Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Carlos Ramos Carreño
slapos
Commits
f46c53e8
Commit
f46c53e8
authored
Mar 22, 2022
by
Jérome Perrin
Browse files
Options
Browse Files
Download
Plain Diff
Merge remote-tracking branch 'origin/master' into goodbye-openssl-1.0.x
parents
e976ceae
a8a2f06a
Changes
31
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
31 changed files
with
526 additions
and
936 deletions
+526
-936
.editorconfig
.editorconfig
+3
-2
component/apache/buildout.cfg
component/apache/buildout.cfg
+1
-1
component/firefox/buildout.cfg
component/firefox/buildout.cfg
+1
-1
component/libsecret/buildout.cfg
component/libsecret/buildout.cfg
+1
-1
component/libuuid/buildout.cfg
component/libuuid/buildout.cfg
+0
-26
component/pcre/buildout.cfg
component/pcre/buildout.cfg
+1
-1
component/qemu-kvm/buildout.cfg
component/qemu-kvm/buildout.cfg
+1
-1
component/quic_client-bin/buildout.cfg
component/quic_client-bin/buildout.cfg
+1
-1
component/rsyslogd/buildout.cfg
component/rsyslogd/buildout.cfg
+1
-1
component/serf/buildout.cfg
component/serf/buildout.cfg
+1
-1
component/subversion/buildout.cfg
component/subversion/buildout.cfg
+1
-1
component/trafficserver/buildout.cfg
component/trafficserver/buildout.cfg
+1
-0
component/trafficserver/trafficserver-9.1.1-via-string-rapid-cdn.patch
...fficserver/trafficserver-9.1.1-via-string-rapid-cdn.patch
+46
-0
component/unstable/accords/buildout.cfg
component/unstable/accords/buildout.cfg
+1
-1
component/unstable/apache-perl/buildout.cfg
component/unstable/apache-perl/buildout.cfg
+1
-1
component/util-linux/buildout.cfg
component/util-linux/buildout.cfg
+20
-2
component/xapian/buildout.cfg
component/xapian/buildout.cfg
+1
-1
component/xorg/buildout.cfg
component/xorg/buildout.cfg
+1
-1
component/zeromq/buildout.cfg
component/zeromq/buildout.cfg
+1
-1
software/caddy-frontend/buildout.hash.cfg
software/caddy-frontend/buildout.hash.cfg
+8
-8
software/caddy-frontend/instance-apache-frontend.cfg.in
software/caddy-frontend/instance-apache-frontend.cfg.in
+75
-0
software/caddy-frontend/instance-apache-replicate.cfg.in
software/caddy-frontend/instance-apache-replicate.cfg.in
+9
-1
software/caddy-frontend/setup.py
software/caddy-frontend/setup.py
+1
-0
software/caddy-frontend/software.cfg
software/caddy-frontend/software.cfg
+1
-0
software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
.../caddy-frontend/templates/apache-custom-slave-list.cfg.in
+6
-0
software/caddy-frontend/templates/backend-haproxy.cfg.in
software/caddy-frontend/templates/backend-haproxy.cfg.in
+2
-0
software/caddy-frontend/templates/default-virtualhost.conf.in
...ware/caddy-frontend/templates/default-virtualhost.conf.in
+4
-0
software/caddy-frontend/templates/replicate-publish-slave-information.cfg.in
...tend/templates/replicate-publish-slave-information.cfg.in
+3
-0
software/caddy-frontend/templates/trafficserver/records.config.jinja2
...dy-frontend/templates/trafficserver/records.config.jinja2
+6
-7
software/caddy-frontend/test/test.py
software/caddy-frontend/test/test.py
+324
-875
stack/slapos.cfg
stack/slapos.cfg
+3
-1
No files found.
.editorconfig
View file @
f46c53e8
root = true
root = true
[*.{cfg,in,md,json}]
[*.{cfg,in,md,json
,py
}]
end_of_line = lf
end_of_line = lf
charset = utf-8
charset = utf-8
insert_final_newline = true
insert_final_newline = true
trim_trailing_whitespace = true
[*
*.json
]
[*
.{json,py}
]
indent_style = space
indent_style = space
indent_size = 2
indent_size = 2
...
...
component/apache/buildout.cfg
View file @
f46c53e8
...
@@ -7,7 +7,7 @@ extends =
...
@@ -7,7 +7,7 @@ extends =
../nghttp2/buildout.cfg
../nghttp2/buildout.cfg
../gdbm/buildout.cfg
../gdbm/buildout.cfg
../libexpat/buildout.cfg
../libexpat/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
../libxml2/buildout.cfg
../libxml2/buildout.cfg
../openssl/buildout.cfg
../openssl/buildout.cfg
../patch/buildout.cfg
../patch/buildout.cfg
...
...
component/firefox/buildout.cfg
View file @
f46c53e8
...
@@ -148,7 +148,7 @@ library =
...
@@ -148,7 +148,7 @@ library =
${libpng:location}/lib
${libpng:location}/lib
${libSM:location}/lib
${libSM:location}/lib
${libtool:location}/lib
${libtool:location}/lib
${
libuuid
:location}/lib
${
util-linux
:location}/lib
${libX11:location}/lib
${libX11:location}/lib
${libXau:location}/lib
${libXau:location}/lib
${libxcb:location}/lib
${libxcb:location}/lib
...
...
component/libsecret/buildout.cfg
View file @
f46c53e8
...
@@ -6,7 +6,7 @@ extends =
...
@@ -6,7 +6,7 @@ extends =
../pkgconfig/buildout.cfg
../pkgconfig/buildout.cfg
../glib/buildout.cfg
../glib/buildout.cfg
../gettext/buildout.cfg
../gettext/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
../xz-utils/buildout.cfg
../xz-utils/buildout.cfg
...
...
component/libuuid/buildout.cfg
deleted
100644 → 0
View file @
e976ceae
[buildout]
parts =
libuuid
extends =
../perl/buildout.cfg
[libuuid]
recipe = slapos.recipe.cmmi
shared = true
url = http://www.kernel.org/pub/linux/utils/util-linux/v2.37/util-linux-2.37.2.tar.xz
md5sum = d659bf7cd417d93dc609872f6334b019
configure-options =
--disable-static
--disable-all-programs
--enable-libuuid
--without-libiconv-prefix
--without-libintl-prefix
--without-ncurses
--without-slang
--without-pam
--without-selinux
--without-audit
environment =
PATH=${perl:location}/bin:%(PATH)s
component/pcre/buildout.cfg
View file @
f46c53e8
...
@@ -7,7 +7,7 @@ parts =
...
@@ -7,7 +7,7 @@ parts =
[pcre]
[pcre]
recipe = slapos.recipe.cmmi
recipe = slapos.recipe.cmmi
shared = true
shared = true
url = https://
ftp.pcre.org/pub/pcre
/pcre-8.45.tar.bz2
url = https://
download.sourceforge.net/pcre/pcre/8.45
/pcre-8.45.tar.bz2
md5sum = 4452288e6a0eefb2ab11d36010a1eebb
md5sum = 4452288e6a0eefb2ab11d36010a1eebb
configure-options =
configure-options =
--disable-static
--disable-static
...
...
component/qemu-kvm/buildout.cfg
View file @
f46c53e8
...
@@ -8,7 +8,7 @@ extends =
...
@@ -8,7 +8,7 @@ extends =
../libcap-ng/buildout.cfg
../libcap-ng/buildout.cfg
../libpng/buildout.cfg
../libpng/buildout.cfg
../liburing/buildout.cfg
../liburing/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
../meson/buildout.cfg
../meson/buildout.cfg
../ncurses/buildout.cfg
../ncurses/buildout.cfg
../ninja/buildout.cfg
../ninja/buildout.cfg
...
...
component/quic_client-bin/buildout.cfg
View file @
f46c53e8
...
@@ -11,7 +11,7 @@ extends =
...
@@ -11,7 +11,7 @@ extends =
../pcre/buildout.cfg
../pcre/buildout.cfg
../libffi/buildout.cfg
../libffi/buildout.cfg
../zlib/buildout.cfg
../zlib/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
# compilation
# compilation
../git/buildout.cfg
../git/buildout.cfg
...
...
component/rsyslogd/buildout.cfg
View file @
f46c53e8
...
@@ -5,7 +5,7 @@ extends =
...
@@ -5,7 +5,7 @@ extends =
../curl/buildout.cfg
../curl/buildout.cfg
../libestr/buildout.cfg
../libestr/buildout.cfg
../libfastjson/buildout.cfg
../libfastjson/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
../zlib/buildout.cfg
../zlib/buildout.cfg
[rsyslogd]
[rsyslogd]
...
...
component/serf/buildout.cfg
View file @
f46c53e8
...
@@ -3,7 +3,7 @@ parts =
...
@@ -3,7 +3,7 @@ parts =
serf
serf
extends =
extends =
../apache/buildout.cfg
../apache/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
../openssl/buildout.cfg
../openssl/buildout.cfg
../zlib/buildout.cfg
../zlib/buildout.cfg
...
...
component/subversion/buildout.cfg
View file @
f46c53e8
...
@@ -5,7 +5,7 @@
...
@@ -5,7 +5,7 @@
extends =
extends =
../apache/buildout.cfg
../apache/buildout.cfg
../libexpat/buildout.cfg
../libexpat/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
../openssl/buildout.cfg
../openssl/buildout.cfg
../patch/buildout.cfg
../patch/buildout.cfg
../perl/buildout.cfg
../perl/buildout.cfg
...
...
component/trafficserver/buildout.cfg
View file @
f46c53e8
...
@@ -45,6 +45,7 @@ patch-options = -p1
...
@@ -45,6 +45,7 @@ patch-options = -p1
# (see https://github.com/apache/trafficserver/issues/8539 for the detail)
# (see https://github.com/apache/trafficserver/issues/8539 for the detail)
patches =
patches =
${:_profile_base_location_}/trafficserver-9.1.1-TSHttpTxnCacheLookupStatusGet-fix.patch#d8ed3db3a48e97eb72aaaf7d7598a2d2
${:_profile_base_location_}/trafficserver-9.1.1-TSHttpTxnCacheLookupStatusGet-fix.patch#d8ed3db3a48e97eb72aaaf7d7598a2d2
${:_profile_base_location_}/trafficserver-9.1.1-via-string-rapid-cdn.patch#8c39243d7525222385d5964485734f99
environment =
environment =
PATH=${libtool:location}/bin:${make:location}/bin:${patch:location}/bin:${perl:location}/bin:${pkgconfig:location}/bin:%(PATH)s
PATH=${libtool:location}/bin:${make:location}/bin:${patch:location}/bin:${perl:location}/bin:${pkgconfig:location}/bin:%(PATH)s
LDFLAGS =-L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib -L${tcl:location}/lib -Wl,-rpath=${tcl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${luajit:location}/lib -lm
LDFLAGS =-L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib -L${tcl:location}/lib -Wl,-rpath=${tcl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${luajit:location}/lib -lm
...
...
component/trafficserver/trafficserver-9.1.1-via-string-rapid-cdn.patch
0 → 100644
View file @
f46c53e8
diff -ur trafficserver-9.1.1.orig/proxy/http/HttpTransactHeaders.cc trafficserver-9.1.1/proxy/http/HttpTransactHeaders.cc
--- trafficserver-9.1.1.orig/proxy/http/HttpTransactHeaders.cc 2022-02-09 12:21:56.591350540 +0100
+++ trafficserver-9.1.1/proxy/http/HttpTransactHeaders.cc 2022-03-07 13:02:31.503849619 +0100
@@ -758,15 +758,6 @@
write_hdr_protocol_stack(via_string, via_limit - via_string, ProtocolStackDetail::Standard, proto_buf.data(), n_proto);
*via_string++ = ' ';
- via_string += nstrcpy(via_string, s->http_config_param->proxy_hostname);
-
- *via_string++ = '[';
- memcpy(via_string, Machine::instance()->uuid.getString(), TS_UUID_STRING_LEN);
- via_string += TS_UUID_STRING_LEN;
- *via_string++ = ']';
- *via_string++ = ' ';
- *via_string++ = '(';
-
memcpy(via_string, s->http_config_param->proxy_request_via_string, s->http_config_param->proxy_request_via_string_len);
via_string += s->http_config_param->proxy_request_via_string_len;
@@ -793,7 +784,6 @@
}
}
- *via_string++ = ')';
*via_string = 0;
ink_assert((size_t)(via_string - new_via_string) < (sizeof(new_via_string) - 1));
@@ -848,10 +838,6 @@
write_hdr_protocol_stack(via_string, via_limit - via_string, ProtocolStackDetail::Standard, proto_buf.data(), n_proto);
*via_string++ = ' ';
- via_string += nstrcpy(via_string, s->http_config_param->proxy_hostname);
- *via_string++ = ' ';
- *via_string++ = '(';
-
memcpy(via_string, s->http_config_param->proxy_response_via_string, s->http_config_param->proxy_response_via_string_len);
via_string += s->http_config_param->proxy_response_via_string_len;
@@ -877,7 +863,6 @@
}
}
- *via_string++ = ')';
*via_string = 0;
ink_assert((size_t)(via_string - new_via_string) < (sizeof(new_via_string) - 1));
component/unstable/accords/buildout.cfg
View file @
f46c53e8
...
@@ -5,7 +5,7 @@ extends =
...
@@ -5,7 +5,7 @@ extends =
../libtool/buildout.cfg
../libtool/buildout.cfg
../git/buildout.cfg
../git/buildout.cfg
../openssl/buildout.cfg
../openssl/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
parts = accords
parts = accords
...
...
component/unstable/apache-perl/buildout.cfg
View file @
f46c53e8
...
@@ -4,7 +4,7 @@ parts = apache-perl perl-Apache2-Request
...
@@ -4,7 +4,7 @@ parts = apache-perl perl-Apache2-Request
extends =
extends =
../apache/buildout.cfg
../apache/buildout.cfg
../perl/buildout.cfg
../perl/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
[apache-perl]
[apache-perl]
# Note: Shall react on each build of apache and reinstall itself
# Note: Shall react on each build of apache and reinstall itself
...
...
component/util-linux/buildout.cfg
View file @
f46c53e8
...
@@ -7,8 +7,8 @@ extends =
...
@@ -7,8 +7,8 @@ extends =
[util-linux]
[util-linux]
recipe = slapos.recipe.cmmi
recipe = slapos.recipe.cmmi
shared = true
shared = true
url = https://www.kernel.org/pub/linux/utils/util-linux/v2.37/util-linux-2.37.
1
.tar.xz
url = https://www.kernel.org/pub/linux/utils/util-linux/v2.37/util-linux-2.37.
2
.tar.xz
md5sum =
6d244f0f59247e9109f47d6e5dd0556b
md5sum =
d659bf7cd417d93dc609872f6334b019
configure-options =
configure-options =
--disable-static
--disable-static
--enable-libuuid
--enable-libuuid
...
@@ -50,3 +50,21 @@ environment =
...
@@ -50,3 +50,21 @@ environment =
PATH=${perl:location}/bin:${xz-utils:location}/bin:%(PATH)s
PATH=${perl:location}/bin:${xz-utils:location}/bin:%(PATH)s
LDFLAGS=-L${libcap-ng:location}/lib -Wl,-rpath=${libcap-ng:location}/lib
LDFLAGS=-L${libcap-ng:location}/lib -Wl,-rpath=${libcap-ng:location}/lib
CFLAGS=-I${libcap-ng:location}/include
CFLAGS=-I${libcap-ng:location}/include
[libuuid]
# libuuid is inside util-linux source code with only libuuid feature enabled.
<= util-linux
configure-options =
--disable-static
--disable-all-programs
--enable-libuuid
--without-libiconv-prefix
--without-libintl-prefix
--without-ncurses
--without-slang
--without-pam
--without-selinux
--without-audit
environment =
PATH=${perl:location}/bin:%(PATH)s
component/xapian/buildout.cfg
View file @
f46c53e8
...
@@ -3,7 +3,7 @@ parts =
...
@@ -3,7 +3,7 @@ parts =
xapian
xapian
extends =
extends =
../zlib/buildout.cfg
../zlib/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
[xapian]
[xapian]
recipe = slapos.recipe.cmmi
recipe = slapos.recipe.cmmi
...
...
component/xorg/buildout.cfg
View file @
f46c53e8
...
@@ -10,7 +10,7 @@ extends =
...
@@ -10,7 +10,7 @@ extends =
../icu/buildout.cfg
../icu/buildout.cfg
../intltool/buildout.cfg
../intltool/buildout.cfg
../libtool/buildout.cfg
../libtool/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
../libxml2/buildout.cfg
../libxml2/buildout.cfg
../libxslt/buildout.cfg
../libxslt/buildout.cfg
../meson/buildout.cfg
../meson/buildout.cfg
...
...
component/zeromq/buildout.cfg
View file @
f46c53e8
[buildout]
[buildout]
extends =
extends =
../libtool/buildout.cfg
../libtool/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
[zeromq]
[zeromq]
<= zeromq3
<= zeromq3
...
...
software/caddy-frontend/buildout.hash.cfg
View file @
f46c53e8
...
@@ -22,19 +22,19 @@ md5sum = 5784bea3bd608913769ff9a8afcccb68
...
@@ -22,19 +22,19 @@ md5sum = 5784bea3bd608913769ff9a8afcccb68
[profile-caddy-frontend]
[profile-caddy-frontend]
filename = instance-apache-frontend.cfg.in
filename = instance-apache-frontend.cfg.in
md5sum =
3e3021b86c3cfe93553489441da85496
md5sum =
04e550480d3057ca65d87c6fadbaed6e
[profile-caddy-replicate]
[profile-caddy-replicate]
filename = instance-apache-replicate.cfg.in
filename = instance-apache-replicate.cfg.in
md5sum =
c028f1c5947494e7f25cf8266a3ecd2d
md5sum =
63b418626ef0f8ac54d6359fb6637371
[profile-slave-list]
[profile-slave-list]
_update_hash_filename_ = templates/apache-custom-slave-list.cfg.in
_update_hash_filename_ = templates/apache-custom-slave-list.cfg.in
md5sum =
6b6ab13d82bf9ecff6a37c3402ddbf95
md5sum =
e3ba0da5d137dcbd56c2604d200ac3b9
[profile-replicate-publish-slave-information]
[profile-replicate-publish-slave-information]
_update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in
_update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in
md5sum =
df304a8aee87b6f2425241016a48f7a5
md5sum =
be54431846fe7f3cee65260eefc83d62
[profile-caddy-frontend-configuration]
[profile-caddy-frontend-configuration]
_update_hash_filename_ = templates/Caddyfile.in
_update_hash_filename_ = templates/Caddyfile.in
...
@@ -46,11 +46,11 @@ md5sum = 88af61e7abbf30dc99a1a2526161128d
...
@@ -46,11 +46,11 @@ md5sum = 88af61e7abbf30dc99a1a2526161128d
[template-default-slave-virtualhost]
[template-default-slave-virtualhost]
_update_hash_filename_ = templates/default-virtualhost.conf.in
_update_hash_filename_ = templates/default-virtualhost.conf.in
md5sum =
37475d79f28c5f126bc1947fdb938fdb
md5sum =
57c86795293b11300a036f5f8cf2c868
[template-backend-haproxy-configuration]
[template-backend-haproxy-configuration]
_update_hash_filename_ = templates/backend-haproxy.cfg.in
_update_hash_filename_ = templates/backend-haproxy.cfg.in
md5sum =
ae4c9ce775ea003aa51eda5ecbbeec73
md5sum =
6d4ad68ac44ccc72fe9148bd8e05a6f0
[template-empty]
[template-empty]
_update_hash_filename_ = templates/empty.in
_update_hash_filename_ = templates/empty.in
...
@@ -62,7 +62,7 @@ md5sum = 975177dedf677d24e14cede5d13187ce
...
@@ -62,7 +62,7 @@ md5sum = 975177dedf677d24e14cede5d13187ce
[template-trafficserver-records-config]
[template-trafficserver-records-config]
_update_hash_filename_ = templates/trafficserver/records.config.jinja2
_update_hash_filename_ = templates/trafficserver/records.config.jinja2
md5sum =
e87238c53d080ef9ef90040e57bc1395
md5sum =
715baa302d562a7e4eddc3d1bf72f981
[template-trafficserver-storage-config]
[template-trafficserver-storage-config]
_update_hash_filename_ = templates/trafficserver/storage.config.jinja2
_update_hash_filename_ = templates/trafficserver/storage.config.jinja2
...
@@ -94,7 +94,7 @@ md5sum = 8c150e1e6c993708d31936742f3a7302
...
@@ -94,7 +94,7 @@ md5sum = 8c150e1e6c993708d31936742f3a7302
[caddyprofiledeps-setup]
[caddyprofiledeps-setup]
filename = setup.py
filename = setup.py
md5sum =
6aad2b4c271294f524214192ee197c15
md5sum =
f6f72d03af7d9dc29fb4d4fef1062e73
[caddyprofiledeps-dummy]
[caddyprofiledeps-dummy]
filename = caddyprofiledummy.py
filename = caddyprofiledummy.py
...
...
software/caddy-frontend/instance-apache-frontend.cfg.in
View file @
f46c53e8
...
@@ -63,6 +63,75 @@ parts =
...
@@ -63,6 +63,75 @@ parts =
[caddyprofiledeps]
[caddyprofiledeps]
recipe = caddyprofiledeps
recipe = caddyprofiledeps
[frontend-node-id]
# Store id file in top of hierarchy, so it does not depend on directory creation
file = ${buildout:directory}/.frontend-node-id.txt
recipe = slapos.recipe.build
init =
import os
import secrets
if not os.path.exists(options['file']):
with open(options['file'], 'w') as fh:
fh.write(secrets.token_urlsafe(4))
with open(options['file'], 'r') as fh:
options['value'] = fh.read()
[frontend-node-private-salt]
# Private, not communicated, stable hash, which can be used to salt other
# hashes, so their values are connected to the node, but practicaly impossible
# to crack (until the node is hacked itself, but then those values are
# stolen anyway)
recipe = slapos.recipe.build
init =
import os
import uuid
if not os.path.exists(options['file']):
with open(options['file'], 'w') as fh:
fh.write(uuid.uuid4().hex)
with open(options['file'], 'r') as fh:
options['value'] = fh.read()
file = ${buildout:directory}/.frontend-node-private-salt.txt
[version-hash]
recipe = slapos.recipe.build
software-release-url = ${slap-connection:software-release-url}
hash-salt = ${frontend-node-private-salt:value}
init =
import hashlib
import base64
options['value'] = base64.urlsafe_b64encode(hashlib.md5(''.join([options['software-release-url'].strip(), options['hash-salt']])).digest())
[frontend-node-information]
recipe = slapos.recipe.build
file = ${buildout:directory}/.frontend-node-information.json
node-id = ${frontend-node-id:value}
current-hash = ${version-hash:value}
current-software-release-url = ${version-hash:software-release-url}
init =
import json
changed = False
try:
with open(options['file'], 'r') as fh:
data = json.load(fh)
except Exception:
changed = True
data = {
'node-id': options['node-id'],
'version-hash-history': {options['current-hash']: options['current-software-release-url']}
}
if 'node-id' not in data:
data['node-id'] = options['node-id']
changed = True
if 'version-hash-history' not in data:
data['version-hash-history'] = {}
changed = True
if options['current-hash'] not in data['version-hash-history']:
data['version-hash-history'][options['current-hash']] = options['current-software-release-url']
changed = True
if changed:
with open(options['file'], 'w') as fh:
json.dump(data, fh)
options['value'] = data
# Create all needed directories
# Create all needed directories
[directory]
[directory]
recipe = slapos.cookbook:mkdirectory
recipe = slapos.cookbook:mkdirectory
...
@@ -305,6 +374,10 @@ extra-context =
...
@@ -305,6 +374,10 @@ extra-context =
key software_type :software_type
key software_type :software_type
key frontend_lazy_graceful_reload frontend-caddy-lazy-graceful:rendered
key frontend_lazy_graceful_reload frontend-caddy-lazy-graceful:rendered
key monitor_base_url monitor-instance-parameter:monitor-base-url
key monitor_base_url monitor-instance-parameter:monitor-base-url
key node_id frontend-node-id:value
key version_hash version-hash:value
key software_release_url version-hash:software-release-url
key node_information frontend-node-information:value
key custom_ssl_directory caddy-directory:custom-ssl-directory
key custom_ssl_directory caddy-directory:custom-ssl-directory
# BBB: SlapOS Master non-zero knowledge BEGIN
# BBB: SlapOS Master non-zero knowledge BEGIN
key apache_certificate apache-certificate:rendered
key apache_certificate apache-certificate:rendered
...
@@ -462,6 +535,8 @@ disk-cache-size = ${configuration:disk-cache-size}
...
@@ -462,6 +535,8 @@ disk-cache-size = ${configuration:disk-cache-size}
ram-cache-size = ${configuration:ram-cache-size}
ram-cache-size = ${configuration:ram-cache-size}
templates-dir = {{ software_parameter_dict['trafficserver'] }}/etc/trafficserver/body_factory
templates-dir = {{ software_parameter_dict['trafficserver'] }}/etc/trafficserver/body_factory
request-timeout = ${configuration:request-timeout}
request-timeout = ${configuration:request-timeout}
version-hash = ${version-hash:value}
node-id = ${frontend-node-id:value}
[trafficserver-configuration-directory]
[trafficserver-configuration-directory]
recipe = plone.recipe.command
recipe = plone.recipe.command
...
...
software/caddy-frontend/instance-apache-replicate.cfg.in
View file @
f46c53e8
...
@@ -286,7 +286,7 @@ config-monitor-username = ${monitor-instance-parameter:username}
...
@@ -286,7 +286,7 @@ config-monitor-username = ${monitor-instance-parameter:username}
config-monitor-password = ${monitor-htpasswd:passwd}
config-monitor-password = ${monitor-htpasswd:passwd}
software-type = {{frontend_type}}
software-type = {{frontend_type}}
return = slave-instance-information-list monitor-base-url backend-client-csr-url kedifa-csr-url csr-certificate backend-haproxy-statistic-url
return = slave-instance-information-list monitor-base-url backend-client-csr-url kedifa-csr-url csr-certificate backend-haproxy-statistic-url
node-information-json
{#- Send only needed parameters to frontend nodes #}
{#- Send only needed parameters to frontend nodes #}
{%- set base_node_configuration_dict = {} %}
{%- set base_node_configuration_dict = {} %}
...
@@ -376,6 +376,7 @@ kedifa-csr-certificate = ${request-kedifa:connection-csr-certificate}
...
@@ -376,6 +376,7 @@ kedifa-csr-certificate = ${request-kedifa:connection-csr-certificate}
{% for frontend in frontend_list %}
{% for frontend in frontend_list %}
{% set section_part = '${request-' + frontend %}
{% set section_part = '${request-' + frontend %}
{{ frontend }}-backend-haproxy-statistic-url = {{ section_part }}:connection-backend-haproxy-statistic-url}
{{ frontend }}-backend-haproxy-statistic-url = {{ section_part }}:connection-backend-haproxy-statistic-url}
{{ frontend }}-node-information-json = ${frontend-information:{{ frontend }}-node-information-json}
{% endfor %}
{% endfor %}
{% if not aibcc_enabled %}
{% if not aibcc_enabled %}
{% for frontend in frontend_list %}
{% for frontend in frontend_list %}
...
@@ -461,6 +462,12 @@ warning-slave-dict = {{ dumps(warning_slave_dict) }}
...
@@ -461,6 +462,12 @@ warning-slave-dict = {{ dumps(warning_slave_dict) }}
{# sort_keys are important in order to avoid shuffling parameters on each run #}
{# sort_keys are important in order to avoid shuffling parameters on each run #}
active-slave-instance-list = {{ json_module.dumps(active_slave_instance_list, sort_keys=True) }}
active-slave-instance-list = {{ json_module.dumps(active_slave_instance_list, sort_keys=True) }}
[frontend-information]
{% for frontend in frontend_list %}
{% set section_part = '${request-' + frontend %}
{{ frontend }}-node-information-json = {{ section_part }}:connection-node-information-json}
{% endfor %}
[dynamic-publish-slave-information]
[dynamic-publish-slave-information]
< = jinja2-template-base
< = jinja2-template-base
template = {{ software_parameter_dict['profile_replicate_publish_slave_information'] }}
template = {{ software_parameter_dict['profile_replicate_publish_slave_information'] }}
...
@@ -468,6 +475,7 @@ filename = dynamic-publish-slave-information.cfg
...
@@ -468,6 +475,7 @@ filename = dynamic-publish-slave-information.cfg
extensions = jinja2.ext.do
extensions = jinja2.ext.do
extra-context =
extra-context =
section slave_information slave-information
section slave_information slave-information
section frontend_information frontend-information
section rejected_slave_information rejected-slave-information
section rejected_slave_information rejected-slave-information
section active_slave_instance_dict active-slave-instance
section active_slave_instance_dict active-slave-instance
section warning_slave_information warning-slave-information
section warning_slave_information warning-slave-information
...
...
software/caddy-frontend/setup.py
View file @
f46c53e8
...
@@ -10,6 +10,7 @@ setup(
...
@@ -10,6 +10,7 @@ setup(
'furl'
,
'furl'
,
'orderedmultidict'
,
'orderedmultidict'
,
'caucase'
,
'caucase'
,
'python2-secrets'
,
],
],
entry_points
=
{
entry_points
=
{
'zc.buildout'
:
[
'zc.buildout'
:
[
...
...
software/caddy-frontend/software.cfg
View file @
f46c53e8
...
@@ -214,6 +214,7 @@ kedifa = 0.0.6
...
@@ -214,6 +214,7 @@ kedifa = 0.0.6
# Modern KeDiFa requires zc.lockfile
# Modern KeDiFa requires zc.lockfile
zc.lockfile = 1.4
zc.lockfile = 1.4
python2-secrets = 1.0.5
validators = 0.12.2
validators = 0.12.2
PyRSS2Gen = 1.1
PyRSS2Gen = 1.1
cns.recipe.symlink = 0.2.3
cns.recipe.symlink = 0.2.3
...
...
software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
View file @
f46c53e8
...
@@ -330,6 +330,8 @@ certificate = {{ certificate }}
...
@@ -330,6 +330,8 @@ certificate = {{ certificate }}
https_port = {{ dumps('' ~ configuration['port']) }}
https_port = {{ dumps('' ~ configuration['port']) }}
http_port = {{ dumps('' ~ configuration['plain_http_port']) }}
http_port = {{ dumps('' ~ configuration['plain_http_port']) }}
local_ipv4 = {{ dumps('' ~ instance_parameter_dict['ipv4-random']) }}
local_ipv4 = {{ dumps('' ~ instance_parameter_dict['ipv4-random']) }}
version-hash = {{ version_hash }}
node-id = {{ node_id }}
{%- for key, value in slave_instance.iteritems() %}
{%- for key, value in slave_instance.iteritems() %}
{%- if value is not none %}
{%- if value is not none %}
{{ key }} = {{ dumps(value) }}
{{ key }} = {{ dumps(value) }}
...
@@ -463,6 +465,8 @@ csr-certificate = ${expose-csr-certificate-get:certificate}
...
@@ -463,6 +465,8 @@ csr-certificate = ${expose-csr-certificate-get:certificate}
{#- We unquote, as furl quotes automatically, but there is buildout value on purpose like ${...:...} in the passwod #}
{#- We unquote, as furl quotes automatically, but there is buildout value on purpose like ${...:...} in the passwod #}
{%- set statistic_url = urlparse_module.unquote(furled.tostr()) %}
{%- set statistic_url = urlparse_module.unquote(furled.tostr()) %}
backend-haproxy-statistic-url = {{ statistic_url }}
backend-haproxy-statistic-url = {{ statistic_url }}
{#- sort_keys are important in order to avoid shuffling parameters on each run #}
node-information-json = {{ json_module.dumps(node_information, sort_keys=True) }}
[kedifa-updater]
[kedifa-updater]
recipe = slapos.cookbook:wrapper
recipe = slapos.cookbook:wrapper
...
@@ -513,6 +517,8 @@ global-ipv6 = ${slap-configuration:ipv6-random}
...
@@ -513,6 +517,8 @@ global-ipv6 = ${slap-configuration:ipv6-random}
request-timeout = {{ dumps('' ~ configuration['request-timeout']) }}
request-timeout = {{ dumps('' ~ configuration['request-timeout']) }}
backend-connect-timeout = {{ dumps('' ~ configuration['backend-connect-timeout']) }}
backend-connect-timeout = {{ dumps('' ~ configuration['backend-connect-timeout']) }}
backend-connect-retries = {{ dumps('' ~ configuration['backend-connect-retries']) }}
backend-connect-retries = {{ dumps('' ~ configuration['backend-connect-retries']) }}
version-hash = {{ version_hash }}
node-id = {{ node_id }}
[template-expose-csr-link-csr]
[template-expose-csr-link-csr]
recipe = plone.recipe.command
recipe = plone.recipe.command
...
...
software/caddy-frontend/templates/backend-haproxy.cfg.in
View file @
f46c53e8
...
@@ -58,6 +58,8 @@ frontend statistic
...
@@ -58,6 +58,8 @@ frontend statistic
frontend http-backend
frontend http-backend
bind {{ configuration['local-ipv4'] }}:{{ configuration['http-port'] }}
bind {{ configuration['local-ipv4'] }}:{{ configuration['http-port'] }}
http-request add-header Via "%HV rapid-cdn-backend-{{ configuration['node-id'] }}-{{ configuration['version-hash'] }}"
http-response add-header Via "%HV rapid-cdn-backend-{{ configuration['node-id'] }}-{{ configuration['version-hash']}}"
{%- for slave_instance in backend_slave_list -%}
{%- for slave_instance in backend_slave_list -%}
{{ frontend_entry(slave_instance, 'http', False) }}
{{ frontend_entry(slave_instance, 'http', False) }}
{%- endfor %}
{%- endfor %}
...
...
software/caddy-frontend/templates/default-virtualhost.conf.in
View file @
f46c53e8
...
@@ -21,6 +21,10 @@
...
@@ -21,6 +21,10 @@
# workaround for lost connection to haproxy by reconnecting
# workaround for lost connection to haproxy by reconnecting
try_duration 3s
try_duration 3s
try_interval 250ms
try_interval 250ms
header_upstream +Via "{proto} rapid-cdn-frontend-{{ slave_parameter['node-id'] }}-{{ slave_parameter['version-hash'] }}"
{%- if not slave_parameter['disable-via-header'] %}
header_downstream +Via "{proto} rapid-cdn-frontend-{{ slave_parameter['node-id'] }}-{{ slave_parameter['version-hash'] }}"
{%- endif %}
{%- endmacro %} {# proxy_header #}
{%- endmacro %} {# proxy_header #}
{%- macro hsts_header(tls) %}
{%- macro hsts_header(tls) %}
...
...
software/caddy-frontend/templates/replicate-publish-slave-information.cfg.in
View file @
f46c53e8
...
@@ -72,6 +72,9 @@ log-access-url = {{ dumps(json_module.dumps(log_access_url, sort_keys=True)) }}
...
@@ -72,6 +72,9 @@ log-access-url = {{ dumps(json_module.dumps(log_access_url, sort_keys=True)) }}
{{ key }} = {{ dumps(value) }}
{{ key }} = {{ dumps(value) }}
{% endfor %}
{% endfor %}
{% endif %}
{% endif %}
{% for frontend_key, frontend_value in frontend_information.iteritems() %}
{{ frontend_key }} = {{ frontend_value }}
{% endfor %}
{% endfor %}
{% endfor %}
[buildout]
[buildout]
...
...
software/caddy-frontend/templates/trafficserver/records.config.jinja2
View file @
f46c53e8
...
@@ -18,6 +18,12 @@ LOCAL proxy.local.incoming_ip_to_bind STRING {{ ats_configuration['local-ip'] }}
...
@@ -18,6 +18,12 @@ LOCAL proxy.local.incoming_ip_to_bind STRING {{ ats_configuration['local-ip'] }}
CONFIG proxy.config.log.logfile_dir STRING {{ ats_directory['log'] }}
CONFIG proxy.config.log.logfile_dir STRING {{ ats_directory['log'] }}
# Never change Server header
# Never change Server header
CONFIG proxy.config.http.response_server_enabled INT 0
CONFIG proxy.config.http.response_server_enabled INT 0
# Handle Via header
CONFIG proxy.config.http.insert_request_via_str INT 1
CONFIG proxy.config.http.request_via_str STRING rapid-cdn-cache-{{ ats_configuration['node-id'] }}-{{ ats_configuration['version-hash'] }}
CONFIG proxy.config.http.insert_response_via_str INT 1
CONFIG proxy.config.http.response_via_str STRING rapid-cdn-cache-{{ ats_configuration['node-id'] }}-{{ ats_configuration['version-hash'] }}
# Implement RFC 5861 with core
# Implement RFC 5861 with core
CONFIG proxy.config.http.cache.open_write_fail_action INT 2
CONFIG proxy.config.http.cache.open_write_fail_action INT 2
CONFIG proxy.config.body_factory.template_sets_dir STRING {{ ats_configuration['templates-dir'] }}
CONFIG proxy.config.body_factory.template_sets_dir STRING {{ ats_configuration['templates-dir'] }}
...
@@ -53,13 +59,6 @@ CONFIG proxy.config.exec_thread.affinity INT 1
...
@@ -53,13 +59,6 @@ CONFIG proxy.config.exec_thread.affinity INT 1
##############################################################################
##############################################################################
CONFIG proxy.config.http.server_ports STRING {{ ats_configuration['local-ip'] + ':' + ats_configuration['input-port'] }}
CONFIG proxy.config.http.server_ports STRING {{ ats_configuration['local-ip'] + ':' + ats_configuration['input-port'] }}
##############################################################################
# Via: headers. Docs:
# https://docs.trafficserver.apache.org/records.config#proxy-config-http-insert-response-via-str
##############################################################################
CONFIG proxy.config.http.insert_request_via_str INT 1
CONFIG proxy.config.http.insert_response_via_str INT 0
##############################################################################
##############################################################################
# Parent proxy configuration, in addition to these settings also see parent.config. Docs:
# Parent proxy configuration, in addition to these settings also see parent.config. Docs:
# https://docs.trafficserver.apache.org/records.config#parent-proxy-configuration
# https://docs.trafficserver.apache.org/records.config#parent-proxy-configuration
...
...
software/caddy-frontend/test/test.py
View file @
f46c53e8
This diff is collapsed.
Click to expand it.
stack/slapos.cfg
View file @
f46c53e8
...
@@ -190,7 +190,7 @@ setuptools-dso = 1.7
...
@@ -190,7 +190,7 @@ setuptools-dso = 1.7
rubygemsrecipe = 0.4.3
rubygemsrecipe = 0.4.3
six = 1.12.0
six = 1.12.0
slapos.cookbook = 1.0.226
slapos.cookbook = 1.0.226
slapos.core = 1.7.
4
slapos.core = 1.7.
5
slapos.extension.strip = 0.4
slapos.extension.strip = 0.4
slapos.extension.shared = 1.0
slapos.extension.shared = 1.0
slapos.libnetworkcache = 0.22
slapos.libnetworkcache = 0.22
...
@@ -249,10 +249,12 @@ certifi = 2020.6.20
...
@@ -249,10 +249,12 @@ certifi = 2020.6.20
chardet = 3.0.4
chardet = 3.0.4
urllib3 = 1.25.9
urllib3 = 1.25.9
pkgconfig = 1.5.1
pkgconfig = 1.5.1
distro = 1.7.0
[versions:python2]
[versions:python2]
Werkzeug = 1.0.1
Werkzeug = 1.0.1
distro = 1.6.0
[networkcache]
[networkcache]
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment