Commit f52bd2dc authored by Ekaterina's avatar Ekaterina

add: caddy

parent 889a7402
[buildout]
extends =
../../stack/caddy/buildout.cfg
{%- if parameter_dict['domain'] -%}
{{ parameter_dict['domain'] }} {
tls {{ custom_cert_dict['cert-file'] }} {{ custom_cert_dict['key-file'] }} {
ca {{ca_custom_frontend_dict['rendered']}}
}
log {{caddy_configuration_dict['access_log']}}
errors {{caddy_configuration_dict['error_log']}}
root {{ directory_dict['public_html'] }}
{% if parameter_dict['enable-basic-auth'] == 'true' -%}
basicauth / {{ parameter_dict['username'] }} {{parameter_dict['password']}}
{%- endif %}
{% if parameter_dict['proxy'] == 'true' -%}
{% if parameter_dict['type'] == 'zope' -%}
proxy / {{parameter_dict['url']}}/VirtualHostBase/https/{{ parameter_dict['domain'] }}/VirtualHostRoot/ {
insecure_skip_verify
}
{% else %}
proxy / {{parameter_dict['url']}}
{%- endif %}
{%- endif %}
bind {{caddy_configuration_dict['ipv6']}}
}
{%- endif %}
[{{caddy_configuration_dict['ipv6']}}]:{{parameter_dict['port']}} {
tls {{ custom_cert_dict['cert-file'] }} {{ custom_cert_dict['key-file'] }} {
ca {{ certificate_authority_dict['ca-cert-file'] }}
}
log {{caddy_configuration_dict['access_log']}}
errors {{caddy_configuration_dict['error_log']}}
root {{ directory_dict['public_html'] }}
{% if parameter_dict['enable-basic-auth'] == 'true' -%}
basicauth / {{ parameter_dict['username'] }} {{parameter_dict['password']}}
{%- endif %}
{% if parameter_dict['proxy'] == 'true' -%}
{% if parameter_dict['type'] == 'zope' -%}
proxy / {{parameter_dict['url']}}/VirtualHostBase/https/[{{caddy_configuration_dict['ipv6']}}]:{{parameter_dict['port']}}/VirtualHostRoot/ {
insecure_skip_verify
}
{% else %}
proxy / {{parameter_dict['url']}}
{%- endif %}
{%- endif %}
bind {{caddy_configuration_dict['ipv6']}}
}
[{{caddy_configuration_dict['local_ip']}}]:{{parameter_dict['port']}} {
log {{caddy_configuration_dict['access_log']}}
errors {{caddy_configuration_dict['error_log']}}
root {{ directory_dict['public_html'] }}
{% if parameter_dict['enable-basic-auth'] == 'true' -%}
basicauth / {{ parameter_dict['username'] }} {{parameter_dict['password']}}
{%- endif %}
bind {{caddy_configuration_dict['local_ip']}}
}
\ No newline at end of file
[buildout]
extends =
../../component/golang/buildout.cfg
../../stack/slapos.cfg
../../component/dash/buildout.cfg
gowork.cfg
parts =
gowork
slapos-cookbook
instance-profile
template-caddy
caddy
[gowork]
install =
github.com/mholt/caddy
[instance-profile]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
md5sum = 403f86b667f7a5d397993735bcd162ab
output =${buildout:directory}/instance.cfg
filename = instance.cfg
mode = 0644
[template-caddyfile]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/Caddyfile.in
md5sum = 05b8347df3c5803a18a515687a3504e3
filename = Caddyfile.in
location = ${buildout:parts-directory}/${:_buildout_section_name_}
mode = 0644
[template-caddy]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-caddy.cfg.in
md5sum = 4ed3a50a15a793fec330332be30a9f3a
output = ${buildout:directory}/instance-caddy.cfg.in
mode = 0644
[template-public-html]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/templates/index.html
md5sum = b5794ac8b10ed90173ad566e6e324b35
output = ${buildout:directory}/index.html
mode = 0644
[template-caddy-service]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/template-caddy-service.sh.in
md5sum = 1736f72c7c76afe133753389da7c0b1f
output = ${buildout:directory}/template-caddy-service.sh.in
mode = 0644
[caddy]
recipe = slapos.recipe.cmmi
path = ${go_github.com_mholt_caddy:location}
go = ${gowork:golang}/bin/go
configure-command = :
make-targets =
make-binary = cd ${:path}/caddy && ${:go} install -v
environment =
PATH=${pkgconfig:location}/bin:${gowork:golang}/bin:${buildout:bin-directory}:%(PATH)s
GOPATH=${gowork:directory}
output = ${gowork:bin}/caddy
\ No newline at end of file
# Code generated by gowork-snapshot; DO NOT EDIT.
# list of go git repositories to fetch
[gowork.goinstall]
depends_gitfetch =
${go_github.com_mholt_caddy:recipe}
[go_github.com_mholt_caddy]
<= go-git-package
go.importpath = github.com/mholt/caddy
repository = https://github.com/mholt/caddy
revision = v0.10.11-0-gd3f338ddab
[buildout]
parts =
caddy-service
caddy-configuration
certificate-authority
custom-cert
htpasswd
public-html
publish-connection-information
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[directory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
bin = $${buildout:directory}/bin
srv = $${buildout:directory}/srv
var = $${buildout:directory}/var
service = $${:etc}/service
public_html = $${buildout:directory}/public_html
run = $${:var}/run
log = $${:var}/log
ca-dir = $${:srv}/ssl
#################################
# caddy service
#################################
[caddy-service]
recipe = slapos.recipe.template:jinja2
template = ${template-caddy-service:output}
rendered = $${directory:service}/caddy
mode = 0700
context =
key caddy_exec caddy-exec-dict:caddy-exec-file
section caddy_configuration_dict caddy-configuration
section parameter_dict slap-parameter
[caddy-exec-dict]
caddy-exec-file = ${caddy:output}
[caddy-configuration]
recipe = slapos.recipe.template:jinja2
template = ${template-caddyfile:location}/${template-caddyfile:filename}
rendered = $${directory:etc}/Caddyfile
mode = 0600
access_log = $${directory:log}/caddy-access.log
error_log = $${directory:log}/caddy-error.log
ipv6 = $${slap-network-information:global-ipv6}
local_ip = $${slap-network-information:local-ipv4}
context =
section parameter_dict slap-parameter
section directory_dict directory
section caddy_configuration_dict caddy-configuration
section certificate_authority_dict certificate-authority
key htpasswd_dict htpasswd:passwd
section custom_cert_dict custom-cert
section ca_custom_frontend_dict ca-custom-frontend
[ca-directory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:ca-dir}/requests/
private = $${directory:ca-dir}/private/
certs = $${directory:ca-dir}/certs
newcerts = $${directory:ca-dir}/newcerts/
crl = $${directory:ca-dir}/crl/
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${directory:ca-dir}
requests-directory = $${ca-directory:requests}
wrapper = $${directory:service}/certificate_authority
ca-private = $${ca-directory:private}
ca-certs = $${ca-directory:certs}
ca-newcerts = $${ca-directory:newcerts}
ca-crl = $${ca-directory:crl}
ca-cert-file = $${:ca-dir}/cacert.pem
ca-key-file = $${:ca-private}/cakey.pem
[custom-cert]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
executable = $${directory:service}/caddy
wrapper = $${directory:service}/caddy
key-file = $${ca-directory:private}/custom.key
cert-file = $${ca-directory:certs}/custom.crt
key-content = $${slap-parameter:key-content}
cert-content = $${slap-parameter:cert-content}
[ca-custom-frontend]
recipe = slapos.recipe.template:jinja2
template = $${template-empty:target}
rendered = $${ca-directory:certs}/caddy_frontend.ca.crt
context =
key content slap-parameter:caddy-ca-certificate
[template-empty]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/templates/$${:filename}
filename = empty.in
[htpasswd]
recipe = slapos.cookbook:generate.password
storage-path = $${directory:etc}/.pwd
bytes = 8
[public-html]
recipe = slapos.recipe.template
url = ${template-public-html:output}
output = $${directory:public_html}/index.html
mode = 0600
[publish-connection-information]
recipe = slapos.cookbook:publish
password = $${slap-parameter:password}
user = $${slap-parameter:username}
secure_access = https://[$${caddy-configuration:ipv6}]:$${slap-parameter:port}
[slap-parameter]
domain =
key-content =
cert-content =
caddy-ca-certificate =
port = 9443
enable-quic = true
enable-basic-auth =
username = admin
password = $${htpasswd:passwd}
proxy = false
type = zope
url =
\ No newline at end of file
#############################
#
# Deploy caddy instance
#
#############################
[buildout]
parts =
switch-softwaretype
# publish-connection-parameter
# Define egg directories to be the one from Software Release
# (/opt/slapgrid/...)
# Always the same.
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[switch-softwaretype]
recipe = slapos.cookbook:softwaretype
default = $${:caddy}
caddy = $${dynamic-template-caddy:rendered}
[dynamic-template-caddy]
recipe = slapos.recipe.template:jinja2
template = ${template-caddy:output}
rendered = $${buildout:parts-directory}/${:_buildout_section_name_}/${:filename}
filename = instance-caddy.cfg
[slap-connection]
computer-id = $${slap_connection:computer_id}
partition-id = $${slap_connection:partition_id}
server-url = $${slap_connection:server_url}
software-release-url = $${slap_connection:software_release_url}
key-file = $${slap_connection:key_file}
cert-file = $${slap_connection:cert_file}
[instance-parameter]
# Fetch arbitrary parameters defined by the user in SlapOS Master for his instance.
# We use the slapconfiguration recipe with a few parameters (partition id,
# computer id, certificate, etc).
# It will then authenticate to SlapOS Master and fetch the instance parameters.
# The parameters are accessible from {instance-parameter:configuration.name-of-parameter}
# Always the same. Just copy/paste.
# See docstring of slapos.cookbook:slapconfiguration for more information.
recipe = slapos.cookbook:slapconfiguration
computer = $${slap_connection:computer_id}
partition = $${slap_connection:partition_id}
url = $${slap_connection:server_url}
key = $${slap_connection:key_file}
cert = $${slap_connection:cert_file}
\ No newline at end of file
#!${dash-output:dash}
# BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically
{{ caddy_exec }} -conf {{caddy_configuration_dict['rendered']}} \
{%- if parameter_dict['enable-quic'] != 'false' %}
-quic
{%- endif -%}
\ No newline at end of file
{{ content }}
\ No newline at end of file
<h1>Welcome</h1>
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment