssl_crt') and slave.get('ssl_key')) %}
{% do slave_error_list.append('ssl_ca_crt is present, so ssl_crt and ssl_key are required') %}
{% endif %}
{% if slave.get('ssl_key') and slave.get('ssl_crt') %}
{% set key_popen = popen([openssl, 'rsa', '-noout', '-modulus']) %}
{% set crt_popen = popen([openssl, 'x509', '-noout', '-modulus']) %}
......
......@@ -139,7 +139,7 @@ bytes = 8
{# Set Slave Certificates if needed #}
{# Set ssl certificates for each slave #}
{% for cert_name in ('ssl_ca_crt', 'ssl_csr', 'ssl_proxy_ca_crt')%}
{% for cert_name in ('ssl_csr', 'ssl_proxy_ca_crt')%}
{% if cert_name in slave_instance %}
{% set cert_title = '%s-%s' % (slave_reference, cert_name.replace('ssl_', '')) %}
{% set cert_file = '/'.join([custom_ssl_directory, cert_title.replace('-','.')]) %}
......
......@@ -13,9 +13,6 @@ https://{{ slave_parameter.get('custom_domain') }}:{{ slave_parameter['nginx_htt
errors {{ slave_parameter.get('error_log') }}
tls {{ slave_parameter.get('path_to_ssl_crt', slave_parameter.get('login_certificate')) }} {{ slave_parameter.get('path_to_ssl_key', slave_parameter.get('login_key')) }} {
{%- if slave_parameter.get('path_to_ssl_ca_crt') %}
clients {{ slave_parameter.get('path_to_ssl_ca_crt') }}
{%- endif %}
alpn http/1.1
}
......
-----BEGIN CERTIFICATE-----
MIIDETCCAfkCCQDaYBkI56KXrjANBgkqhkiG9w0BAQsFADA4MQswCQYDVQQGEwJY
WDEOMAwGA1UECAwFU3RhdGUxGTAXBgNVBAoMEFdpbGRjYXJkIFJvb3QgQ0EwHhcN
MTgxMTIxMTAwMzM4WhcNMjgxMTE4MTAwMzM4WjBdMQswCQYDVQQGEwJBVTETMBEG
A1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkg
THRkMRYwFAYDVQQDDA0qLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1A+TzPOPC3qPLq3KfmFpoa6Iubh1OhNFfH7fvCJQ1czTcFLe
npG4uTjXwcoHbPb6CWq5hfUSY/ucI6mW93gsoW5vsbPFmUFe96fA6uJV17j2IppM
vNHhcNxNbKxpGnStNO5HTW7q1Qk2yvcx4cL/bPCEaNFwBK1O+NeNz0ZDW8dGifYU
aVj+qpVlvTi//j8P4FOwSVYvXdMqGH5WaaTquJPVEGg+704tzUxDbCUXrbCVzFgM
d69sQg0sJQ9MddrsWkQSgcE7cffdC1JdGHCJ/B87iO3pjH2VjFth8EFMcQCn8V8e
Nz0OpkcsZXuFg3L/3EtMV3ZXSlT6GDxaEcNuvQIDAQABMA0GCSqGSIb3DQEBCwUA
A4IBAQB4mIEwylSudRONRRMgHDkhMlb8/O2MERYrBmsqatg3eU6/LYZAk/okUI6p
aBkQ3GnUmA+gQnkhk4hffRk7NqtMq3r5MEcWunu61i45sXnsQh9myHEAeGfDw3wz
2rkdXAY2jNeQhTBEsErgwKuN86BTFML9cNg2gTKLBbNC1rSJjoMqcKHxrAcsUBip
bXDQMmNIQkzsc3ml6+17/qfu8+mTZ7J5kEkSbbwRD690LiR6Ltua22GAvuddt53S
ieyOVVxCDlItquuGfuQ3ay8zlyQjYmoPI5AXE5Wv9W4mF7agc+SYe3myL3xlRbC+
RD/fQtvjbf/bt9lkgs9DQoITaYvc
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEA1A+TzPOPC3qPLq3KfmFpoa6Iubh1OhNFfH7fvCJQ1czTcFLe
npG4uTjXwcoHbPb6CWq5hfUSY/ucI6mW93gsoW5vsbPFmUFe96fA6uJV17j2IppM
vNHhcNxNbKxpGnStNO5HTW7q1Qk2yvcx4cL/bPCEaNFwBK1O+NeNz0ZDW8dGifYU
aVj+qpVlvTi//j8P4FOwSVYvXdMqGH5WaaTquJPVEGg+704tzUxDbCUXrbCVzFgM
d69sQg0sJQ9MddrsWkQSgcE7cffdC1JdGHCJ/B87iO3pjH2VjFth8EFMcQCn8V8e
Nz0OpkcsZXuFg3L/3EtMV3ZXSlT6GDxaEcNuvQIDAQABAoIBAQCWdkcEUHvaRSd6
k0ztxuhQE6pnO/3RKwNOhibxMdfxGtebBvF1yScsJKzRjysdoU9fhx4DchOOZWQv
2ZCIHfhswhL2HvvA9aUQSzKSde06lr3tZ1WzU6eFkIpO5TXd05Nhzv9AbcapSVRb
RnFaIiVhgnYweQnmB6HU5fx0aQI6BytP34t3rEZqdy+eYqtq1ZgYC7iXQJct08Sy
0syR5boW2fKZZin78I+uOWfhD3uUDz7SnetwIEWuaJ/oYXv2YFqm+68XRSo4yi2G
FlF3CgwecJCaHyEhxMQojlgM61EvEZ0v1FvoMyyQiNmWVSAtbd6BAD5YrdUzk1QO
mzr3LuTxAoGBAPbnNp/0g25IYj857Q++hSjWsyjLLMfX6+hPsOv2ICL46+xU9P4s
EeIe8PGgRvUkXiNZ7LRtipsFOB+qNYHknIRtLICyYXfumJH4+05XawHIPWdZNw1X
762VsiLEHj1nx3tbEpiCApxYJTXat5/3skjibsNjkuV5JAfsiDHPHeOrAoGBANvf
u1GI2mtUDZ1EJbxJUm3pCUg1aw8jL83OC9miTT36m3V/TiZvc6NEbWM5S8xprwJ1
FG+MHchTgG3rZR6UhfK7OPb7jD0r1aVnA30NX3NS1zKfMEp2Ry83w9LJX70JbZsg
ipo09UXSyE1EaeGGIEQ0xqCN/nRiy2KDh4h1gY83AoGAUH50ypU2vB+RGDfUV4uv
ce79HdGPWd/FI0nHzkXBmGU61SOlc6/+bI/V0ZCFUap3nmLUzsXfqEZ9U6V0KFLV
zD6jgZmmOSlqSDy6AYJyenRDwIvPbOQ8WYUyPC9gBHjvCgJY/6tzGnGKQBJ8RwTD
9QsNPVobLADghEzS4ho6Dl0CgYBjCBxIlwk5ujv/j4gnjCbSVlnV6il0QfbwDVQN
DCsaNVv7ygEbEqvU56cVP+NCCH/I7Y7sxwFLD0ETQSjkYyUJtQXtSFNb4fhybTmH
A5TwTmma5VRM1YUuYUGUGRtD+5Egg8GpvxyR/GQ3WQ8PgufZkKO+APaQ2Uad8nwD
HFnkdQKBgG0OlIKuVeLTVhPcQvOmiDEBeAVo1zc4zmA/JLk/euxesEVL9A8xuxsF
ao0pLvpk/EWQGElxNLNJxbn7AB4uXlpsAvV3xBM88pQIuj2paix1CqSlgfR2F2jE
t3470UVZV22ECV8vQK/of2byELrMscLExLgKW1lAIqqZ77BntFO9
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDQzCCAiugAwIBAgIJAOShMXfabB7nMA0GCSqGSIb3DQEBCwUAMDgxCzAJBgNV
BAYTAlhYMQ4wDAYDVQQIDAVTdGF0ZTEZMBcGA1UECgwQV2lsZGNhcmQgUm9vdCBD
QTAeFw0xODExMjExMDAxMjVaFw00NjEyMDQxMDAxMjVaMDgxCzAJBgNVBAYTAlhY
MQ4wDAYDVQQIDAVTdGF0ZTEZMBcGA1UECgwQV2lsZGNhcmQgUm9vdCBDQTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKq/9H+MvMt5B0vIC2/uEz25jqxT
Wv36v9/HldZLvEwzOiEd0n53ZZFqVlfOoYyCIoWw1+SPwaAc8Oad8ELfoPUasV65
xWki9F/tesgPZpyTO7vgpQfX5JVWNw28s13BgRkOO95h4t2S2t1K6sckC0M/B0o3
wDs/M+74i6wUTHNNXVRejeNPlj9ZSKyfe8rwvY4aNkvW/TKKbaY1yXpQhbeZfU8j
bk4tv4VOpIIoK7wWnSOcFHMANPqrIhygazI1zdsyySEssQ2TAepUb/zgZgk2IQ61
GT+h7NVIoYZJKcAYlLapsZJV1d3Ec9y57zTpyfbWsQhmKHCasZeZK5gYqXECAwEA
AaNQME4wHQYDVR0OBBYEFLZTKR+QsKR9ivZi4uFssy6sB80XMB8GA1UdIwQYMBaA
FLZTKR+QsKR9ivZi4uFssy6sB80XMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEL
BQADggEBAI8O1u6LnmBkWw3rPOTp+9DD2l0+tU3e51KZfp98Fm3Lo8qF5spAB+Ue
OiBax9uENzjcHm7T7KdJrQNK6Mmat0VsD1WTR0TK1eBr9+hOh9EE1H5mEmSL0LOs
ABcCW8DlDv9axWMkFEaJjLfYRUQdvUkb3BwlXo2oq8ectk5ZqS1IF873htYStkvc
SvrzFpaMhYUIr2e7bvFEJ8XTz9l4eymdOBg3j89gf9OkmPa3FE6Qf7etTkVyOr1t
7DIuucv2JkWqHnABIWsLgj4bdLWWULASA7FkI0lHxp5/9/OBb7kVlcgQg6c9Wed7
VA9NaSB3jnBubpEbijnekHqPYO0Bf38=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAqr/0f4y8y3kHS8gLb+4TPbmOrFNa/fq/38eV1ku8TDM6IR3S
fndlkWpWV86hjIIihbDX5I/BoBzw5p3wQt+g9RqxXrnFaSL0X+16yA9mnJM7u+Cl
B9fklVY3DbyzXcGBGQ473mHi3ZLa3UrqxyQLQz8HSjfAOz8z7viLrBRMc01dVF6N
40+WP1lIrJ97yvC9jho2S9b9MoptpjXJelCFt5l9TyNuTi2/hU6kgigrvBadI5wU
cwA0+qsiHKBrMjXN2zLJISyxDZMB6lRv/OBmCTYhDrUZP6Hs1UihhkkpwBiUtqmx
klXV3cRz3LnvNOnJ9taxCGYocJqxl5krmBipcQIDAQABAoIBAHOAnbeaUCujlxfg
Hjx8428hki1nxWmAsUKDFAx99sXk8TFtpvH9eis/r2B+WjFd5lRhJ+lohSX17c9S
jy/tbkfe4pSdPbi8+Gnbju693D+WKRYSBBCmLe4G//6+4uZM+zMjucPYm0ofCQYg
o2hKLYQzoo7F37c0LcE9R94DbSOg2tY6HkKNhXoo0KBY424nIlZ82ZvsS7Q+dduB
txbFvzj0cnrYAJv8QIzcedaFGPN7tkLMZ+PS2rXPG/CkPevKgGwjOx+YyKgQk8GU
O+YvMQ9/zhOz4ak76UOZF+a21DrVqsKj0BK90SEq10MUnd1riQJ2z2jD8SSChgb6
rRc4+AECgYEA1NTSkhfxwfgWIjucnWPrtzNLyVqg5Ss+X/XZfN0LNvMje+AZ4wfz
pLAf8cxnewgNqpR1PeUrjoUwcKrHX7M/MhfEhPKo2LyYDsNtNDcRk3JP047FrDnL
beVc7lIfsCzuuQHgnUFhBE+8qP69VsHWBq1iQF2NUdW8HLjxTSuAQFECgYEAzWIR
U/r5QijUE6fcev4FvPBCCF3+c64UEuXV/W4ZURWzOEAcKh9TAHiTKSQ3MDQK7IQY
YtRbgePnA8Tc0Xj0jSxMtWTX1FanxftosRNgsZD1VKnBViwImuOeZHZYq83qPGT9
FNUvGMAEAHevNdSdI2k9RSzrB2Lhei6wEYHJryECgYEAoAOWgYKBID2enoRFHsw2
N5nYe/2ohEQ79DfKGaezO9AXuJXnwJqE4ygMDGaK0qReagaOE0gOtGuM3Nh5Z4lD
lSzrcq1ipvk8NbVWkHBqxXmnbL6l/fPB79EHSqLx8ioGHZC8yF6US4KLrF9CCU1Y
1dJb0VrE2mcgtFOUEFoJZdECgYAsGxVRjaIdvRreJbxJhWfCDW6A0X6lZQrWjBkK
VayGJzzXpZzmxtdSUJJ50VcwuNxnsm5yOtxz5ndj7dDmAy2xa4QFqGRZK0rYT4dK
D7lCKLkmt1XXpZkreho3xNqB+rSEx8M5yBZXIFU7rHgp/UDJq/4GbwECExAM5x3U
hKTFQQKBgQCPGglKFvkRkvYonwDmLRiCjBPnpK5YeL/AYJxeD3V9b8V5Arc9ce9y
PgFgk93RjGlEfLSN0Xbqc6GPIGwg6f5qyHvQ1BpCwupr3lhdsTxwIKbGpAH4Zvmz
4COcrvkF9gAHaIiH97nLy/9h2EawKqKgJv3R0wfdKvRw4iW/4j4aPw==
-----END RSA PRIVATE KEY-----
......@@ -385,7 +385,8 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase):
partition_parameter_kw=partition_parameter_kw,
shared=True
)
cls.runComputerPartition()
# run partition 4 more times for slaves to be setup
cls.runComputerPartition(max_quantity=4)
for slave_reference, partition_parameter_kw in cls\
.getSlaveParameterDictDict().items():
slave_instance = request(
......@@ -625,6 +626,29 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'ssl_crt': open('customdomainsslcrtsslkey.example.com.crt').read(),
'ssl_key': open('customdomainsslcrtsslkey.example.com.key').read(),
},
'custom_domain_ssl_crt_ssl_key_ssl_ca_crt': {
'url': cls.backend_url,
'custom_domain': 'customdomainsslcrtsslkeysslcacrt.example.com',
'ssl_crt': open('CA.wildcard.example.com.crt').read(),
'ssl_key': open('CA.wildcard.example.com.key').read(),
'ssl_ca_crt': open('CA.wildcard.example.com.root.crt').read(),
},
'ssl_ca_crt_only': {
'url': cls.backend_url,
'ssl_ca_crt': open('CA.wildcard.example.com.root.crt').read(),
},
'ssl_ca_crt_garbage': {
'url': cls.backend_url,
'ssl_crt': open('CA.wildcard.example.com.crt').read(),
'ssl_key': open('CA.wildcard.example.com.key').read(),
'ssl_ca_crt': 'some garbage',
},
'ssl_ca_crt_does_not_match': {
'url': cls.backend_url,
'ssl_crt': open('wildcard.example.com.crt').read(),
'ssl_key': open('wildcard.example.com.key').read(),
'ssl_ca_crt': open('CA.wildcard.example.com.root.crt').read(),
},
'type-zope': {
'url': cls.backend_url,
'type': 'zope',
......@@ -774,13 +798,15 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
expected_parameter_dict = {
'monitor-base-url': None,
'domain': 'example.com',
'accepted-slave-amount': '37',
'rejected-slave-amount': '3',
'slave-amount': '40',
'accepted-slave-amount': '40',
'rejected-slave-amount': '4',
'slave-amount': '44',
'rejected-slave-dict':
'{"_apache_custom_http_s-rejected": ["slave not authorized"], '
'"_caddy_custom_http_s": ["slave not authorized"], '
'"_caddy_custom_http_s-rejected": ["slave not authorized"], '
'"_caddy_custom_http_s": ["slave not authorized"]}'
'"_ssl_ca_crt_only": ["ssl_ca_crt is present, so ssl_crt and ssl_key '
'are required"]}'