Commit 68000cff authored by Rafael Monnerat's avatar Rafael Monnerat

Create appropriated templates and names.

parent c9403ec6
...@@ -37,7 +37,7 @@ import ConfigParser ...@@ -37,7 +37,7 @@ import ConfigParser
class Recipe(BaseSlapRecipe): class Recipe(BaseSlapRecipe):
def getTemplateFilename(self, template_name): def getTemplateFilename(self, template_name):
return pkg_resources.resource_filename(__name__, return pkg_resources.resource_filename(__name__,
'../erp5/template/%s' % template_name) 'template/%s' % template_name)
def _install(self): def _install(self):
self.path_list = [] self.path_list = []
...@@ -55,8 +55,13 @@ class Recipe(BaseSlapRecipe): ...@@ -55,8 +55,13 @@ class Recipe(BaseSlapRecipe):
ca_conf = self.installCertificateAuthority() ca_conf = self.installCertificateAuthority()
key, certificate = self.requestCertificate('Apache Front end') key, certificate = self.requestCertificate('Apache Front end')
site_url = self.installFrontendApache(ip=self.getGlobalIPv6Address(), # This should come from parameter.
port=8080, key=key, certificate=certificate) frontend_domain_name = "host.vifib.net"
site_url = self.installFrontendApache(
ip=self.getGlobalIPv6Address(),
port=8080, name=frontend_domain_name,
key=key, certificate=certificate)
self.setConnectionDict(dict(site_url=site_url, )) self.setConnectionDict(dict(site_url=site_url, ))
return self.path_list return self.path_list
...@@ -152,8 +157,8 @@ class Recipe(BaseSlapRecipe): ...@@ -152,8 +157,8 @@ class Recipe(BaseSlapRecipe):
self._writeFile(openssl_configuration, pkg_resources.resource_string( self._writeFile(openssl_configuration, pkg_resources.resource_string(
__name__, 'template/openssl.cnf.ca.in') % config) __name__, 'template/openssl.cnf.ca.in') % config)
self.path_list.extend(zc.buildout.easy_install.scripts([ self.path_list.extend(zc.buildout.easy_install.scripts([
('certificate_authority', ('certificate_authority', 'slapos.recipe.erp5.certificate_authority',
'slapos.recipe.erp5.certificate_authority', 'runCertificateAuthority')], 'runCertificateAuthority')],
self.ws, sys.executable, self.wrapper_directory, arguments=[dict( self.ws, sys.executable, self.wrapper_directory, arguments=[dict(
openssl_configuration=openssl_configuration, openssl_configuration=openssl_configuration,
openssl_binary=self.options['openssl_binary'], openssl_binary=self.options['openssl_binary'],
...@@ -178,65 +183,57 @@ class Recipe(BaseSlapRecipe): ...@@ -178,65 +183,57 @@ class Recipe(BaseSlapRecipe):
certificate_authority_path=config['ca_dir'] certificate_authority_path=config['ca_dir']
) )
def _getApacheConfigurationDict(self, prefix, ip, port): def _getApacheConfigurationDict(self, name, ip, port):
apache_conf = dict() apache_conf = dict()
apache_conf['server_name'] = name
apache_conf['pid_file'] = os.path.join(self.run_directory, apache_conf['pid_file'] = os.path.join(self.run_directory,
prefix + '.pid') name + '.pid')
apache_conf['lock_file'] = os.path.join(self.run_directory, apache_conf['lock_file'] = os.path.join(self.run_directory,
prefix + '.lock') name + '.lock')
apache_conf['ip'] = ip apache_conf['ip'] = ip
apache_conf['port'] = port apache_conf['port'] = port
apache_conf['server_admin'] = 'admin@' apache_conf['server_admin'] = 'admin@'
apache_conf['error_log'] = os.path.join(self.log_directory, apache_conf['error_log'] = os.path.join(self.log_directory,
prefix + '-error.log') name + '-error.log')
apache_conf['access_log'] = os.path.join(self.log_directory, apache_conf['access_log'] = os.path.join(self.log_directory,
prefix + '-access.log') name + '-access.log')
self.registerLogRotation(prefix, [apache_conf['error_log'], self.registerLogRotation(name, [apache_conf['error_log'],
apache_conf['access_log']], self.killpidfromfile + ' ' + apache_conf['access_log']], self.killpidfromfile + ' ' +
apache_conf['pid_file'] + ' SIGUSR1') apache_conf['pid_file'] + ' SIGUSR1')
return apache_conf return apache_conf
def installFrontendApache(self, ip, port, key, certificate, def installFrontendApache(self, ip, port, key, certificate,
name="slapos", access_control_string=None): name, access_control_string=None):
ident = 'frontend_' + name
frontend_path = self.createDataDirectory('apacheshared') rewrite_rule_include_path = self.createDataDirectory('apachevhost')
apache_conf = self._getApacheConfigurationDict(name, ip, port)
apache_conf['ssl_snippet'] = self.substituteTemplate(
self.getTemplateFilename('apache.ssl-snippet.conf.in'),
dict(login_certificate=certificate, login_key=key))
path = self.substituteTemplate(
self.getTemplateFilename('apache.conf.path-protected.in'),
dict(path='/', access_control_string='none'))
apache_conf = self._getApacheConfigurationDict(ident, ip, port)
apache_conf['server_name'] = name
apache_conf['ssl_snippet'] = pkg_resources.resource_string(__name__,
'template/apache.ssl-snippet.conf.in') % dict(
login_certificate=certificate, login_key=key)
path = pkg_resources.resource_string(__name__, 'template/apache.zope.conf.path-protected.in') % dict(path='/', access_control_string='none')
if access_control_string is None:
path_template = pkg_resources.resource_string(__name__,
'template/apache.zope.conf.path.in')
path += path_template % dict(path=frontend_path)
else:
path_template = pkg_resources.resource_string(__name__,
'template/apache.zope.conf.path-protected.in')
path += path_template % dict(path=frontend_path,
access_control_string=access_control_string)
rewrite_rule = "### Write rule not defined yet."
apache_conf.update(**dict( apache_conf.update(**dict(
path_enable=path, path_enable=path,
rewrite_rule=rewrite_rule rewrite_rule_include_path=rewrite_rule_include_path
)) ))
apache_conf_string = pkg_resources.resource_string(__name__, apache_conf_string = self.substituteTemplate(
'template/apache.zope.conf.in') % apache_conf self.getTemplateFilename('apache.conf.in'), apache_conf)
apache_config_file = self.createConfigurationFile(ident + '.conf',
apache_config_file = self.createConfigurationFile(name + '.conf',
apache_conf_string) apache_conf_string)
self.path_list.append(apache_config_file) self.path_list.append(apache_config_file)
self.path_list.extend(zc.buildout.easy_install.scripts([( self.path_list.extend(zc.buildout.easy_install.scripts([(
ident, 'slapos.recipe.erp5.apache', 'runApache')], self.ws, name, 'slapos.recipe.erp5.apache', 'runApache')], self.ws,
sys.executable, self.wrapper_directory, arguments=[ sys.executable, self.wrapper_directory, arguments=[
dict( dict(
required_path_list=[key, certificate], required_path_list=[key, certificate],
binary=self.options['httpd_binary'], binary=self.options['httpd_binary'],
config=apache_config_file config=apache_config_file)
)
])) ]))
return "https://[%s]:%s/" % (ip, port) return "https://[%s]:%s/" % (ip, port)
...@@ -4,7 +4,8 @@ ...@@ -4,7 +4,8 @@
# Basic server configuration # Basic server configuration
PidFile "%(pid_file)s" PidFile "%(pid_file)s"
LockFile "%(lock_file)s" LockFile "%(lock_file)s"
Listen %(ip)s:%(port)s ServerName %(server_name)s
Listen [%(ip)s]:%(port)s
ServerAdmin %(server_admin)s ServerAdmin %(server_admin)s
DefaultType text/plain DefaultType text/plain
TypesConfig conf/mime.types TypesConfig conf/mime.types
...@@ -36,7 +37,7 @@ CustomLog "%(access_log)s" common ...@@ -36,7 +37,7 @@ CustomLog "%(access_log)s" common
# Magic of Zope related rewrite # Magic of Zope related rewrite
RewriteEngine On RewriteEngine On
%(rewrite_rule)s Include %(rewrite_rule_include_path)s/*.conf
# List of modules # List of modules
LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_host_module modules/mod_authz_host.so
......
# Path enabled
<Location %(path)s>
Order Allow,Deny
Allow from all
</Location>
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment