An error occurred fetching the project authors.
- 09 Jan, 2023 2 commits
-
-
Łukasz Nowak authored
mpm-graceful-shutdown-timeout is dropped, as it's historical leftover and never really useful in the caddy-frontend CDN usage context - stopping the server is the most rare situation, and any grace period is solved eventually outside of the running process (like redirecting traffic elsewhere before stopping).
-
Łukasz Nowak authored
It's based on phased out caddy-frontend, especially as next step is to drop Caddy software from the software release.
-
- 15 Dec, 2022 1 commit
-
-
Łukasz Nowak authored
This is a frontend used to provide information about various aspect of the master instance status, like rejected slaves, failed failsafe slave publication and maybe more.
-
- 19 Oct, 2022 1 commit
-
-
Łukasz Nowak authored
Running test as last makes no sense nowadays, as the site is fully prepared. Awaiting for each possible log of configured frontend is not worth the requirement, so make those tests as first ones, which simplifies running only them with reproducible effect. All tests which could be affected by that fact has been identified and changed.
-
- 27 Jul, 2022 1 commit
-
-
Łukasz Nowak authored
-
- 07 Mar, 2022 1 commit
-
-
Łukasz Nowak authored
Instead of trusting CSR id published by the node which tries to join the cluster add a tool which is able to compare exposed CSR with one in caucase and then decide to accept node in the cluster. This tool does what usual user would do, and it's logic implemented as a script leads to much simpler profiles. For sake of clean profiles csr_id has been removed, except when it's used for self joining of the user to the cluster.
-
- 15 Sep, 2020 1 commit
-
-
Łukasz Nowak authored
By using nginx it's possible to set it up to expose logs nicely with the real frontend. furl is used to rewrite URL from the frontend to add proper username and password information.
-
- 17 Jul, 2020 3 commits
-
-
Łukasz Nowak authored
By default do not offer authentication certificate, the switch authenticate-to-backend can be used on cluster or slave level to control this feature.
-
Łukasz Nowak authored
rsyslogd is used, as haproxy does not support writing log files by its own.
-
Łukasz Nowak authored
This is needed in order to provide future support for client certificates to the backend. Also it means that haproxy is used in all cases, with or without cache, and as a result the "cached" version of caddy is dropped. Let haproxy setup maxconn by itself, as it's wise enough. Also trust that it'll detect and use proper limits, instead enforcing them in the shell with ulimit trick (ulimit -n $(ulimit -Hn)). As empty server alias can impact the configuration, add proper test for checking it.
-
- 22 Jun, 2020 1 commit
-
-
Łukasz Nowak authored
-
- 02 Mar, 2020 2 commits
-
-
Łukasz Nowak authored
Instead of forcing to set monitor port in some cases, just generate them, so it's possible to correctly instantiate caddy-frontend on one partition scenario like in webrunner or tests.
-
Łukasz Nowak authored
-
- 20 Feb, 2020 1 commit
-
-
Łukasz Nowak authored
/reviewed-on nexedi/slapos!633
-
- 06 Nov, 2019 1 commit
-
-
Łukasz Nowak authored
It is not part of the tested system.
-
- 20 Jun, 2019 1 commit
-
-
Łukasz Nowak authored
Frontend operator shall have easy access to information about rejected slaves, possibly the best in the JSON file. Also the keys for the human readable information are slave's titles, not references. The information is published via hand crafted HTTPS endpoint. Note: The SSL certificate is generated manually. Existing caucase is special for KeDiFa, this is another step to move all generated certificates (or otherwise self-signed) to internal, full automatic caucase.
-
- 28 May, 2019 2 commits
-
-
Łukasz Nowak authored
Some arguments needs Caddy process restart, so implement it with hash-files and also inform the master partition requester about parameters which will result with process restart.
-
Łukasz Nowak authored
Kedifa partition was missing monitoring at all, so add it and monitor kedifa and exposer ip and port. Partition running caddy was missing monitoring for exposer, so add it.
-
- 23 Apr, 2019 1 commit
-
-
Łukasz Nowak authored
There is no need anymore to have two processes for normal and nginx slaves, as nginx ones are served by caddy anyway. Also inform the requester that type:eventsource is not implemented.
-
- 12 Apr, 2019 1 commit
-
-
Łukasz Nowak authored
Instead of fetching certificates on each slapos node instance use new kedifa-updater, which is a tool to asynchronously fetch certificates and has a hook to reload the server in case if new certificate is available. custom_ssl_directory is NOT BBB
-
- 26 Mar, 2019 1 commit
-
-
Thomas Gambier authored
-
- 13 Mar, 2019 1 commit
-
-
Łukasz Nowak authored
-
- 06 Mar, 2019 1 commit
-
-
Łukasz Nowak authored
-
- 14 Jan, 2019 1 commit
-
-
Łukasz Nowak authored
Since "stack/monitor: Add auto-restart on certificate-authority section" certificate authority is correctly exposed in supervisor with its hash.
-
- 13 Dec, 2018 1 commit
-
-
Łukasz Nowak authored
"software/caddy-frontend: auto-restart services on SR upgrade." begun implementation of automatic restart of services on SR upgrade, but not all services has been caught - 6tunnel was missing. /reviewed-on nexedi/slapos!473
-
- 26 Oct, 2018 1 commit
-
-
Guillaume Hervier authored
-
- 28 Jun, 2018 1 commit
-
-
Łukasz Nowak authored
Features: * forcediphttpsadapter for SNI * compatbile with apache-frontend SR * local server to test against * supervisor state checks * promise list checks * test data (to save/load textual assertions) * own root CA for HTTPs backend
-