An error occurred fetching the project authors.
- 16 Jan, 2019 1 commit
-
-
Łukasz Nowak authored
Because of misleading tests (Accept-Encoding with gzip was always set by requests, fixed in "caddy-frontend/test: Workaround requests issue with Accept-Encoding") the original commit "Fix/caddy frontend prefer gzip type zope" did not really fixed the issue for type:zope backend.
-
- 10 Jan, 2019 1 commit
-
-
Thomas Gambier authored
-
- 04 Jan, 2019 1 commit
-
-
Łukasz Nowak authored
/reviewed-on nexedi/slapos!489
-
- 02 Jan, 2019 1 commit
-
-
Łukasz Nowak authored
Just asserting Location header is not enough, as http status code value is important for the implementation, so assert for its value. Also fix https-only redirect status code value, which supposed to be FOUND, not default MOVED_PERMANENTLY. /reviewed-on nexedi/slapos!485
-
- 30 Dec, 2018 1 commit
-
-
Łukasz Nowak authored
/reviewed-on nexedi/slapos!487
-
- 28 Dec, 2018 1 commit
-
-
Łukasz Nowak authored
/reviewed-on nexedi/slapos!481
-
- 14 Dec, 2018 1 commit
-
-
Łukasz Nowak authored
/reviewed-on nexedi/slapos!466
-
- 13 Dec, 2018 1 commit
-
-
Łukasz Nowak authored
"software/caddy-frontend: auto-restart services on SR upgrade." begun implementation of automatic restart of services on SR upgrade, but not all services has been caught - 6tunnel was missing. /reviewed-on nexedi/slapos!473
-
- 10 Dec, 2018 2 commits
-
-
Łukasz Nowak authored
Do not emit needless diff into log. Do not stop processing in case of validation failure.
-
Łukasz Nowak authored
Caddy reloads configuration on USR1 not on HUP.
-
- 07 Dec, 2018 3 commits
-
-
Łukasz Nowak authored
This reverts commit 9243ace4 There are some bizarre issues with notebook, which happen randomly. /reviewed-on nexedi/slapos!463
-
Łukasz Nowak authored
/reviewed-on nexedi/slapos!445
-
Łukasz Nowak authored
-
- 06 Dec, 2018 1 commit
-
-
Łukasz Nowak authored
-
- 05 Dec, 2018 1 commit
-
-
Łukasz Nowak authored
Caddy since 0.11.1 requires that certificate match the exposed site, so in order to being able to serve ip access sites each frontend node needs to generate certificate with its IP in the subjectAltName.
-
- 03 Dec, 2018 5 commits
-
-
Łukasz Nowak authored
Validate only if interesting files are changed. Simplify validation and graceful scripts, have one template for all cases. Aviod needless repetition. Note: There is limit of arguments to be passed to commands, see https://www.in-ulm.de/~mascheck/various/argmax/, but we are safe for now: $ getconf ARG_MAX 2097152 So we are keeping shell expansion instead of playing with find or other tools.
-
Łukasz Nowak authored
-
Łukasz Nowak authored
-
Łukasz Nowak authored
-
Łukasz Nowak authored
Caddy's -log can log to file, but there is no control over logrotation, so it resuls with leftover logrotated files in the instance. As we have already system to catch process logs (supervisor) move the logging there. error-log stays for errors of catch-all and various non-slave instances.
-
- 22 Nov, 2018 2 commits
-
-
Łukasz Nowak authored
Drop not needed references and logic for ssl_ca_crt old implementation.
-
Łukasz Nowak authored
-
- 21 Nov, 2018 2 commits
-
-
Łukasz Nowak authored
In "caddy-frontend: Improve generated files" ssl_ca_crt was mistakenly used for client authentication, which is in reality not supported nor needed. It came from misunderstanding of apache configuration.
-
Łukasz Nowak authored
custom_domain and server-alias on given slave do not have to clash, and can be deduplicated during request parameter analysis. /reviewed-on nexedi/slapos!444
-
- 20 Nov, 2018 6 commits
-
-
Łukasz Nowak authored
-
Łukasz Nowak authored
-
Łukasz Nowak authored
-
Łukasz Nowak authored
server-alias and custom_domain can be wildcards, so support such case. /reviewed-on nexedi/slapos!446
-
Łukasz Nowak authored
authorised --> authorized
-
Łukasz Nowak authored
Because of checking slave id in a whole string, slaves which shall not be authorized has been put on authorized list. Example: -frontend-authorized-slave-string == "custom_http", slave_id = "custom" has been authorized.
-
- 14 Nov, 2018 2 commits
-
-
Łukasz Nowak authored
-
Łukasz Nowak authored
-
- 26 Oct, 2018 1 commit
-
-
Guillaume Hervier authored
-
- 17 Sep, 2018 2 commits
-
-
Łukasz Nowak authored
Each slave rejected by the frontend will report back detailed information to slave requester in key request-error-list being [json_list_of_found_errors]
-
Łukasz Nowak authored
Master partition reports information in rejected-slave-dict instead of rejected-slave-list, which is defined as: { 'slave_name': '[json_list_of_found_errors]' }
-
- 12 Sep, 2018 4 commits
-
-
Łukasz Nowak authored
Slaves' hostnames (custom_domain or server-alias) can clash, resulting with stopping the whole frontend. In order to avoid so assure hostname unicity across whole frontend.
-
Łukasz Nowak authored
Even if the master partition owner will authorise given slave for custom configuration reject this slave in case if it does not pass validation for snippet.
-
Łukasz Nowak authored
Treat custom configuration as normal condition to reject/accept slave. This will allow further anaylsis.
-
Łukasz Nowak authored
If server alias duplicates name of the server or another alias, simply ignore it.
-
- 06 Sep, 2018 1 commit
-
-
Łukasz Nowak authored
Instead of relying on slapos.cookbook:certificate_authority recipe, which stops buildout processing, extract the minimal implementation to runtime key/certificate validator and reject slaves, which does not pass this test. This commits results in TODO item being done.
-