Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Vincent Bechu
slapos
Commits
9db2141d
Commit
9db2141d
authored
7 years ago
by
eteri
Committed by
Rafael Monnerat
7 years ago
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Caddy with HTTPS
Support for HTTPS added.
@rafael
@kirr
@gabriel
/reviewed-on
nexedi/slapos!249
parent
1c9e6856
Changes
6
Show whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
124 additions
and
24 deletions
+124
-24
stack/caddy/Caddyfile.in
stack/caddy/Caddyfile.in
+37
-3
stack/caddy/buildout.cfg
stack/caddy/buildout.cfg
+8
-7
stack/caddy/instance-caddy.cfg.in
stack/caddy/instance-caddy.cfg.in
+75
-11
stack/caddy/instance.cfg.in
stack/caddy/instance.cfg.in
+3
-3
stack/caddy/templates/empty.in
stack/caddy/templates/empty.in
+1
-0
stack/caddy/templates/index.html
stack/caddy/templates/index.html
+0
-0
No files found.
stack/caddy/Caddyfile.in
View file @
9db2141d
[$${caddy-configuration:ipv6}]:$${caddy-configuration:port
}
{%- if parameter_dict['domain'] -%
}
log $${caddy-configuration:access_log}
{{ parameter_dict['domain'] }} {
root $${directory:public_html}
\ No newline at end of file
{% if parameter_dict['cert-content'] and parameter_dict['key-content'] -%}
tls {{ custom_cert_dict['cert-file'] }} {{ custom_cert_dict['key-file'] }} {
ca {{ca_custom_frontend_dict['rendered']}}
}
{%- endif %}
log {{caddy_configuration_dict['access_log']}}
root {{ directory_dict['public_html'] }}
basicauth / admin {{htpasswd_dict}}
}
{%- endif %}
[{{caddy_configuration_dict['ipv6']}}]:{{parameter_dict['port']}} {
tls {{ custom_cert_dict['cert-file'] }} {{ custom_cert_dict['key-file'] }} {
ca {{ certificate_authority_dict['ca-cert-file'] }}
}
log {{caddy_configuration_dict['access_log']}}
root {{ directory_dict['public_html'] }}
basicauth / admin {{htpasswd_dict}}
}
\ No newline at end of file
This diff is collapsed.
Click to expand it.
stack/caddy/buildout.cfg
View file @
9db2141d
...
...
@@ -18,28 +18,29 @@ install =
[instance-profile]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
md5sum =
ae83c35995ce14432ded78ca30cab61
b
md5sum =
403f86b667f7a5d397993735bcd162a
b
output =${buildout:directory}/instance.cfg
filename = instance.cfg
mode = 0644
[template-caddyfile]
recipe = slapos.recipe.
template
recipe = slapos.recipe.
build:download
url = ${:_profile_base_location_}/Caddyfile.in
md5sum = 616f9c7cb788e1f1d7cee2093a7dc6ef
output = ${buildout:directory}/Caddyfile.in
md5sum = 2580eeb504d93627d1990f42663f80c7
filename = Caddyfile.in
location = ${buildout:parts-directory}/${:_buildout_section_name_}
mode = 0644
[template-caddy]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-caddy.cfg.in
md5sum =
045022e5698badca5dbdd6b95518f8e1
md5sum =
f87880908a33c03ba68f233cda6c6265
output = ${buildout:directory}/instance-caddy.cfg.in
mode = 0644
[template-public-html]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/index.html
url = ${:_profile_base_location_}/
templates/
index.html
md5sum = b5794ac8b10ed90173ad566e6e324b35
output = ${buildout:directory}/index.html
mode = 0644
...
...
This diff is collapsed.
Click to expand it.
stack/caddy/instance-caddy.cfg.in
View file @
9db2141d
...
...
@@ -2,10 +2,12 @@
parts =
caddy-service
caddy-configuration
certificate-authority
custom-cert
htpasswd
public-html
publish-connection-information
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
...
...
@@ -20,29 +22,82 @@ service = $${:etc}/service
public_html = $${buildout:directory}/public_html
run = $${:var}/run
log = $${:var}/log
#www = $${:srv}/www
#ssl = $${:etc}/ssl
ca-dir = $${:srv}/ssl
#################################
# caddy service
#################################
[caddy-service]
recipe = slapos.cookbook:wrapper
command-line = ${caddy:output} -conf $${caddy-configuration:
output
}
command-line = ${caddy:output} -conf $${caddy-configuration:
rendered
}
wrapper-path = $${directory:service}/caddy
output = $${:wrapper-path}
[caddy-configuration]
recipe = slapos.recipe.template
url = ${template-caddyfile:output
}
output
= $${directory:etc}/Caddyfile
recipe = slapos.recipe.template
:jinja2
template = ${template-caddyfile:location}/${template-caddyfile:filename
}
rendered
= $${directory:etc}/Caddyfile
mode = 0600
access_log = $${directory:log}/caddy-access.log
error_log = $${directory:log}/caddy-error.log
ipv6 = $${slap-network-information:global-ipv6}
local_ip = $${slap-network-information:local-ipv4}
port = 9443
context =
section parameter_dict slap-parameter
section directory_dict directory
section caddy_configuration_dict caddy-configuration
section certificate_authority_dict certificate-authority
key htpasswd_dict htpasswd:passwd
section custom_cert_dict custom-cert
section ca_custom_frontend_dict ca-custom-frontend
[ca-directory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:ca-dir}/requests/
private = $${directory:ca-dir}/private/
certs = $${directory:ca-dir}/certs
newcerts = $${directory:ca-dir}/newcerts/
crl = $${directory:ca-dir}/crl/
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${directory:ca-dir}
requests-directory = $${ca-directory:requests}
wrapper = $${directory:service}/certificate_authority
ca-private = $${ca-directory:private}
ca-certs = $${ca-directory:certs}
ca-newcerts = $${ca-directory:newcerts}
ca-crl = $${ca-directory:crl}
ca-cert-file = $${:ca-dir}/cacert.pem
ca-key-file = $${:ca-private}/cakey.pem
[custom-cert]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
executable = $${directory:service}/caddy
wrapper = $${directory:service}/caddy
key-file = $${ca-directory:private}/custom.key
cert-file = $${ca-directory:certs}/custom.crt
key-content = $${slap-parameter:key-content}
cert-content = $${slap-parameter:cert-content}
[ca-custom-frontend]
recipe = slapos.recipe.template:jinja2
template = $${template-empty:target}
rendered = $${ca-directory:certs}/caddy_frontend.ca.crt
context =
key content slap-parameter:caddy-ca-certificate
[template-empty]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/templates/$${:filename}
filename = empty.in
[htpasswd]
recipe = slapos.cookbook:generate.password
storage-path = $${directory:etc}/.pwd
bytes = 8
[public-html]
recipe = slapos.recipe.template
...
...
@@ -52,4 +107,13 @@ mode = 0600
[publish-connection-information]
recipe = slapos.cookbook:publish
url = http://[$${caddy-configuration:ipv6}]:$${caddy-configuration:port}
\ No newline at end of file
init-password = $${htpasswd:passwd}
init-user = admin
url = https://[$${caddy-configuration:ipv6}]:$${slap-parameter:port}
[slap-parameter]
domain =
key-content =
cert-content =
caddy-ca-certificate =
port = 9443
\ No newline at end of file
This diff is collapsed.
Click to expand it.
stack/caddy/instance.cfg.in
View file @
9db2141d
...
...
@@ -28,7 +28,7 @@ rendered = $${buildout:parts-directory}/${:_buildout_section_name_}/${:filename}
filename = instance-caddy.cfg
[slap-connection]
computer-id = {slap_connection:computer_id}
computer-id =
$$
{slap_connection:computer_id}
partition-id = $${slap_connection:partition_id}
server-url = $${slap_connection:server_url}
software-release-url = $${slap_connection:software_release_url}
...
...
This diff is collapsed.
Click to expand it.
stack/caddy/templates/empty.in
0 → 100644
View file @
9db2141d
{{ content }}
\ No newline at end of file
This diff is collapsed.
Click to expand it.
stack/caddy/index.html
→
stack/caddy/
templates/
index.html
View file @
9db2141d
File moved
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment