diff --git a/component/caddy/gowork.cfg b/component/caddy/gowork.cfg index a6aa94769127bf44b0d9a3578ac86c5f0d2d2bb1..b23dfb95821d991686fa0da034806e7e345a93f8 100644 --- a/component/caddy/gowork.cfg +++ b/component/caddy/gowork.cfg @@ -10,4 +10,4 @@ depends_gitfetch = <= go-git-package go.importpath = github.com/mholt/caddy repository = https://lab.nexedi.com/nexedi/caddy.git -revision = nxd-v0.11.0-3-g12438f6cff8c15f307631151eb064cec579b7605 +revision = nxd-v0.11.1-5-gdd393ce3a67e6a773be87185528a00f2e0a9eb26 diff --git a/component/nginx/buildout.cfg b/component/nginx/buildout.cfg index 05c92def19a080f1591d03fd5d4c33eb23dbd159..05aafbe12b0c175fb871226bd6b1c61babf9bdfd 100644 --- a/component/nginx/buildout.cfg +++ b/component/nginx/buildout.cfg @@ -31,8 +31,8 @@ configure-options= --with-http_realip_module --with-mail --with-mail_ssl_module - --with-ld-opt="-L ${openssl:location}/lib -L ${pcre:location}/lib -L ${zlib:location}/lib -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib" - --with-cc-opt="-I ${openssl:location}/include -I ${pcre:location}/include -I ${zlib:location}/include" + --with-ld-opt="-L ${openssl-1.0:location}/lib -L ${pcre:location}/lib -L ${zlib:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib" + --with-cc-opt="-I ${openssl-1.0:location}/include -I ${pcre:location}/include -I ${zlib:location}/include" [nginx-dav-ext-module] recipe = hexagonit.recipe.download @@ -52,8 +52,8 @@ configure-options = --with-mail --with-mail_ssl_module --error-log-path=var/log/nginx.error.log - --with-ld-opt=" -L ${libexpat:location}/lib -L ${openssl:location}/lib -L ${pcre:location}/lib -L ${zlib:location}/lib -Wl,-rpath=${libexpat:location}/lib -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib" - --with-cc-opt="-I ${libexpat:location}/include -I ${openssl:location}/include -I ${pcre:location}/include -I ${zlib:location}/include" + --with-ld-opt=" -L ${libexpat:location}/lib -L ${openssl-1.0:location}/lib -L ${pcre:location}/lib -L ${zlib:location}/lib -Wl,-rpath=${libexpat:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib" + --with-cc-opt="-I ${libexpat:location}/include -I ${openssl-1.0:location}/include -I ${pcre:location}/include -I ${zlib:location}/include" --with-http_dav_module --add-module='${nginx-dav-ext-module:location}' @@ -79,8 +79,8 @@ strip-top-level-dir = true configure-options= --with-ipv6 --with-http_ssl_module - --with-ld-opt="-L ${zlib:location}/lib -L ${openssl:location}/lib -L ${pcre:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl:location}/lib" - --with-cc-opt="-I ${pcre:location}/include -I ${openssl:location}/include -I ${zlib:location}/include" + --with-ld-opt="-L ${zlib:location}/lib -L ${openssl-1.0:location}/lib -L ${pcre:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib" + --with-cc-opt="-I ${pcre:location}/include -I ${openssl-1.0:location}/include -I ${zlib:location}/include" --add-module=${hexaglobe-nginx-module:location}/sub_module # --add-module=${hexaglobe-nginx-module:location}/nginx-upstream-fair @@ -97,8 +97,8 @@ configure-options= --with-http_ssl_module --with-http_v2_module --with-http_gzip_static_module - --with-ld-opt="-L ${zlib:location}/lib -L ${openssl:location}/lib -L ${pcre:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl:location}/lib" - --with-cc-opt="-I ${pcre:location}/include -I ${openssl:location}/include -I ${zlib:location}/include" + --with-ld-opt="-L ${zlib:location}/lib -L ${openssl-1.0:location}/lib -L ${pcre:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib" + --with-cc-opt="-I ${pcre:location}/include -I ${openssl-1.0:location}/include -I ${zlib:location}/include" --add-module=${nginx-push-stream-module:location} [nginx-push-stream-output] diff --git a/component/nodejs/buildout.cfg b/component/nodejs/buildout.cfg index 075803a6ac9832b827315db80c5758a061960248..3d848200d1d49096ce3b11de449e4ec98309a188 100644 --- a/component/nodejs/buildout.cfg +++ b/component/nodejs/buildout.cfg @@ -35,15 +35,15 @@ recipe = slapos.recipe.cmmi url = https://nodejs.org/dist/${:version}/node-${:version}.tar.gz configure-options = --shared-openssl - --shared-openssl-includes=${openssl:location}/include - --shared-openssl-libpath=${openssl:location}/lib + --shared-openssl-includes=${openssl-1.0:location}/include + --shared-openssl-libpath=${openssl-1.0:location}/lib environment = HOME=${buildout:parts-directory}/${:_buildout_section_name_} PATH=${gcc:location}/bin:${pkgconfig:location}/bin:${python2.7:location}/bin/:%(PATH)s - PKG_CONFIG_PATH=${openssl:location}/lib/pkgconfig/ + PKG_CONFIG_PATH=${openssl-1.0:location}/lib/pkgconfig/ CPPFLAGS=-I${zlib:location}/include - LDFLAGS=-Wl,-rpath=${gcc:location}/lib -Wl,-rpath=${gcc:location}/lib64 -Wl,-rpath=${openssl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib - LD_LIBRARY_PATH=${openssl:location}/lib + LDFLAGS=-Wl,-rpath=${gcc:location}/lib -Wl,-rpath=${gcc:location}/lib64 -Wl,-rpath=${openssl-1.0:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib + LD_LIBRARY_PATH=${openssl-1.0:location}/lib [nodejs-8.6.0-output] # Shared binary location to ease migration diff --git a/component/openldap/buildout.cfg b/component/openldap/buildout.cfg index 8ac8b2569bb12ecc8c0edc0eb98cd0eb849eb1a2..2ed3f435d24081517d0016812532c18b76f50e73 100644 --- a/component/openldap/buildout.cfg +++ b/component/openldap/buildout.cfg @@ -24,6 +24,6 @@ configure-options = --with-tls=openssl environment = - CPPFLAGS=-I${openssl:location}/include -I${cyrus-sasl:location}/include - LDFLAGS=-L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib -L${cyrus-sasl:location}/lib -Wl,-rpath=${cyrus-sasl:location}/lib + CPPFLAGS=-I${openssl-1.0:location}/include -I${cyrus-sasl:location}/include + LDFLAGS=-L${openssl-1.0:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib -L${cyrus-sasl:location}/lib -Wl,-rpath=${cyrus-sasl:location}/lib PATH=${groff:location}/bin:%(PATH)s diff --git a/component/openssh/buildout.cfg b/component/openssh/buildout.cfg index 49557b0974d5b68cfc976060ed9c11e1b67e267b..0341fedcb2bc5e6b82201aac1403b155ae09f5a5 100644 --- a/component/openssh/buildout.cfg +++ b/component/openssh/buildout.cfg @@ -22,8 +22,8 @@ patch-binary = ${patch:location}/bin/patch patches = ${:_profile_base_location_}/no_create_privsep_path.patch#d5b61a2442fffa457cebe4ad1dc68f4e environment = - CPPFLAGS=-I${zlib:location}/include -I${openssl:location}/include - LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib + CPPFLAGS=-I${zlib:location}/include -I${openssl-1.0:location}/include + LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl-1.0:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib configure-options = --prefix=${buildout:parts-directory}/${:_buildout_section_name_} --exec-prefix=${buildout:parts-directory}/${:_buildout_section_name_} diff --git a/component/openssl/buildout.cfg b/component/openssl/buildout.cfg index 97b7ded72016d3d9ccb1c11da497615ac9ec1a07..cd40c6124051dec8c80a475954bb2c638c2ac296 100644 --- a/component/openssl/buildout.cfg +++ b/component/openssl/buildout.cfg @@ -17,6 +17,45 @@ parts = [openssl] recipe = slapos.recipe.cmmi shared = true +url = https://www.openssl.org/source/openssl-1.1.0j.tar.gz +md5sum = b4ca5b78ae6ae79da80790b30dbedbdc +location = @@LOCATION@@ +# 'prefix' option to override --openssldir/--prefix (which is useful +# when combined with INSTALL_PREFIX). Used by slapos.package.git/obs +prefix = ${:location} +certs = ${:location}/etc/ssl/certs +configure-command = ./config +configure-options = + --with-zlib-include=${zlib:location}/include + --with-zlib-lib=${zlib:location}/lib + --openssldir=${:prefix}/etc/ssl + --prefix=${:prefix} + --libdir=lib + shared no-idea no-mdc2 no-rc5 zlib + -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${:location}/lib + && make depend +make-options = + SHARED_LDFLAGS='-Wl,-rpath=${:location}/lib -Wl,-rpath=${zlib:location}/lib' +make-targets = + -j1 install_sw install_ssldirs && + rm -f ${:certs}/* && + for i in ${ca-certificates:location}/certs/*/*.crt; do + ln -sv $i ${:certs}/`${:location}/bin/openssl x509 -hash -noout -in $i`.0 + ; done +environment = + PERL=${perl:location}/bin/perl + +[openssl-output] +# Shared binary location to ease migration +recipe = plone.recipe.command +stop-on-error = true +update-command = ${:command} +command = ${coreutils-output:test} -x ${:openssl} +openssl = ${openssl:location}/bin/openssl + +[openssl-1.0] +recipe = slapos.recipe.cmmi +shared = true url = https://www.openssl.org/source/openssl-1.0.2p.tar.gz md5sum = ac5eb30bf5798aa14b1ae6d0e7da58df location = @@LOCATION@@ @@ -47,11 +86,3 @@ make-targets = ; done environment = PERL=${perl:location}/bin/perl - -[openssl-output] -# Shared binary location to ease migration -recipe = plone.recipe.command -stop-on-error = true -update-command = ${:command} -command = ${coreutils-output:test} -x ${:openssl} -openssl = ${openssl:location}/bin/openssl diff --git a/component/postfix/buildout.cfg b/component/postfix/buildout.cfg index e425a2d5f76448ee9ed16d70aa608bf9f640ac49..6bb5f4bceb9a65e11a7d6061fde31daac5338123 100644 --- a/component/postfix/buildout.cfg +++ b/component/postfix/buildout.cfg @@ -20,7 +20,7 @@ patches = ${:_profile_base_location_}/noroot.patch#738bcc97b8044c45b58708bdf3a84b8e ${:_profile_base_location_}/skip-libdb-check.patch#f7fdbd8787874b535fee548b0139c0d8 configure-command = make -configure-options = makefiles CCARGS='-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DUSE_TLS -DHAS_PCRE -DHAS_DB -I${libdb:location}/include -I${pcre:location}/include -I${openssl:location}/include -I${cyrus-sasl:location}/include/sasl' AUXLIBS='-L${openssl:location}/lib -L${pcre:location}/lib -L${libdb:location}/lib -L${cyrus-sasl:location}/lib -lssl -lpcre -ldb -lcrypto -lsasl2 -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${libdb:location}/lib -Wl,-rpath=${cyrus-sasl:location}/lib' +configure-options = makefiles CCARGS='-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DUSE_TLS -DHAS_PCRE -DHAS_DB -I${libdb:location}/include -I${pcre:location}/include -I${openssl-1.0:location}/include -I${cyrus-sasl:location}/include/sasl' AUXLIBS='-L${openssl-1.0:location}/lib -L${pcre:location}/lib -L${libdb:location}/lib -L${cyrus-sasl:location}/lib -lssl -lpcre -ldb -lcrypto -lsasl2 -Wl,-rpath=${openssl-1.0:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${libdb:location}/lib -Wl,-rpath=${cyrus-sasl:location}/lib' make-targets = non-interactive-package install_root=${:location} environment = PATH=${patch:location}/bin:%(PATH)s diff --git a/component/proftpd/buildout.cfg b/component/proftpd/buildout.cfg index bc3ab46e3a3a447547024369e48c23ba1e24c29b..41997cfe366caca2158f0f7d4f037292767f746b 100644 --- a/component/proftpd/buildout.cfg +++ b/component/proftpd/buildout.cfg @@ -24,6 +24,9 @@ recipe = collective.recipe.grp recipe = slapos.recipe.cmmi md5sum = 13270911c42aac842435f18205546a1b url = ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.6.tar.gz +# 1.3.6 is not compatible with openssl 1.1.x +# https://github.com/proftpd/proftpd/issues/674 +# (fix is in master, we are waiting for next release) configure-options = --enable-openssl --enable-nls @@ -36,8 +39,8 @@ environment = LDFLAGS=${:ldflags} install_user=${proftpd-environment:USER} install_group=${proftpd-grp:GROUP} -cppflags=-I${zlib:location}/include -I${openssl:location}/include -ldflags=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib +cppflags=-I${zlib:location}/include -I${openssl-1.0:location}/include +ldflags=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl-1.0:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib patch-binary = ${patch:location}/bin/patch patch-options = -p1 patches = diff --git a/component/quic_client-bin/buildout.cfg b/component/quic_client-bin/buildout.cfg new file mode 100644 index 0000000000000000000000000000000000000000..e357665f34cd18badecb245c472427ec5ff67e30 --- /dev/null +++ b/component/quic_client-bin/buildout.cfg @@ -0,0 +1,55 @@ +# Command line tool to test QUIC protocol +# This is compiled version provided by Lucas Clemente (thanks!), which +# drastically simplifies https://www.chromium.org/quic/playing-with-quic +# approach, which requires big chunks of Chromium compilation environment +[buildout] +extends = +# running + ../nss/buildout.cfg + ../nspr/buildout.cfg + ../glib/buildout.cfg + ../pcre/buildout.cfg + ../libffi/buildout.cfg + ../zlib/buildout.cfg + ../libuuid/buildout.cfg +# compilation + ../git/buildout.cfg + +parts = + quic_client-bin + +[quic_client-bin] +recipe = slapos.recipe.build +url = https://github.com/lucas-clemente/quic-clients/archive/557cb1f99f591614d474e182b50cfee9334e0ffd.zip +md5sum = e2c78f4f7fb6ed03f6eec25b5e54fed3 +slapos_promise = + file:quic_client + file:client-linux-debug +library = + ${nss:location}/lib + ${nspr:location}/lib + ${glib:location}/lib + ${pcre:location}/lib + ${libffi:location}/lib + ${zlib:location}/lib + ${libuuid:location}/lib +script = + import glob + location = %(location)r + self.failIfPathExists(location) + url = self.options['url'] + md5sum = self.options['md5sum'] + extract_dir = self.extract(self.download(url, md5sum)) + os.mkdir(location) + source_file = glob.glob(os.path.join(extract_dir, '*', 'client-linux-debug'))[0] + shutil.copy(source_file, location) + wrapper_path = os.path.join(location, 'quic_client') + with open(wrapper_path, 'w') as f: + f.write("""#!/bin/sh -e + export LD_LIBRARY_PATH={} + exec {}/client-linux-debug "$@" + """.format( + ':'.join(self.options['library'].split()), + location + )) + os.fchmod(f.fileno(), 0o755) diff --git a/component/serf/buildout.cfg b/component/serf/buildout.cfg index 440c1090d99a5e1cae76f40099154b31f88ce945..bfdb599cf2c1a52221ccd7721acbd10aaa50c4ba 100644 --- a/component/serf/buildout.cfg +++ b/component/serf/buildout.cfg @@ -15,7 +15,7 @@ md5sum = 4f8e76c9c6567aee1d66aba49f76a58b configure-options = --with-apr=${apache:location}/bin/apr-1-config --with-apr-util=${apache:location}/bin/apu-1-config - --with-openssl=${openssl:location} + --with-openssl=${openssl-1.0:location} environment = CFLAGS=-I${zlib:location}/include -I${libuuid:location}/include LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib diff --git a/component/shellinabox/buildout.cfg b/component/shellinabox/buildout.cfg index a8408dec18f00a81c0900397668cf91a2f501056..0f6ff83964fac7dd13eba186af7c48898df35620 100644 --- a/component/shellinabox/buildout.cfg +++ b/component/shellinabox/buildout.cfg @@ -5,7 +5,6 @@ extends = ../git/buildout.cfg ../libtool/buildout.cfg ../m4/buildout.cfg - ../openssl/buildout.cfg ../patch/buildout.cfg ../zlib/buildout.cfg @@ -24,9 +23,8 @@ path = ${shellinabox-git-repository:location} configure-command = ${libtool:location}/bin/libtoolize ${autoconf:location}/bin/autoreconf -vif - ./configure + ./configure --disable-ssl environment = PATH=${autoconf:location}/bin:${automake:location}/bin:${git:location}/bin:${libtool:location}/bin:${m4:location}/bin:%(PATH)s - CFLAGS = -I${zlib:location}/include -I${openssl:location}/include - LDFLAGS = -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib - PKG_CONFIG_PATH = ${openssl:location}/lib/pkgconfig/ + CFLAGS = -I${zlib:location}/include + LDFLAGS = -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib \ No newline at end of file diff --git a/component/stunnel/buildout.cfg b/component/stunnel/buildout.cfg index be96184890039f28ec092a56c4dd95617a4f969e..f0d234e08ff63bd9378ee81ca15b2fed6eccfba7 100644 --- a/component/stunnel/buildout.cfg +++ b/component/stunnel/buildout.cfg @@ -13,7 +13,7 @@ configure-options = --enable-ipv6 --disable-libwrap --disable-fips - --with-ssl=${openssl:location} + --with-ssl=${openssl-1.0:location} environment = CPPFLAGS=-I${zlib:location}/include - LDFLAGS=-Wl,-rpath=${openssl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib + LDFLAGS=-Wl,-rpath=${openssl-1.0:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib diff --git a/component/subversion/buildout.cfg b/component/subversion/buildout.cfg index f4dbbb8b73f14ae9cada87b592f5f6a7a5a00c4e..de99a1d47ac488522352c63a5a394ffae1833cf1 100644 --- a/component/subversion/buildout.cfg +++ b/component/subversion/buildout.cfg @@ -53,9 +53,9 @@ configure-options = make-targets = install -j1 environment = PATH=${patch:location}/bin:${perl:location}/bin:${pkgconfig:location}/bin:%(PATH)s - PKG_CONFIG_PATH=${apache:location}/lib/pkgconfig:${sqlite3:location}/lib/pkgconfig:${openssl:location}/lib/pkgconfig:${serf:location}/lib/pkgconfig + PKG_CONFIG_PATH=${apache:location}/lib/pkgconfig:${sqlite3:location}/lib/pkgconfig:${openssl-1.0:location}/lib/pkgconfig:${serf:location}/lib/pkgconfig CPPFLAGS=-I${libexpat:location}/include -I${libuuid:location}/include - LDFLAGS=-L${libexpat:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${apache:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib -Wl,-rpath=${openssl:location}/lib + LDFLAGS=-L${libexpat:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${apache:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib [subversion-1.9] recipe = hexagonit.recipe.cmmi @@ -95,6 +95,6 @@ make-targets = environment = PATH=${pkgconfig:location}/bin:${neon:location}/bin:%(PATH)s - PKG_CONFIG_PATH=${apache:location}/lib/pkgconfig:${sqlite3:location}/lib/pkgconfig:${openssl:location}/lib/pkgconfig:${neon:location}/lib/pkgconfig + PKG_CONFIG_PATH=${apache:location}/lib/pkgconfig:${sqlite3:location}/lib/pkgconfig:${openssl-1.0:location}/lib/pkgconfig:${neon:location}/lib/pkgconfig CPPFLAGS=-I${libexpat:location}/include -I${libuuid:location}/include - LDFLAGS=-L${libexpat:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${neon:location}/lib -Wl,-rpath=${apache:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib + LDFLAGS=-L${libexpat:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${neon:location}/lib -Wl,-rpath=${apache:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib diff --git a/component/trafficserver/buildout.cfg b/component/trafficserver/buildout.cfg index 16af337b4ccf999020aa15ffe53e69327f1f908a..0a1de518fc71d261c1a8e6c9dc832a5fe7a21f7a 100644 --- a/component/trafficserver/buildout.cfg +++ b/component/trafficserver/buildout.cfg @@ -19,7 +19,7 @@ recipe = slapos.recipe.cmmi url = http://apache.claz.org/trafficserver/trafficserver-4.2.3.tar.bz2 md5sum = 1d06a6e9063ceea3f19dbb84752ec710 configure-options = - --with-openssl=${openssl:location} + --with-openssl=${openssl-1.0:location} --with-xml=libxml2 --with-libxml2=${libxml2:location} --with-pcre=${pcre:location} @@ -32,7 +32,7 @@ configure-options = --enable-experimental-plugins environment = PATH=${libtool:location}/bin:${make:location}/bin:${perl:location}/bin:${pkgconfig:location}/bin:%(PATH)s - LDFLAGS =-L${libxml2:location}/lib -Wl,-rpath=${libxml2:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib -L${tcl:location}/lib -Wl,-rpath=${tcl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib + LDFLAGS =-L${libxml2:location}/lib -Wl,-rpath=${libxml2:location}/lib -L${openssl-1.0:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib -L${tcl:location}/lib -Wl,-rpath=${tcl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib make-target = check install diff --git a/software/caddy-frontend/TODO.rst b/software/caddy-frontend/TODO.rst index 4921eda4fe2bd3e2d998120ff5fa747bb8113386..7eacba7fa7a506f25d3824cfb6bff6b3027c5a8e 100644 --- a/software/caddy-frontend/TODO.rst +++ b/software/caddy-frontend/TODO.rst @@ -2,8 +2,6 @@ Generally things to be done with ``caddy-frontend``: * return warning on not implemented keys (from ``apache-frontend`` perspective) in master and slave request * tests: add assertion with results of promises in etc/promise for each partition - * tests: compare python objects where possible instead of instead of strings (eg. load ``rejected-slave-dict``) - * tests: swich to `cryptography <https://pypi.org/project/cryptography/>`_ for certificate management * README: cleanup the documentation, explain various specifics * check the whole frontend slave snippet with ``caddy -validate`` during buildout run, and reject if does not pass validation * ``apache-ca-certificate`` shall be merged with ``apache-certificate`` @@ -15,7 +13,6 @@ Generally things to be done with ``caddy-frontend``: * ``type:eventsource``: * **J茅rome Perrin**: *For event source, if I understand https://github.com/mholt/caddy/issues/1355 correctly, we could use caddy as a proxy in front of nginx-push-stream . If we have a "central shared" caddy instance, can it handle keeping connections opens for many clients ?* - * ``ssl_proxy_ca_crt`` for ``ssl_proxy_verify``, this is related to bug `#1550 <https://github.com/mholt/caddy/issues/1550>`_, proposed solution `just adding your CA to the system's trust store` * ``check-error-on-caddy-log`` like ``check-error-on-apache-log`` * cover test suite like resilient tests for KVM and prove it works the same way as Caddy * have ``caddy-frontend`` specific parameters, with backward compatibility to ``apache-frontend`` ones: diff --git a/software/caddy-frontend/buildout.hash.cfg b/software/caddy-frontend/buildout.hash.cfg index 6a4c108154614dfc7c220babb69ea6628547d1d0..909043f4e7ed526bb5d6527c8f94f4a7db69cbdc 100644 --- a/software/caddy-frontend/buildout.hash.cfg +++ b/software/caddy-frontend/buildout.hash.cfg @@ -22,7 +22,7 @@ md5sum = c801b7f9f11f0965677c22e6bbe9281b [template-apache-frontend] filename = instance-apache-frontend.cfg.in -md5sum = ab1795f92e32655d05c662c965d2b1f5 +md5sum = db61a7c0aadba180b7aec6056d2c0019 [template-apache-replicate] filename = instance-apache-replicate.cfg.in @@ -30,7 +30,7 @@ md5sum = 6a86edb96b171fbd0a59d0adc9cc906b [template-slave-list] filename = templates/apache-custom-slave-list.cfg.in -md5sum = b30bcd11c545d86c30d05db9cecb4f80 +md5sum = 434e00cbfee2f9c002b2a83084a48b4a [template-slave-configuration] filename = templates/custom-virtualhost.conf.in @@ -42,11 +42,7 @@ md5sum = 01efde8febafcff6dde2ebb43e75a9e4 [template-caddy-frontend-configuration] filename = templates/Caddyfile.in -md5sum = 7c987ad75fcce6f5b925c7696ff41971 - -[template-custom-slave-list] -filename = templates/apache-custom-slave-list.cfg.in -md5sum = b30bcd11c545d86c30d05db9cecb4f80 +md5sum = 0134a1586f15cd5665069d6d81a505be [caddy-backend-url-validator] filename = templates/caddy-backend-url-validator.in @@ -62,15 +58,15 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b [template-default-slave-virtualhost] filename = templates/default-virtualhost.conf.in -md5sum = 73bc8abae6aadc3ce55662c3d821b363 +md5sum = b7879a40ed7f8a49b764c82e7283811f [template-cached-slave-virtualhost] filename = templates/cached-virtualhost.conf.in -md5sum = 7cbcadc295860821ac9d3aaa3cca72c5 +md5sum = c64f8ac7ec439460877ce5a5c5ccf1f7 [template-log-access] filename = templates/template-log-access.conf.in -md5sum = f2a74f88c7248f199011fa9ec6182f73 +md5sum = 122b05829ecc4c0ad4e47e7d1c21166b [template-empty] filename = templates/empty.in @@ -104,9 +100,13 @@ md5sum = 2b765db72191197122554df17ad471d1 filename = templates/apache-lazy-script-call.sh.in md5sum = ebe5d3d19923eb812a40019cb11276d8 -[template-caddy-graceful-script] -filename = templates/caddy-graceful-script.sh.in -md5sum = 455f8765a3afd39fb78562fb9e326c42 +[template-graceful-script] +filename = templates/graceful-script.sh.in +md5sum = 31dd34de4c40a1d814bcbef482c757cc + +[template-validate-script] +filename = templates/validate-script.sh.in +md5sum = 4c80ba3727c397f8d5b12cf1888cf959 [caddyprofiledeps-setup] filename = setup.py diff --git a/software/caddy-frontend/common.cfg b/software/caddy-frontend/common.cfg index 0688a6af025455b65310b4cac0f0192245b5d951..3a12703a755affc4331ce0782eada5801cf17389 100644 --- a/software/caddy-frontend/common.cfg +++ b/software/caddy-frontend/common.cfg @@ -88,11 +88,13 @@ gzip = ${gzip:location} logrotate = ${logrotate:location} openssl = ${openssl:location} trafficserver = ${trafficserver:location} +sha256sum = ${coreutils:location}/bin/sha256sum monitor_template = ${monitor-template:output} template_cached_slave_virtualhost = ${template-cached-slave-virtualhost:target} template_caddy_frontend_configuration = ${template-caddy-frontend-configuration:target} -template_caddy_graceful_script = ${template-caddy-graceful-script:target} +template_graceful_script = ${template-graceful-script:target} +template_validate_script = ${template-validate-script:target} template_caddy_lazy_script_call = ${template-caddy-lazy-script-call:target} template_default_slave_virtualhost = ${template-default-slave-virtualhost:target} template_empty = ${template-empty:target} @@ -172,10 +174,6 @@ filename = replicate-publish-slave-information.cfg.in <=download-template filename = Caddyfile.in -[template-custom-slave-list] -<=download-template -filename = caddy-default-slave-list.cfg.in - [template-not-found-html] <=download-template filename = notfound.html @@ -223,9 +221,13 @@ mode = 0644 <=download-template filename = apache-lazy-script-call.sh.in -[template-caddy-graceful-script] +[template-graceful-script] +<=download-template +filename = graceful-script.sh.in + +[template-validate-script] <=download-template -filename = caddy-graceful-script.sh.in +filename = validate-script.sh.in [template-nginx-eventsource-slave-virtualhost] <=download-template diff --git a/software/caddy-frontend/instance-apache-frontend.cfg.in b/software/caddy-frontend/instance-apache-frontend.cfg.in index 4a613d70c3f298e7186c4c6a3ea037df71b8b5e1..a8104e9b72df8ff23ec4f2f7336ac984c557faf7 100644 --- a/software/caddy-frontend/instance-apache-frontend.cfg.in +++ b/software/caddy-frontend/instance-apache-frontend.cfg.in @@ -86,6 +86,9 @@ ca-dir = ${:srv}/ssl varnginx = ${:var}/nginx +frontend_cluster = ${:var}/frontend_cluster +nginx_cluster = ${:var}/nginx_cluster + [switch-caddy-softwaretype] recipe = slapos.cookbook:softwaretype single-default = ${dynamic-custom-personal-template-slave-list:rendered} @@ -94,10 +97,36 @@ single-custom-personal = ${dynamic-custom-personal-template-slave-list:rendered} [frontend-configuration] template-log-access = {{ parameter_dict['template_log_access'] }} log-access-configuration = ${directory:etc}/log-access.conf +ip-access-certificate = ${self-signed-ip-access:certificate} +ip-access-key = ${self-signed-ip-access:key} caddy-directory = {{ parameter_dict['caddy_location'] }} caddy-ipv6 = {{ instance_parameter['ipv6-random'] }} caddy-https-port = ${configuration:port} +[self-signed-ip-access] +# Self Signed certificate for HTTPS IP accesses to the frontend +recipe = plone.recipe.command +update-command = ${:command} +ipv6 = ${slap-network-information:global-ipv6} +ipv4 = {{instance_parameter['ipv4-random']}} +key = ${caddy-directory:vh-ssl}/ip-access-${:ipv6}-${:ipv4}.key +certificate = ${caddy-directory:vh-ssl}/ip-access-${:ipv6}-${:ipv4}.crt +stop-on-error = True +command = + [ -f ${:key} ] && [ -f ${:certificate} ] && exit 0 + rm -f ${:key} ${:certificate} + /bin/bash -c ' \ + {{ parameter_dict['openssl'] }}/bin/openssl req \ + -new -newkey rsa:2048 -sha256 \ + -nodes -x509 -days 36500 \ + -keyout ${:key} \ + -subj "/CN=Self Signed IP Access" \ + -reqexts SAN \ + -extensions SAN \ + -config <(cat {{ parameter_dict['openssl'] }}/etc/ssl/openssl.cnf \ + <(printf "\n[SAN]\nsubjectAltName=IP:${:ipv6},IP:${:ipv4}")) \ + -out ${:certificate}' + [jinja2-template-base] recipe = slapos.recipe.template:jinja2 rendered = ${buildout:directory}/${:filename} @@ -224,9 +253,11 @@ extra-context = [caddy-wrapper] recipe = slapos.cookbook:wrapper +environment = + CADDYPATH=${directory:frontend_cluster} command-line = {{ parameter_dict['caddy'] }} -conf ${dynamic-caddy-frontend-template:rendered} - -log ${caddy-configuration:error-log} + -log stdout -http2=true {% if instance_parameter['configuration.enable-quic'].lower() in TRUE_VALUES %} -quic @@ -267,7 +298,7 @@ frontend-configuration = ${directory:etc}/Caddyfile access-log = ${directory:log}/frontend-access.log error-log = ${directory:log}/frontend-error.log pid-file = ${directory:run}/httpd.pid -frontend-configuration-verification = ${caddy-wrapper:wrapper-path} -validate > /dev/null +frontend-configuration-verification = ${frontend-caddy-validate:rendered} frontend-graceful-command = ${:frontend-configuration-verification}; if [ $? -eq 0 ]; then kill -USR1 $(cat ${:pid-file}); fi not-found-file = ${caddy-directory:document-root}/notfound.html # Communication with ATS @@ -277,7 +308,7 @@ ssl-cache-through-port = 26012 [configtest] recipe = slapos.cookbook:wrapper -command-line = ${caddy-wrapper:wrapper-path} -validate +command-line = ${frontend-caddy-validate:rendered} wrapper-path = ${directory:bin}/caddy-configtest [certificate-authority] @@ -501,24 +532,59 @@ mode = 700 ### End of ATS sections ### Caddy Graceful and promises -[frontend-caddy-graceful-bin] +[frontend-caddy-graceful] < = jinja2-template-base -template = {{ parameter_dict['template_wrapper'] }} -rendered = ${directory:bin}/frontend-caddy-safe-graceful +template = {{ parameter_dict['template_graceful_script'] }} +rendered = ${directory:etc-run}/frontend-caddy-safe-graceful mode = 0700 +path_list = ${caddy-configuration:frontend-configuration} ${frontend-configuration:log-access-configuration} ${caddy-directory:slave-configuration}/*.conf ${caddy-directory:slave-with-cache-configuration}/*.conf ${caddy-directory:vh-ssl}/*.key ${caddy-directory:vh-ssl}/*.crt ${caddy-directory:vh-ssl}/*.proxy_ca_crt +sha256sum = {{ parameter_dict['sha256sum'] }} +signature_file = ${directory:run}/caddy_graceful_signature extra-context = - key content caddy-configuration:frontend-graceful-command + key graceful_reload_command caddy-configuration:frontend-graceful-command + key path_list :path_list + key sha256sum :sha256sum + key signature_file :signature_file -[frontend-caddy-graceful] +[frontend-nginx-graceful] < = jinja2-template-base -template = {{ parameter_dict['template_caddy_graceful_script'] }} -rendered = ${directory:etc-run}/frontend-caddy-safe-graceful +template = {{ parameter_dict['template_graceful_script'] }} +rendered = ${directory:etc-run}/frontend-nginx-safe-graceful +mode = 0700 +path_list = ${dynamic-nginx-frontend-template:rendered} ${caddy-directory:nginx-slave-configuration}/*.conf +sha256sum = {{ parameter_dict['sha256sum'] }} +signature_file = ${directory:run}/nginx_graceful_signature +extra-context = + key graceful_reload_command nginx-configuration:nginx-graceful-command + key path_list :path_list + key sha256sum :sha256sum + key signature_file :signature_file + +[frontend-caddy-validate] +< = jinja2-template-base +template = {{ parameter_dict['template_validate_script'] }} +rendered = ${directory:bin}/frontend-caddy-validate +mode = 0700 +sha256sum = {{ parameter_dict['sha256sum'] }} +signature_file = ${directory:run}/caddy_validate_signature +extra-context = + key wrapper caddy-wrapper:wrapper-path + key path_list frontend-caddy-graceful:path_list + key sha256sum :sha256sum + key signature_file :signature_file + +[frontend-nginx-validate] +< = jinja2-template-base +template = {{ parameter_dict['template_validate_script'] }} +rendered = ${directory:bin}/frontend-nginx-validate mode = 0700 +sha256sum = {{ parameter_dict['sha256sum'] }} +signature_file = ${directory:run}/nginx_validate_signature extra-context = - key directory_run directory:run - key directory_etc directory:etc - key directory_bin directory:bin - key caddy_graceful_reload_command caddy-configuration:frontend-graceful-command + key wrapper nginx-wrapper:wrapper-path + key path_list frontend-nginx-graceful:path_list + key sha256sum :sha256sum + key signature_file :signature_file [frontend-caddy-lazy-graceful] < = jinja2-template-base @@ -534,12 +600,9 @@ extra-context = # Promises checking configuration: [promise-frontend-caddy-configuration] -< = jinja2-template-base -template = {{ parameter_dict['template_wrapper'] }} -rendered = ${directory:promise}/frontend-caddy-configuration-promise -mode = 0700 -extra-context = - key content caddy-configuration:frontend-configuration-verification +recipe = slapos.cookbook:wrapper +command-line = ${caddy-configuration:frontend-configuration-verification} +wrapper-path = ${directory:promise}/frontend-caddy-configuration-promise [promise-caddy-frontend-v4-https] recipe = slapos.cookbook:check_port_listening @@ -648,9 +711,11 @@ curl_path = {{ parameter_dict['curl'] }}/bin/curl # [nginx-wrapper] recipe = slapos.cookbook:wrapper +environment = + CADDYPATH=${directory:nginx_cluster} command-line = {{ parameter_dict['caddy'] }} -conf ${dynamic-nginx-frontend-template:rendered} - -log ${nginx-configuration:error_log} + -log stdout -http2=true -grace {{ instance_parameter['configuration.mpm-graceful-shutdown-timeout'] }}s -disable-http-challenge @@ -690,26 +755,15 @@ worker_processes = 4 worker_connections = 1024 slave-configuration-directory = ${caddy-directory:nginx-slave-configuration} pid-file = ${directory:run}/nginx.pid -nginx-graceful-command = ${:nginx-configuration-verification}; if [ $? -eq 0 ]; then kill -HUP $(cat ${:pid-file}); fi -nginx-configuration-verification = ${nginx-wrapper:wrapper-path} -validate +nginx-graceful-command = ${:nginx-configuration-verification}; if [ $? -eq 0 ]; then kill -USR1 $(cat ${:pid-file}); fi +nginx-configuration-verification = ${frontend-nginx-validate:rendered} ssl_certificate = ${ca-frontend:cert-file} ssl_key = ${ca-frontend:key-file} -[frontend-nginx-graceful] -< = jinja2-template-base -template = {{ parameter_dict['template_wrapper'] }} -rendered = ${directory:etc-run}/frontend-nginx-safe-graceful -mode = 0700 -extra-context = - key content nginx-configuration:nginx-graceful-command - [promise-nginx-configuration] -< = jinja2-template-base -template = {{ parameter_dict['template_wrapper'] }} -rendered = ${directory:promise}/nginx-configuration-promise -mode = 0700 -extra-context = - key content nginx-configuration:nginx-configuration-verification +recipe = slapos.cookbook:wrapper +command-line = ${nginx-configuration:nginx-configuration-verification} +wrapper-path = ${directory:promise}/nginx-configuration-promise [promise-nginx-frontend-v4-https] recipe = slapos.cookbook:check_port_listening diff --git a/software/caddy-frontend/instance-slave-caddy-input-schema.json b/software/caddy-frontend/instance-slave-caddy-input-schema.json index 20196810c79ae3d7ace06972e2d505fe4fdad49c..fb91b6fbb2c9edabf2ee923429dc5bead70760a7 100644 --- a/software/caddy-frontend/instance-slave-caddy-input-schema.json +++ b/software/caddy-frontend/instance-slave-caddy-input-schema.json @@ -131,12 +131,12 @@ }, "ssl-proxy-verify": { "default": "false", - "description": "[NOT Implemented] If set to true, Backend SSL Certificates will be checked and frontend will refuse to proxy if certificate is invalid", + "description": "If set to true, Backend SSL Certificates will be checked and frontend will refuse to proxy if certificate is invalid", "enum": [ "false", "true" ], - "title": "[NOT Implemented] Verify Backend Certificates", + "title": "Verify Backend Certificates", "type": "string" }, "ssl_ca_crt": { @@ -162,8 +162,8 @@ }, "ssl_proxy_ca_crt": { "default": "", - "description": "[NOT Implemented] Content of the SSL Certificate Authority file of the backend (to be used with ssl-proxy-verify)", - "title": "[NOT Implemented] SSL Backend Authority's Certificate", + "description": "Content of the SSL Certificate Authority file of the backend (to be used with ssl-proxy-verify)", + "title": "SSL Backend Authority's Certificate", "type": "string" }, "type": { diff --git a/software/caddy-frontend/instance-slave-output-schema.json b/software/caddy-frontend/instance-slave-output-schema.json index d77c3f3a895932afe92fcc7114b540999b40e3ab..17689abd96948c400df917f94b8e56bcb9c756ff 100644 --- a/software/caddy-frontend/instance-slave-output-schema.json +++ b/software/caddy-frontend/instance-slave-output-schema.json @@ -32,7 +32,7 @@ }, "request-error-list": { "description": "In case if slave has been rejected by master or has error in the request, the list contains information about each problem", - "type": "string" + "type": "array" } }, "type": "object" diff --git a/software/caddy-frontend/templates/Caddyfile.in b/software/caddy-frontend/templates/Caddyfile.in index c4ce0e268ee7d91c4c6b21a93e6b648424296d85..47dfaf613776528bee1f89e9e1d835326b92d46b 100644 --- a/software/caddy-frontend/templates/Caddyfile.in +++ b/software/caddy-frontend/templates/Caddyfile.in @@ -30,7 +30,7 @@ import {{ slave_with_cache_configuration_directory }}/*.conf # Access to server-status Caddy-style https://[{{ global_ipv6 }}]:{{ https_port }}/server-status, https://{{ local_ipv4 }}:{{ https_port }}/server-status { - tls {{ login_certificate }} {{ login_key }} + tls {{ frontend_configuration['ip-access-certificate'] }} {{ frontend_configuration['ip-access-key'] }} # Compress the output gzip bind {{ local_ipv4 }} diff --git a/software/caddy-frontend/templates/apache-custom-slave-list.cfg.in b/software/caddy-frontend/templates/apache-custom-slave-list.cfg.in index f92357d7ec0e7d22482bee97700e85ec8dfe55e8..061fed7374f9a380d2f791dae47d5a72c64612a8 100644 --- a/software/caddy-frontend/templates/apache-custom-slave-list.cfg.in +++ b/software/caddy-frontend/templates/apache-custom-slave-list.cfg.in @@ -379,8 +379,8 @@ local_ipv4 = {{ dumps(local_ipv4) }} global_ipv6 = {{ dumps(global_ipv6) }} https_port = {{ dumps(https_port) }} http_port = {{ dumps(http_port) }} -login_certificate = {{ dumps(login_certificate) }} -login_key = {{ dumps(login_key) }} +ip_access_certificate = {{ frontend_configuration.get('ip-access-certificate') }} +ip_access_key = {{ frontend_configuration.get('ip-access-key') }} access_log = {{ dumps(access_log) }} error_log = {{ dumps(error_log) }} not_found_file = {{ dumps(not_found_file) }} @@ -394,6 +394,7 @@ extra-context = section slave_password slave-password section parameter_dict caddy-log-access-parameters + {# Publish information for the instance #} [publish-caddy-information] recipe = slapos.cookbook:publish.serialised diff --git a/software/caddy-frontend/templates/cached-virtualhost.conf.in b/software/caddy-frontend/templates/cached-virtualhost.conf.in index fe18938e992739fc48745245409e14da859115ca..0cf8f6459f258762d3351310d6d4f7b322f7100d 100644 --- a/software/caddy-frontend/templates/cached-virtualhost.conf.in +++ b/software/caddy-frontend/templates/cached-virtualhost.conf.in @@ -19,9 +19,6 @@ bind {{ slave_parameter['local_ipv4'] }} # Compress the output gzip -{%- if ssl_proxy_verify and 'ssl_proxy_ca_crt' in slave_parameter %} - status 501 / -{%- endif %} # Rewrite part proxy / {{ slave_parameter.get('backend_url', '') }} { # As backend is trusting REMOTE_USER header unset it always @@ -30,7 +27,8 @@ transparent timeout 600s {%- if ssl_proxy_verify %} -{%- if 'ssl_proxy_ca_crt' in slave_parameter %} +{%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %} + ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }} {%- endif %} {%- else %} insecure_skip_verify @@ -43,16 +41,14 @@ bind {{ slave_parameter['local_ipv4'] }} # Compress the output gzip -{%- if ssl_proxy_verify and 'ssl_proxy_ca_crt' in slave_parameter %} - status 501 / -{%- endif %} proxy / {{ slave_parameter.get('https_backend_url', '') }} { # As backend is trusting REMOTE_USER header unset it always header_upstream -REMOTE_USER transparent timeout 600s {%- if ssl_proxy_verify %} -{%- if 'ssl_proxy_ca_crt' in slave_parameter %} +{%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %} + ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }} {%- endif %} {%- else %} insecure_skip_verify diff --git a/software/caddy-frontend/templates/caddy-graceful-script.sh.in b/software/caddy-frontend/templates/caddy-graceful-script.sh.in deleted file mode 100644 index fb686da00cf27080c315bedea7bc29c511377fc8..0000000000000000000000000000000000000000 --- a/software/caddy-frontend/templates/caddy-graceful-script.sh.in +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/sh - -RUN_DIR={{ directory_run }} -ETC_DIR={{ directory_etc }} -BIN_DIR={{ directory_bin }} - -CADDY_SIGNATURE_FILE=$RUN_DIR/caddy_configuration.signature -NCADDY_SIGNATURE_FILE=$RUN_DIR/ncaddy_configuration.signature - -touch $CADDY_SIGNATURE_FILE -sha256sum $ETC_DIR/Caddyfile $ETC_DIR/log-access.conf $ETC_DIR/caddy-*.d/*.conf $ETC_DIR/caddy-*.d/ssl/*.*key $ETC_DIR/caddy-*.d/ssl/*.*crt* | sort -k 66 > $NCADDY_SIGNATURE_FILE - -# If no diff, no restart for now -if diff "$CADDY_SIGNATURE_FILE" "$NCADDY_SIGNATURE_FILE"; then - echo "Nothing Changed, so nothing to reload" - exit 0 -fi -echo "Reloading caddy.." - -{{ caddy_graceful_reload_command }} - -mv "$NCADDY_SIGNATURE_FILE" "$CADDY_SIGNATURE_FILE" diff --git a/software/caddy-frontend/templates/default-virtualhost.conf.in b/software/caddy-frontend/templates/default-virtualhost.conf.in index 7b515fea89ae1190a0df9cd692f86cd3305dbf9d..c1f1f6b9f11516ac26398fc14cdc565093ab7a5f 100644 --- a/software/caddy-frontend/templates/default-virtualhost.conf.in +++ b/software/caddy-frontend/templates/default-virtualhost.conf.in @@ -30,9 +30,6 @@ bind {{ slave_parameter['local_ipv4'] }} # Compress the output gzip -{%- if ssl_proxy_verify and 'ssl_proxy_ca_crt' in slave_parameter %} - status 501 / -{%- endif %} {#- if ssl_proxy_verify and 'ssl_proxy_ca_crt' in slave_parameter #} tls {{ slave_parameter.get('path_to_ssl_crt', slave_parameter.get('login_certificate')) }} {{ slave_parameter.get('path_to_ssl_key', slave_parameter.get('login_key')) }} { {%- if enable_h2 %} # Allow HTTP2 @@ -79,8 +76,9 @@ transparent timeout 600s {%- if ssl_proxy_verify %} -{%- if 'ssl_proxy_ca_crt' in slave_parameter %} -{%- endif %} {#- if 'ssl_proxy_ca_crt' in slave_parameter #} +{%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %} + ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }} +{%- endif %} {#- if 'path_to_ssl_proxy_ca_crt' in slave_parameter #} {%- else %} {#- if ssl_proxy_verify #} insecure_skip_verify {%- endif %} {#- if ssl_proxy_verify #} @@ -136,8 +134,9 @@ transparent timeout 600s {%- if ssl_proxy_verify %} -{%- if 'ssl_proxy_ca_crt' in slave_parameter %} -{%- endif %} {#- if 'ssl_proxy_ca_crt' in slave_parameter #} +{%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %} + ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }} +{%- endif %} {#- if 'path_to_ssl_proxy_ca_crt' in slave_parameter #} {%- else %} {#- if ssl_proxy_verify #} insecure_skip_verify {%- endif %} {#- if ssl_proxy_verify #} @@ -152,9 +151,6 @@ bind {{ slave_parameter['local_ipv4'] }} # Compress the output gzip -{%- if ssl_proxy_verify and 'ssl_proxy_ca_crt' in slave_parameter %} - status 501 / -{%- endif %} {#- if ssl_proxy_verify and 'ssl_proxy_ca_crt' in slave_parameter #} log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" errors {{ slave_parameter.get('error_log') }} @@ -201,8 +197,9 @@ transparent timeout 600s {%- if ssl_proxy_verify %} -{%- if 'ssl_proxy_ca_crt' in slave_parameter %} -{%- endif %} {#- if 'ssl_proxy_ca_crt' in slave_parameter #} +{%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %} + ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }} +{%- endif %} {#- if 'path_to_ssl_proxy_ca_crt' in slave_parameter #} {%- else %} {#- if ssl_proxy_verify #} insecure_skip_verify {%- endif %} {#- if ssl_proxy_verify #} @@ -252,8 +249,9 @@ transparent timeout 600s {%- if ssl_proxy_verify %} -{%- if 'ssl_proxy_ca_crt' in slave_parameter %} -{%- endif %} {#- if 'ssl_proxy_ca_crt' in slave_parameter #} +{%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %} + ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }} +{%- endif %} {#- if 'path_to_ssl_proxy_ca_crt' in slave_parameter #} {%- else %} {#- if ssl_proxy_verify #} insecure_skip_verify {%- endif %} {#- if ssl_proxy_verify #} diff --git a/software/caddy-frontend/templates/graceful-script.sh.in b/software/caddy-frontend/templates/graceful-script.sh.in new file mode 100644 index 0000000000000000000000000000000000000000..ced355c38d34dba9f8a9281f965acb4ad8f18e13 --- /dev/null +++ b/software/caddy-frontend/templates/graceful-script.sh.in @@ -0,0 +1,18 @@ +#!/bin/sh + +SIGNATURE_FILE={{ signature_file }} +NSIGNATURE_FILE={{ signature_file }}.tmp + +touch $SIGNATURE_FILE +{{ sha256sum }} {{ path_list }} | sort -k 66 > $NSIGNATURE_FILE + +# If no diff, no restart for now +if diff "$SIGNATURE_FILE" "$NSIGNATURE_FILE" > /dev/null ; then + echo "Nothing changed, so nothing to reload" + exit 0 +fi +echo "Reloading.." + +{{ graceful_reload_command }} + +mv "$NSIGNATURE_FILE" "$SIGNATURE_FILE" diff --git a/software/caddy-frontend/templates/template-log-access.conf.in b/software/caddy-frontend/templates/template-log-access.conf.in index 18864d48e77c2b4a3be8194dd73636a2fb303519..955b239ae5591d167ea03ba5934a3e083d2cc1ce 100644 --- a/software/caddy-frontend/templates/template-log-access.conf.in +++ b/software/caddy-frontend/templates/template-log-access.conf.in @@ -3,7 +3,7 @@ https://[{{ parameter_dict['global_ipv6'] }}]:{{ parameter_dict['https_port'] }} bind {{ parameter_dict['local_ipv4'] }} root {{ directory }}/ browse - tls {{ parameter_dict['login_certificate'] }} {{ parameter_dict['login_key'] }} + tls {{ parameter_dict['ip_access_certificate'] }} {{ parameter_dict['ip_access_key'] }} basicauth "{{ slave }}" {{ slave_password[slave] | trim }} { "Log Access {{ slave }}" / diff --git a/software/caddy-frontend/templates/validate-script.sh.in b/software/caddy-frontend/templates/validate-script.sh.in new file mode 100644 index 0000000000000000000000000000000000000000..3422d6832ece03fe56ab1666c31deba985e63952 --- /dev/null +++ b/software/caddy-frontend/templates/validate-script.sh.in @@ -0,0 +1,22 @@ +#!/bin/sh + +set -e + +SIGNATURE_FILE={{ signature_file }} +NSIGNATURE_FILE={{ signature_file }}.tmp +SIGNATURE_STATUS={{ signature_file }}.status + +touch $SIGNATURE_FILE +{{ sha256sum }} {{ path_list }} | sort -k 66 > $NSIGNATURE_FILE + +if diff "$SIGNATURE_FILE" "$NSIGNATURE_FILE" > /dev/null; then + rm -f "$NSIGNATURE_FILE" +else + mv "$NSIGNATURE_FILE" "$SIGNATURE_FILE" + # do not catch errors during validation + set +e + {{ wrapper }} -validate + echo $? > $SIGNATURE_STATUS + set -e +fi +exit `cat $SIGNATURE_STATUS` diff --git a/software/caddy-frontend/test/CA.wildcard.example.com.crt b/software/caddy-frontend/test/CA.wildcard.example.com.crt deleted file mode 100644 index 6fdddf84fc316e571906bb35f6886c6de24ac11a..0000000000000000000000000000000000000000 --- a/software/caddy-frontend/test/CA.wildcard.example.com.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDETCCAfkCCQDaYBkI56KXrjANBgkqhkiG9w0BAQsFADA4MQswCQYDVQQGEwJY -WDEOMAwGA1UECAwFU3RhdGUxGTAXBgNVBAoMEFdpbGRjYXJkIFJvb3QgQ0EwHhcN -MTgxMTIxMTAwMzM4WhcNMjgxMTE4MTAwMzM4WjBdMQswCQYDVQQGEwJBVTETMBEG -A1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkg -THRkMRYwFAYDVQQDDA0qLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC -AQ8AMIIBCgKCAQEA1A+TzPOPC3qPLq3KfmFpoa6Iubh1OhNFfH7fvCJQ1czTcFLe -npG4uTjXwcoHbPb6CWq5hfUSY/ucI6mW93gsoW5vsbPFmUFe96fA6uJV17j2IppM -vNHhcNxNbKxpGnStNO5HTW7q1Qk2yvcx4cL/bPCEaNFwBK1O+NeNz0ZDW8dGifYU -aVj+qpVlvTi//j8P4FOwSVYvXdMqGH5WaaTquJPVEGg+704tzUxDbCUXrbCVzFgM -d69sQg0sJQ9MddrsWkQSgcE7cffdC1JdGHCJ/B87iO3pjH2VjFth8EFMcQCn8V8e -Nz0OpkcsZXuFg3L/3EtMV3ZXSlT6GDxaEcNuvQIDAQABMA0GCSqGSIb3DQEBCwUA -A4IBAQB4mIEwylSudRONRRMgHDkhMlb8/O2MERYrBmsqatg3eU6/LYZAk/okUI6p -aBkQ3GnUmA+gQnkhk4hffRk7NqtMq3r5MEcWunu61i45sXnsQh9myHEAeGfDw3wz -2rkdXAY2jNeQhTBEsErgwKuN86BTFML9cNg2gTKLBbNC1rSJjoMqcKHxrAcsUBip -bXDQMmNIQkzsc3ml6+17/qfu8+mTZ7J5kEkSbbwRD690LiR6Ltua22GAvuddt53S -ieyOVVxCDlItquuGfuQ3ay8zlyQjYmoPI5AXE5Wv9W4mF7agc+SYe3myL3xlRbC+ -RD/fQtvjbf/bt9lkgs9DQoITaYvc ------END CERTIFICATE----- diff --git a/software/caddy-frontend/test/CA.wildcard.example.com.key b/software/caddy-frontend/test/CA.wildcard.example.com.key deleted file mode 100644 index 705094402cb79bb690cdec4d271c34ec6e2f286b..0000000000000000000000000000000000000000 --- a/software/caddy-frontend/test/CA.wildcard.example.com.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEA1A+TzPOPC3qPLq3KfmFpoa6Iubh1OhNFfH7fvCJQ1czTcFLe -npG4uTjXwcoHbPb6CWq5hfUSY/ucI6mW93gsoW5vsbPFmUFe96fA6uJV17j2IppM -vNHhcNxNbKxpGnStNO5HTW7q1Qk2yvcx4cL/bPCEaNFwBK1O+NeNz0ZDW8dGifYU -aVj+qpVlvTi//j8P4FOwSVYvXdMqGH5WaaTquJPVEGg+704tzUxDbCUXrbCVzFgM -d69sQg0sJQ9MddrsWkQSgcE7cffdC1JdGHCJ/B87iO3pjH2VjFth8EFMcQCn8V8e -Nz0OpkcsZXuFg3L/3EtMV3ZXSlT6GDxaEcNuvQIDAQABAoIBAQCWdkcEUHvaRSd6 -k0ztxuhQE6pnO/3RKwNOhibxMdfxGtebBvF1yScsJKzRjysdoU9fhx4DchOOZWQv -2ZCIHfhswhL2HvvA9aUQSzKSde06lr3tZ1WzU6eFkIpO5TXd05Nhzv9AbcapSVRb -RnFaIiVhgnYweQnmB6HU5fx0aQI6BytP34t3rEZqdy+eYqtq1ZgYC7iXQJct08Sy -0syR5boW2fKZZin78I+uOWfhD3uUDz7SnetwIEWuaJ/oYXv2YFqm+68XRSo4yi2G -FlF3CgwecJCaHyEhxMQojlgM61EvEZ0v1FvoMyyQiNmWVSAtbd6BAD5YrdUzk1QO -mzr3LuTxAoGBAPbnNp/0g25IYj857Q++hSjWsyjLLMfX6+hPsOv2ICL46+xU9P4s -EeIe8PGgRvUkXiNZ7LRtipsFOB+qNYHknIRtLICyYXfumJH4+05XawHIPWdZNw1X -762VsiLEHj1nx3tbEpiCApxYJTXat5/3skjibsNjkuV5JAfsiDHPHeOrAoGBANvf -u1GI2mtUDZ1EJbxJUm3pCUg1aw8jL83OC9miTT36m3V/TiZvc6NEbWM5S8xprwJ1 -FG+MHchTgG3rZR6UhfK7OPb7jD0r1aVnA30NX3NS1zKfMEp2Ry83w9LJX70JbZsg -ipo09UXSyE1EaeGGIEQ0xqCN/nRiy2KDh4h1gY83AoGAUH50ypU2vB+RGDfUV4uv -ce79HdGPWd/FI0nHzkXBmGU61SOlc6/+bI/V0ZCFUap3nmLUzsXfqEZ9U6V0KFLV -zD6jgZmmOSlqSDy6AYJyenRDwIvPbOQ8WYUyPC9gBHjvCgJY/6tzGnGKQBJ8RwTD -9QsNPVobLADghEzS4ho6Dl0CgYBjCBxIlwk5ujv/j4gnjCbSVlnV6il0QfbwDVQN -DCsaNVv7ygEbEqvU56cVP+NCCH/I7Y7sxwFLD0ETQSjkYyUJtQXtSFNb4fhybTmH -A5TwTmma5VRM1YUuYUGUGRtD+5Egg8GpvxyR/GQ3WQ8PgufZkKO+APaQ2Uad8nwD -HFnkdQKBgG0OlIKuVeLTVhPcQvOmiDEBeAVo1zc4zmA/JLk/euxesEVL9A8xuxsF -ao0pLvpk/EWQGElxNLNJxbn7AB4uXlpsAvV3xBM88pQIuj2paix1CqSlgfR2F2jE -t3470UVZV22ECV8vQK/of2byELrMscLExLgKW1lAIqqZ77BntFO9 ------END RSA PRIVATE KEY----- diff --git a/software/caddy-frontend/test/CA.wildcard.example.com.root.crt b/software/caddy-frontend/test/CA.wildcard.example.com.root.crt deleted file mode 100644 index f7de5a1658338cf0f685e0c02d1e9159e24dd704..0000000000000000000000000000000000000000 --- a/software/caddy-frontend/test/CA.wildcard.example.com.root.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDQzCCAiugAwIBAgIJAOShMXfabB7nMA0GCSqGSIb3DQEBCwUAMDgxCzAJBgNV -BAYTAlhYMQ4wDAYDVQQIDAVTdGF0ZTEZMBcGA1UECgwQV2lsZGNhcmQgUm9vdCBD -QTAeFw0xODExMjExMDAxMjVaFw00NjEyMDQxMDAxMjVaMDgxCzAJBgNVBAYTAlhY -MQ4wDAYDVQQIDAVTdGF0ZTEZMBcGA1UECgwQV2lsZGNhcmQgUm9vdCBDQTCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKq/9H+MvMt5B0vIC2/uEz25jqxT -Wv36v9/HldZLvEwzOiEd0n53ZZFqVlfOoYyCIoWw1+SPwaAc8Oad8ELfoPUasV65 -xWki9F/tesgPZpyTO7vgpQfX5JVWNw28s13BgRkOO95h4t2S2t1K6sckC0M/B0o3 -wDs/M+74i6wUTHNNXVRejeNPlj9ZSKyfe8rwvY4aNkvW/TKKbaY1yXpQhbeZfU8j -bk4tv4VOpIIoK7wWnSOcFHMANPqrIhygazI1zdsyySEssQ2TAepUb/zgZgk2IQ61 -GT+h7NVIoYZJKcAYlLapsZJV1d3Ec9y57zTpyfbWsQhmKHCasZeZK5gYqXECAwEA -AaNQME4wHQYDVR0OBBYEFLZTKR+QsKR9ivZi4uFssy6sB80XMB8GA1UdIwQYMBaA -FLZTKR+QsKR9ivZi4uFssy6sB80XMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEL -BQADggEBAI8O1u6LnmBkWw3rPOTp+9DD2l0+tU3e51KZfp98Fm3Lo8qF5spAB+Ue -OiBax9uENzjcHm7T7KdJrQNK6Mmat0VsD1WTR0TK1eBr9+hOh9EE1H5mEmSL0LOs -ABcCW8DlDv9axWMkFEaJjLfYRUQdvUkb3BwlXo2oq8ectk5ZqS1IF873htYStkvc -SvrzFpaMhYUIr2e7bvFEJ8XTz9l4eymdOBg3j89gf9OkmPa3FE6Qf7etTkVyOr1t -7DIuucv2JkWqHnABIWsLgj4bdLWWULASA7FkI0lHxp5/9/OBb7kVlcgQg6c9Wed7 -VA9NaSB3jnBubpEbijnekHqPYO0Bf38= ------END CERTIFICATE----- diff --git a/software/caddy-frontend/test/CA.wildcard.example.com.root.key b/software/caddy-frontend/test/CA.wildcard.example.com.root.key deleted file mode 100644 index df969adebdfaa8f5fc32ca031024ef51a4adad9d..0000000000000000000000000000000000000000 --- a/software/caddy-frontend/test/CA.wildcard.example.com.root.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAqr/0f4y8y3kHS8gLb+4TPbmOrFNa/fq/38eV1ku8TDM6IR3S -fndlkWpWV86hjIIihbDX5I/BoBzw5p3wQt+g9RqxXrnFaSL0X+16yA9mnJM7u+Cl -B9fklVY3DbyzXcGBGQ473mHi3ZLa3UrqxyQLQz8HSjfAOz8z7viLrBRMc01dVF6N -40+WP1lIrJ97yvC9jho2S9b9MoptpjXJelCFt5l9TyNuTi2/hU6kgigrvBadI5wU -cwA0+qsiHKBrMjXN2zLJISyxDZMB6lRv/OBmCTYhDrUZP6Hs1UihhkkpwBiUtqmx -klXV3cRz3LnvNOnJ9taxCGYocJqxl5krmBipcQIDAQABAoIBAHOAnbeaUCujlxfg -Hjx8428hki1nxWmAsUKDFAx99sXk8TFtpvH9eis/r2B+WjFd5lRhJ+lohSX17c9S -jy/tbkfe4pSdPbi8+Gnbju693D+WKRYSBBCmLe4G//6+4uZM+zMjucPYm0ofCQYg -o2hKLYQzoo7F37c0LcE9R94DbSOg2tY6HkKNhXoo0KBY424nIlZ82ZvsS7Q+dduB -txbFvzj0cnrYAJv8QIzcedaFGPN7tkLMZ+PS2rXPG/CkPevKgGwjOx+YyKgQk8GU -O+YvMQ9/zhOz4ak76UOZF+a21DrVqsKj0BK90SEq10MUnd1riQJ2z2jD8SSChgb6 -rRc4+AECgYEA1NTSkhfxwfgWIjucnWPrtzNLyVqg5Ss+X/XZfN0LNvMje+AZ4wfz -pLAf8cxnewgNqpR1PeUrjoUwcKrHX7M/MhfEhPKo2LyYDsNtNDcRk3JP047FrDnL -beVc7lIfsCzuuQHgnUFhBE+8qP69VsHWBq1iQF2NUdW8HLjxTSuAQFECgYEAzWIR -U/r5QijUE6fcev4FvPBCCF3+c64UEuXV/W4ZURWzOEAcKh9TAHiTKSQ3MDQK7IQY -YtRbgePnA8Tc0Xj0jSxMtWTX1FanxftosRNgsZD1VKnBViwImuOeZHZYq83qPGT9 -FNUvGMAEAHevNdSdI2k9RSzrB2Lhei6wEYHJryECgYEAoAOWgYKBID2enoRFHsw2 -N5nYe/2ohEQ79DfKGaezO9AXuJXnwJqE4ygMDGaK0qReagaOE0gOtGuM3Nh5Z4lD -lSzrcq1ipvk8NbVWkHBqxXmnbL6l/fPB79EHSqLx8ioGHZC8yF6US4KLrF9CCU1Y -1dJb0VrE2mcgtFOUEFoJZdECgYAsGxVRjaIdvRreJbxJhWfCDW6A0X6lZQrWjBkK -VayGJzzXpZzmxtdSUJJ50VcwuNxnsm5yOtxz5ndj7dDmAy2xa4QFqGRZK0rYT4dK -D7lCKLkmt1XXpZkreho3xNqB+rSEx8M5yBZXIFU7rHgp/UDJq/4GbwECExAM5x3U -hKTFQQKBgQCPGglKFvkRkvYonwDmLRiCjBPnpK5YeL/AYJxeD3V9b8V5Arc9ce9y -PgFgk93RjGlEfLSN0Xbqc6GPIGwg6f5qyHvQ1BpCwupr3lhdsTxwIKbGpAH4Zvmz -4COcrvkF9gAHaIiH97nLy/9h2EawKqKgJv3R0wfdKvRw4iW/4j4aPw== ------END RSA PRIVATE KEY----- diff --git a/software/caddy-frontend/test/customdomainsslcrtsslkey.example.com.crt b/software/caddy-frontend/test/customdomainsslcrtsslkey.example.com.crt deleted file mode 100644 index da1cf7f494be694d596dcc52703639c47fefd442..0000000000000000000000000000000000000000 --- a/software/caddy-frontend/test/customdomainsslcrtsslkey.example.com.crt +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDuzCCAqOgAwIBAgIJAOzw6rzXAd+jMA0GCSqGSIb3DQEBCwUAMHQxCzAJBgNV -BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX -aWRnaXRzIFB0eSBMdGQxLTArBgNVBAMMJGN1c3RvbWRvbWFpbnNzbGNydHNzbGtl -eS5leGFtcGxlLmNvbTAeFw0xODA1MTgxMzA2NThaFw0yODA1MTUxMzA2NThaMHQx -CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl -cm5ldCBXaWRnaXRzIFB0eSBMdGQxLTArBgNVBAMMJGN1c3RvbWRvbWFpbnNzbGNy -dHNzbGtleS5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAOQe3WLRuVBPPufClmlOk6Euc3nmycvCkzcwMUD6+zdyAGH0qhHoIHJmiXi6 -GcKYgqqa3eaIxvvke2EEphDwYkj6neOVyuX3KukL8ggEUakJ17TEQkS7hIk4dmDT -wjFAMgLz8uN11jqLooo9w/ptD+LUWmm6K9zk49iqqdKuG9Z5v3dm0KMUvsmYGWqN -g31tQWU1Cm2kNu+2iP2FPnx2PWkDq4KTn64U7iJP9DdDEvzNfYcvz8upjR15B+dI -K0ihwDXV5BtfZXDvck+ctCdfS1QxM+x+PboEJKUNoefz/+Q/9T3mlc+KchFG9asL -Q/kbHtdgZzsDGTDEtdDtIrLLQ3MCAwEAAaNQME4wHQYDVR0OBBYEFG6I5Y0feayi -UPznSzRJIMS1blcNMB8GA1UdIwQYMBaAFG6I5Y0feayiUPznSzRJIMS1blcNMAwG -A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAKmK75LcaROfjdxQLBFqiP/I -6WB8pBNbAN6nL+dgxeQJNEx7VQXSU/3KF0nIMC35pzf93ZySMq6ujCjxksNA0Pa0 -XEH0pmTqOO7Af5wsjIniLqGTRvFCqGbWKEcYDBwKq0svTGfYyPOaBj8z7lt9LURs -WRC1tCrn8T8NkAY/jdGRQZRtLlgk+x2SaeDfQ8F1MtMT8jYSLo4R+c4f+iuDgMWi -JPM5SvYeDEXndWctKGxmP4p2HIp8gJuqYHmP4oxO7Rn/QPti1p68WfNQsRquHYJ4 -dR9krkpVeteQ7w8cQA9OkG/m3neiIfFKkosJSGEHctRvRQ0GtbQO6A6nZqk0n6I= ------END CERTIFICATE----- diff --git a/software/caddy-frontend/test/customdomainsslcrtsslkey.example.com.key b/software/caddy-frontend/test/customdomainsslcrtsslkey.example.com.key deleted file mode 100644 index 0b778c4766c70130b6fcf7604e6b5f360aa24834..0000000000000000000000000000000000000000 --- a/software/caddy-frontend/test/customdomainsslcrtsslkey.example.com.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDkHt1i0blQTz7n -wpZpTpOhLnN55snLwpM3MDFA+vs3cgBh9KoR6CByZol4uhnCmIKqmt3miMb75Hth -BKYQ8GJI+p3jlcrl9yrpC/IIBFGpCde0xEJEu4SJOHZg08IxQDIC8/LjddY6i6KK -PcP6bQ/i1Fppuivc5OPYqqnSrhvWeb93ZtCjFL7JmBlqjYN9bUFlNQptpDbvtoj9 -hT58dj1pA6uCk5+uFO4iT/Q3QxL8zX2HL8/LqY0deQfnSCtIocA11eQbX2Vw73JP -nLQnX0tUMTPsfj26BCSlDaHn8//kP/U95pXPinIRRvWrC0P5Gx7XYGc7AxkwxLXQ -7SKyy0NzAgMBAAECggEBAOLv5ZPCSdWgEFdlWFbIycrmOBDETGo9VlDny4f2ZuZg -rgrE6E/KGkVUxlvo32mcaRkp2ajW1wWN5kO86Swex9gMIfhfcyrVecW/kXbyPP6q -AQIe4EIaPh54oiNvZleyok4Xu8EW4Bj8AqX+DjHaP5yLXqqhf7NPrW9FUI57kMwK -DqeHBilgWUxzcjc4LLiEu6UTuB8c2Slj3Ps0K/mVzvPbQ7Xx+RYXzfX+SqjyvDEe -GpaRLoiRJ0KZSoGUgBQSIqgfzR7g6ipKNDvlzsawMpG641vsQ8tSI+l4U5f6MbYZ -pFT+mxL4+N+PQbWN5w3qYWK6Ilh77+0rKfGVrLH7s7kCgYEA/2SXFnUgJUnKpuE0 -4buUtPCMw8j+qZsJZ8nmf2BbwIGgp+CFGlO6aG4sfzYulpQuZOsnKRIu5qoE3xQp -MzuqWPZ8eygAubBdddaym3kPRiMAxTXPr+vBFyvti+oFflxaTsTXAfCXD2wM8yKm -Od16xg9co3NED2zt62mtSM6NOiUCgYEA5Kmt1JqL4ymMe9gBZ07Ar7GCfmmqepSb -w9XqgkHDk0ZYizNeQupPQrypfdeLFlKVnlp4DycEA4XzGdFgp1+PkAMSIVDUZZp5 -KxWJdQkdScENe1eYAz0vALCWSnUahyMGuNW9Xe/z2mtNLKRYcNDQ2LROJTQjShvw -XSfVQXS597cCgYEAgXG5hn9tAJlLJpQk2njZ4W++2QkJ0msrNDjIJC1xs7u/8vbA -X9yqMX4N/Zg3ush2T15EpfN6ZB0uhObSDw6hw5+C7mUTIQq8BBsCwfx0+maJYGtq -zc6fOqBgMTc2+5nRh/UKyQfpeL6aPa2FNPUF4lcs7AdjKrJaUKRqWOmf+SUCgYAd -ksRkpshIzOraaYlk7w6EqpSR/OCLkgTDQztdNVwyA/sXpcEfLmap3vScze+zJ2Mq -Y9D7RLSEMCLMyAOUIgvTOFJz9JxDt8LMC7EHbfJXw5wWw7FpWdRmZnBJmPOhXqpT -5XDkYVBMg2wrxeWaUadxH4Cr1x5pS0u/AJPYL1yN6QKBgApwfVmCWXS0S1++6KiM -WN+jyvqmF4FS6Ib5TII1/diChY0PCO/UnmVPYg1AIqsdT5ghVreZs7wuHi1LsXQ4 -41nBmUnhdaiKCz9qVybXJwvicn/2MlsIi5C4Ox97OHJyCR1iKxf5A2ypfYEuh25V -NZZ4n9p5PhcLev6x3QhuWosT ------END PRIVATE KEY----- diff --git a/software/caddy-frontend/test/setup.py b/software/caddy-frontend/test/setup.py index f565c3660d19043580b27d6d8a096a61f0de9133..3ac388bc4e9ea44b6bd987962cc16c87307a5255 100644 --- a/software/caddy-frontend/test/setup.py +++ b/software/caddy-frontend/test/setup.py @@ -44,6 +44,7 @@ setup(name=name, 'forcediphttpsadapter', 'requests-toolbelt', 'supervisor', + 'cryptography', ], zip_safe=True, test_suite='test', diff --git a/software/caddy-frontend/test/test.py b/software/caddy-frontend/test/test.py index b402dc1cf72c16cd2cdabaee78e4fee5b0f698f3..26903426291a02d3c3a8f6ab1639cd6747c45db6 100644 --- a/software/caddy-frontend/test/test.py +++ b/software/caddy-frontend/test/test.py @@ -25,14 +25,6 @@ # ############################################################################## -# Note for SSL -# This test comes with certificates and keys. There is even root Certificate -# Authority, for the backends -# Please follow https://datacenteroverlords.com/2012/03/01/\ -# creating-your-own-ssl-certificate-authority/ -# in order to add more certificates for backend. -# Frontend still uses self-signed certificates. - import glob import os import requests @@ -47,10 +39,21 @@ from BaseHTTPServer import HTTPServer from BaseHTTPServer import BaseHTTPRequestHandler from forcediphttpsadapter.adapters import ForcedIPHTTPSAdapter import time +import tempfile +import ipaddress from utils import SlapOSInstanceTestCase from utils import findFreeTCPPort +import datetime + +from cryptography import x509 +from cryptography.hazmat.backends import default_backend +from cryptography.hazmat.primitives import hashes +from cryptography.hazmat.primitives import serialization +from cryptography.hazmat.primitives.asymmetric import rsa +from cryptography.x509.oid import NameOID + LOCAL_IPV4 = os.environ['LOCAL_IPV4'] GLOBAL_IPV6 = os.environ['GLOBAL_IPV6'] @@ -73,13 +76,114 @@ if os.environ.get('DEBUG'): def der2pem(der): - certificate, error = subprocess.Popen( - 'openssl x509 -inform der'.split(), stdin=subprocess.PIPE, - stdout=subprocess.PIPE, stderr=subprocess.PIPE - ).communicate(der) - if error: - raise ValueError(error) - return certificate + certificate = x509.load_der_x509_certificate(der, default_backend()) + return certificate.public_bytes(serialization.Encoding.PEM) + + +def createKey(): + key = rsa.generate_private_key( + public_exponent=65537, key_size=2048, backend=default_backend()) + key_pem = key.private_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PrivateFormat.TraditionalOpenSSL, + encryption_algorithm=serialization.NoEncryption() + ) + return key, key_pem + + +def createSelfSignedCertificate(name_list): + key, key_pem = createKey() + subject_alternative_name_list = x509.SubjectAlternativeName( + [x509.DNSName(unicode(q)) for q in name_list] + ) + subject = issuer = x509.Name([ + x509.NameAttribute(NameOID.COMMON_NAME, u'Test Self Signed Certificate'), + ]) + certificate = x509.CertificateBuilder().subject_name( + subject + ).issuer_name( + issuer + ).add_extension( + subject_alternative_name_list, + critical=False, + ).public_key( + key.public_key() + ).serial_number( + x509.random_serial_number() + ).not_valid_before( + datetime.datetime.utcnow() - datetime.timedelta(days=2) + ).not_valid_after( + datetime.datetime.utcnow() + datetime.timedelta(days=5) + ).sign(key, hashes.SHA256(), default_backend()) + certificate_pem = certificate.public_bytes(serialization.Encoding.PEM) + return key, key_pem, certificate, certificate_pem + + +def createCSR(common_name, ip=None): + key, key_pem = createKey() + subject_alternative_name_list = [] + if ip is not None: + subject_alternative_name_list.append( + x509.IPAddress(ipaddress.ip_address(unicode(ip))) + ) + csr = x509.CertificateSigningRequestBuilder().subject_name(x509.Name([ + x509.NameAttribute(NameOID.COMMON_NAME, unicode(common_name)), + ])) + + if len(subject_alternative_name_list): + csr = csr.add_extension( + x509.SubjectAlternativeName(subject_alternative_name_list), + critical=False + ) + + csr = csr.sign(key, hashes.SHA256(), default_backend()) + csr_pem = csr.public_bytes(serialization.Encoding.PEM) + return key, key_pem, csr, csr_pem + + +class CertificateAuthority(object): + def __init__(self, common_name): + self.key, self.key_pem = createKey() + public_key = self.key.public_key() + builder = x509.CertificateBuilder() + builder = builder.subject_name(x509.Name([ + x509.NameAttribute(NameOID.COMMON_NAME, unicode(common_name)), + ])) + builder = builder.issuer_name(x509.Name([ + x509.NameAttribute(NameOID.COMMON_NAME, unicode(common_name)), + ])) + builder = builder.not_valid_before( + datetime.datetime.utcnow() - datetime.timedelta(days=2)) + builder = builder.not_valid_after( + datetime.datetime.utcnow() + datetime.timedelta(days=30)) + builder = builder.serial_number(x509.random_serial_number()) + builder = builder.public_key(public_key) + builder = builder.add_extension( + x509.BasicConstraints(ca=True, path_length=None), critical=True, + ) + self.certificate = builder.sign( + private_key=self.key, algorithm=hashes.SHA256(), + backend=default_backend() + ) + self.certificate_pem = self.certificate.public_bytes( + serialization.Encoding.PEM) + + def signCSR(self, csr): + builder = x509.CertificateBuilder( + subject_name=csr.subject, + extensions=csr.extensions, + issuer_name=self.certificate.subject, + not_valid_before=datetime.datetime.utcnow() - datetime.timedelta(days=1), + not_valid_after=datetime.datetime.utcnow() + datetime.timedelta(days=30), + serial_number=x509.random_serial_number(), + public_key=csr.public_key(), + ) + certificate = builder.sign( + private_key=self.key, + algorithm=hashes.SHA256(), + backend=default_backend() + ) + return certificate, certificate.public_bytes(serialization.Encoding.PEM) def isHTTP2(domain, ip): @@ -96,6 +200,17 @@ def isHTTP2(domain, ip): return 'Using HTTP2, server supports multi-use' in err +def getQUIC(url, ip, port): + quic_client_command = 'quic_client --disable-certificate-verification '\ + '--port=%(port)s --host=%(host)s %(url)s' % dict( + port=port, host=ip, url=url) + try: + return True, subprocess.check_output( + quic_client_command.split(), stderr=subprocess.STDOUT) + except subprocess.CalledProcessError as e: + return False, e.output + + class TestDataMixin(object): @staticmethod def generateHashFromFiles(file_list): @@ -233,16 +348,12 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase): cls.software_path = os.path.realpath(os.path.join( cls.computer_partition_root_path, 'software_release')) - def assertLogAccessUrlWithPop(self, parameter_dict, reference): + def assertLogAccessUrlWithPop(self, parameter_dict): log_access_url = parameter_dict.pop('log-access-url') - try: - log_access_url_json = json.loads(log_access_url) - except Exception: - raise ValueError('JSON decode problem in:\n%s' % (log_access_url,)) - self.assertTrue(len(log_access_url_json) >= 1) + self.assertTrue(len(log_access_url) >= 1) # check only the first one, as second frontend will be stopped - log_access = log_access_url_json[0] + log_access = log_access_url[0] entry = log_access.split(': ') if len(entry) != 2: self.fail('Cannot parse %r' % (log_access,)) @@ -266,6 +377,22 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase): self.assertTrue(key in j, 'No key %r in %s' % (key, j)) self.assertEqual(value, j[key]) + def parseParameterDict(self, parameter_dict): + parsed_parameter_dict = {} + for key, value in parameter_dict.items(): + if key in [ + 'rejected-slave-dict', + 'request-error-list', + 'log-access-url']: + value = json.loads(value) + parsed_parameter_dict[key] = value + return parsed_parameter_dict + + def parseConnectionParameterDict(self): + return self.parseParameterDict( + self.computer_partition.getConnectionParameterDict() + ) + class TestMasterRequest(HttpFrontendTestCase, TestDataMixin): @classmethod @@ -279,7 +406,7 @@ class TestMasterRequest(HttpFrontendTestCase, TestDataMixin): } def test(self): - parameter_dict = self.computer_partition.getConnectionParameterDict() + parameter_dict = self.parseConnectionParameterDict() self.assertKeyWithPop('monitor-setup-url', parameter_dict) self.assertEqual( { @@ -288,7 +415,7 @@ class TestMasterRequest(HttpFrontendTestCase, TestDataMixin): 'accepted-slave-amount': '0', 'rejected-slave-amount': '0', 'slave-amount': '0', - 'rejected-slave-dict': '{}'}, + 'rejected-slave-dict': {}}, parameter_dict ) @@ -312,7 +439,7 @@ class TestMasterRequestDomain(HttpFrontendTestCase, TestDataMixin): } def test(self): - parameter_dict = self.computer_partition.getConnectionParameterDict() + parameter_dict = self.parseConnectionParameterDict() self.assertKeyWithPop('monitor-setup-url', parameter_dict) self.assertEqual( @@ -322,7 +449,7 @@ class TestMasterRequestDomain(HttpFrontendTestCase, TestDataMixin): 'accepted-slave-amount': '0', 'rejected-slave-amount': '0', 'slave-amount': '0', - 'rejected-slave-dict': '{}' + 'rejected-slave-dict': {} }, parameter_dict ) @@ -353,11 +480,23 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase): (LOCAL_IPV4, findFreeTCPPort(LOCAL_IPV4)), TestHandler) + cls.another_server_ca = CertificateAuthority("Another Server Root CA") + cls.test_server_ca = CertificateAuthority("Test Server Root CA") + key, key_pem, csr, csr_pem = createCSR( + "testserver.example.com", LOCAL_IPV4) + _, cls.test_server_certificate_pem = cls.test_server_ca.signCSR(csr) + + cls.test_server_certificate_file = tempfile.NamedTemporaryFile( + delete=False + ) + + cls.test_server_certificate_file.write( + cls.test_server_certificate_pem + key_pem + ) + cls.test_server_certificate_file.close() server_https.socket = ssl.wrap_socket( server_https.socket, - certfile=os.path.join( - os.path.dirname(os.path.realpath(__file__)), - 'testserver.example.com.pem'), + certfile=cls.test_server_certificate_file.name, server_side=True) cls.backend_url = 'http://%s:%s' % server.server_address @@ -370,6 +509,10 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase): @classmethod def stopServerProcess(cls): + if getattr(cls, 'test_server_certificate_file', None) is not None: + os.unlink(cls.test_server_certificate_file.name) + if getattr(cls, 'server_process', None) is None: + return cls.server_process.terminate() cls.server_https_process.terminate() @@ -398,9 +541,20 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase): cls.slave_connection_parameter_dict_dict[slave_reference] = \ slave_instance.getConnectionParameterDict() + @classmethod + def createWildcardExampleComCertificate(cls): + _, cls.key_pem, _, cls.certificate_pem = createSelfSignedCertificate( + [ + '*.customdomain.example.com', + '*.example.com', + '*.nginx.example.com', + '*.alias1.example.com', + ]) + @classmethod def setUpClass(cls): try: + cls.createWildcardExampleComCertificate() cls.startServerProcess() super(SlaveHttpFrontendTestCase, cls).setUpClass() cls.setUpSlaves() @@ -489,6 +643,13 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase): def tearDown(self): self.unpatchRequests() + def parseSlaveParameterDict(self, key): + return self.parseParameterDict( + self.slave_connection_parameter_dict_dict[ + key + ] + ) + class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): caddy_custom_https = '''# caddy_custom_https_filled_in_accepted @@ -557,8 +718,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { 'domain': 'example.com', 'nginx-domain': 'nginx.example.com', 'public-ipv4': LOCAL_IPV4, - 'apache-certificate': open('wildcard.example.com.crt').read(), - 'apache-key': open('wildcard.example.com.key').read(), + 'apache-certificate': cls.certificate_pem, + 'apache-key': cls.key_pem, '-frontend-authorized-slave-string': '_apache_custom_http_s-accepted _caddy_custom_http_s-accepted', 'port': HTTPS_PORT, @@ -570,6 +731,16 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { 'mpm-graceful-shutdown-timeout': 2, } + @classmethod + def setUpSlaves(cls): + cls.ca = CertificateAuthority('TestSlave') + _, cls.customdomain_ca_key_pem, csr, _ = createCSR( + 'customdomainsslcrtsslkeysslcacrt.example.com') + _, cls.customdomain_ca_certificate_pem = cls.ca.signCSR(csr) + _, cls.customdomain_key_pem, _, cls.customdomain_certificate_pem = \ + createSelfSignedCertificate(['customdomainsslcrtsslkey.example.com']) + super(TestSlave, cls).setUpSlaves() + @classmethod def getSlaveParameterDictDict(cls): return { @@ -602,7 +773,12 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { 'ssl-proxy-verify_ssl_proxy_ca_crt': { 'url': cls.backend_https_url, 'ssl-proxy-verify': True, - 'ssl_proxy_ca_crt': open('testserver.root.ca.crt').read(), + 'ssl_proxy_ca_crt': cls.test_server_ca.certificate_pem, + }, + 'ssl-proxy-verify_ssl_proxy_ca_crt-unverified': { + 'url': cls.backend_https_url, + 'ssl-proxy-verify': True, + 'ssl_proxy_ca_crt': cls.another_server_ca.certificate_pem, }, 'ssl-proxy-verify-unverified': { 'url': cls.backend_https_url, @@ -623,31 +799,31 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { 'custom_domain_ssl_crt_ssl_key': { 'url': cls.backend_url, 'custom_domain': 'customdomainsslcrtsslkey.example.com', - 'ssl_crt': open('customdomainsslcrtsslkey.example.com.crt').read(), - 'ssl_key': open('customdomainsslcrtsslkey.example.com.key').read(), + 'ssl_crt': cls.customdomain_certificate_pem, + 'ssl_key': cls.customdomain_key_pem, }, 'custom_domain_ssl_crt_ssl_key_ssl_ca_crt': { 'url': cls.backend_url, 'custom_domain': 'customdomainsslcrtsslkeysslcacrt.example.com', - 'ssl_crt': open('CA.wildcard.example.com.crt').read(), - 'ssl_key': open('CA.wildcard.example.com.key').read(), - 'ssl_ca_crt': open('CA.wildcard.example.com.root.crt').read(), + 'ssl_crt': cls.customdomain_ca_certificate_pem, + 'ssl_key': cls.customdomain_ca_key_pem, + 'ssl_ca_crt': cls.ca.certificate_pem, }, 'ssl_ca_crt_only': { 'url': cls.backend_url, - 'ssl_ca_crt': open('CA.wildcard.example.com.root.crt').read(), + 'ssl_ca_crt': cls.ca.certificate_pem, }, 'ssl_ca_crt_garbage': { 'url': cls.backend_url, - 'ssl_crt': open('CA.wildcard.example.com.crt').read(), - 'ssl_key': open('CA.wildcard.example.com.key').read(), + 'ssl_crt': cls.customdomain_ca_certificate_pem, + 'ssl_key': cls.customdomain_ca_key_pem, 'ssl_ca_crt': 'some garbage', }, 'ssl_ca_crt_does_not_match': { 'url': cls.backend_url, - 'ssl_crt': open('wildcard.example.com.crt').read(), - 'ssl_key': open('wildcard.example.com.key').read(), - 'ssl_ca_crt': open('CA.wildcard.example.com.root.crt').read(), + 'ssl_crt': cls.certificate_pem, + 'ssl_key': cls.key_pem, + 'ssl_ca_crt': cls.ca.certificate_pem, }, 'type-zope': { 'url': cls.backend_url, @@ -657,7 +833,13 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { 'url': cls.backend_https_url, 'type': 'zope', 'ssl-proxy-verify': True, - 'ssl_proxy_ca_crt': open('testserver.root.ca.crt').read(), + 'ssl_proxy_ca_crt': cls.test_server_ca.certificate_pem, + }, + 'type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified': { + 'url': cls.backend_https_url, + 'type': 'zope', + 'ssl-proxy-verify': True, + 'ssl_proxy_ca_crt': cls.another_server_ca.certificate_pem, }, 'type-zope-ssl-proxy-verify-unverified': { 'url': cls.backend_https_url, @@ -722,7 +904,13 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { 'enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt': { 'url': cls.backend_https_url, 'enable_cache': True, - 'ssl_proxy_ca_crt': open('testserver.root.ca.crt').read(), + 'ssl_proxy_ca_crt': cls.test_server_ca.certificate_pem, + 'ssl-proxy-verify': True, + }, + 'enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified': { + 'url': cls.backend_https_url, + 'enable_cache': True, + 'ssl_proxy_ca_crt': cls.another_server_ca.certificate_pem, 'ssl-proxy-verify': True, }, 'enable-http2-default': { @@ -792,21 +980,21 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { if os.path.exists(os.path.join(q, 'etc', 'trafficserver'))][0] def test_master_partition_state(self): - parameter_dict = self.computer_partition.getConnectionParameterDict() + parameter_dict = self.parseConnectionParameterDict() self.assertKeyWithPop('monitor-setup-url', parameter_dict) expected_parameter_dict = { 'monitor-base-url': None, 'domain': 'example.com', - 'accepted-slave-amount': '40', + 'accepted-slave-amount': '43', 'rejected-slave-amount': '4', - 'slave-amount': '44', - 'rejected-slave-dict': - '{"_apache_custom_http_s-rejected": ["slave not authorized"], ' - '"_caddy_custom_http_s": ["slave not authorized"], ' - '"_caddy_custom_http_s-rejected": ["slave not authorized"], ' - '"_ssl_ca_crt_only": ["ssl_ca_crt is present, so ssl_crt and ssl_key ' - 'are required"]}' + 'slave-amount': '47', + 'rejected-slave-dict': { + "_apache_custom_http_s-rejected": ["slave not authorized"], + "_caddy_custom_http_s": ["slave not authorized"], + "_caddy_custom_http_s-rejected": ["slave not authorized"], + "_ssl_ca_crt_only": ["ssl_ca_crt is present, so ssl_crt and ssl_key " + "are required"]} } self.assertEqual( @@ -871,9 +1059,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_empty(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'empty'] - self.assertLogAccessUrlWithPop(parameter_dict, 'empty') + parameter_dict = self.parseSlaveParameterDict('empty') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( parameter_dict, { @@ -890,7 +1077,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual(httplib.NOT_FOUND, result.status_code) @@ -933,9 +1120,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_url(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'url'].copy() - self.assertLogAccessUrlWithPop(parameter_dict, 'url') + parameter_dict = self.parseSlaveParameterDict('url') + + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'url.example.com', @@ -952,7 +1139,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -995,9 +1182,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { @skip('Feature postponed') def test_url_ipv6_access(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'url'].copy() - self.assertLogAccessUrlWithPop(parameter_dict, 'url') + parameter_dict = self.parseSlaveParameterDict('url') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'url.example.com', @@ -1020,15 +1206,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result_ipv6.peercert)) self.assertEqualResultJson(result_ipv6, 'Path', '/test-path') def test_type_zope_path(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'type-zope-path'] - self.assertLogAccessUrlWithPop(parameter_dict, 'type-zope-path') + parameter_dict = self.parseSlaveParameterDict('type-zope-path') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'typezopepath.example.com', @@ -1045,7 +1230,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson( @@ -1056,9 +1241,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_type_zope_default_path(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'type-zope-default-path'] - self.assertLogAccessUrlWithPop(parameter_dict, 'type-zope-default-path') + parameter_dict = self.parseSlaveParameterDict('type-zope-default-path') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'typezopedefaultpath.example.com', @@ -1075,7 +1259,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], '') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual( @@ -1085,9 +1269,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_server_alias(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'server-alias'] - self.assertLogAccessUrlWithPop(parameter_dict, 'server-alias') + parameter_dict = self.parseSlaveParameterDict('server-alias') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'serveralias.example.com', @@ -1104,7 +1287,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -1113,7 +1296,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { 'alias1.example.com', parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -1122,13 +1305,12 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { 'alias2.example.com', parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) def test_server_alias_wildcard(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'server-alias-wildcard'] - self.assertLogAccessUrlWithPop(parameter_dict, 'server-alias-wildcard') + parameter_dict = self.parseSlaveParameterDict('server-alias-wildcard') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'serveraliaswildcard.example.com', @@ -1145,7 +1327,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -1154,15 +1336,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { 'wild.alias1.example.com', parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') def test_server_alias_duplicated(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'server-alias-duplicated'] - self.assertLogAccessUrlWithPop(parameter_dict, 'server-alias-duplicated') + parameter_dict = self.parseSlaveParameterDict('server-alias-duplicated') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'serveraliasduplicated.example.com', @@ -1179,7 +1360,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -1188,16 +1369,15 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { 'alias3.example.com', parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') def test_server_alias_custom_domain_duplicated(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'server-alias_custom_domain-duplicated'] - self.assertLogAccessUrlWithPop( - parameter_dict, 'server-alias_custom_domain-duplicated') + parameter_dict = self.parseSlaveParameterDict( + 'server-alias_custom_domain-duplicated') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'alias4.example.com', @@ -1214,7 +1394,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -1225,10 +1405,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { raise NotImplementedError(self.id()) def test_ssl_ca_crt(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'custom_domain_ssl_crt_ssl_key_ssl_ca_crt'] - self.assertLogAccessUrlWithPop( - parameter_dict, 'custom_domain_ssl_crt_ssl_key_ssl_ca_crt') + parameter_dict = self.parseSlaveParameterDict( + 'custom_domain_ssl_crt_ssl_key_ssl_ca_crt') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'customdomainsslcrtsslkeysslcacrt.example.com', @@ -1246,26 +1425,23 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('CA.wildcard.example.com.crt').read(), + self.customdomain_ca_certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') def test_ssl_ca_crt_only(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'ssl_ca_crt_only'] + parameter_dict = self.parseSlaveParameterDict('ssl_ca_crt_only') self.assertEqual( parameter_dict, { - 'request-error-list': '["ssl_ca_crt is present, so ssl_crt and ' - 'ssl_key are required"]'} + 'request-error-list': [ + "ssl_ca_crt is present, so ssl_crt and ssl_key are required"]} ) def test_ssl_ca_crt_garbage(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'ssl_ca_crt_garbage'] - self.assertLogAccessUrlWithPop( - parameter_dict, 'ssl_ca_crt_garbage') + parameter_dict = self.parseSlaveParameterDict('ssl_ca_crt_garbage') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'sslcacrtgarbage.example.com', @@ -1279,20 +1455,13 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict ) - result = self.fakeHTTPSResult( - parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') - - self.assertEqual( - open('CA.wildcard.example.com.crt').read(), - der2pem(result.peercert)) - - self.assertEqualResultJson(result, 'Path', '/test-path') + with self.assertRaises(requests.exceptions.SSLError): + self.fakeHTTPSResult( + parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') def test_ssl_ca_crt_does_not_match(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'ssl_ca_crt_does_not_match'] - self.assertLogAccessUrlWithPop( - parameter_dict, 'ssl_ca_crt_does_not_match') + parameter_dict = self.parseSlaveParameterDict('ssl_ca_crt_does_not_match') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'sslcacrtdoesnotmatch.example.com', @@ -1310,15 +1479,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') def test_https_only(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'https-only'] - self.assertLogAccessUrlWithPop(parameter_dict, 'https-only') + parameter_dict = self.parseSlaveParameterDict('https-only') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'httpsonly.example.com', @@ -1335,7 +1503,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -1349,9 +1517,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_custom_domain(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'custom_domain'] - self.assertLogAccessUrlWithPop(parameter_dict, 'custom_domain') + parameter_dict = self.parseSlaveParameterDict('custom_domain') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'customdomain.example.com', @@ -1368,15 +1535,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') def test_custom_domain_wildcard(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'custom_domain_wildcard'] - self.assertLogAccessUrlWithPop(parameter_dict, 'custom_domain_wildcard') + parameter_dict = self.parseSlaveParameterDict('custom_domain_wildcard') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': '*.customdomain.example.com', @@ -1394,15 +1560,15 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') def test_custom_domain_ssl_crt_ssl_key(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'custom_domain_ssl_crt_ssl_key'] - self.assertLogAccessUrlWithPop(parameter_dict, 'custom_domain_ssl_crt_key') + parameter_dict = self.parseSlaveParameterDict( + 'custom_domain_ssl_crt_ssl_key') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'customdomainsslcrtsslkey.example.com', @@ -1419,15 +1585,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('customdomainsslcrtsslkey.example.com.crt').read(), + self.customdomain_certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') def test_type_zope(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'type-zope'] - self.assertLogAccessUrlWithPop(parameter_dict, 'type-zope') + parameter_dict = self.parseSlaveParameterDict('type-zope') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'typezope.example.com', @@ -1444,7 +1609,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) try: @@ -1471,10 +1636,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_type_zope_virtualhostroot_http_port(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'type-zope-virtualhostroot-http-port'] - self.assertLogAccessUrlWithPop( - parameter_dict, 'type-zope-virtualhostroot-http-port') + parameter_dict = self.parseSlaveParameterDict( + 'type-zope-virtualhostroot-http-port') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'typezopevirtualhostroothttpport.example.com', @@ -1499,10 +1663,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_type_zope_virtualhostroot_https_port(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'type-zope-virtualhostroot-https-port'] - self.assertLogAccessUrlWithPop( - parameter_dict, 'type-zope-virtualhostroot-https-port') + parameter_dict = self.parseSlaveParameterDict( + 'type-zope-virtualhostroot-https-port') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'typezopevirtualhostroothttpsport.example.com', @@ -1520,7 +1683,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson( @@ -1531,9 +1694,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_type_notebook(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'type-notebook'] - self.assertLogAccessUrlWithPop(parameter_dict, 'type-notebook') + parameter_dict = self.parseSlaveParameterDict('type-notebook') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'typenotebook.nginx.example.com', @@ -1551,7 +1713,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { NGINX_HTTPS_PORT) self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -1573,9 +1735,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { # Caddy as a proxy in front of nginx-push-stream . If we have a # "central shared" caddy instance, can it handle keeping connections # opens for many clients ? - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'type-eventsource'] - self.assertLogAccessUrlWithPop(parameter_dict, 'type-eventsource') + parameter_dict = self.parseSlaveParameterDict('type-eventsource') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'typeeventsource.nginx.example.com', @@ -1593,7 +1754,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { NGINX_HTTPS_PORT) self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual( @@ -1615,9 +1776,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_type_redirect(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'type-redirect'] - self.assertLogAccessUrlWithPop(parameter_dict, 'type-redirect') + parameter_dict = self.parseSlaveParameterDict('type-redirect') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'typeredirect.example.com', @@ -1634,7 +1794,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual( @@ -1642,12 +1802,50 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { result.headers['Location'] ) + def test_ssl_proxy_verify_ssl_proxy_ca_crt_unverified(self): + parameter_dict = self.parseSlaveParameterDict( + 'ssl-proxy-verify_ssl_proxy_ca_crt-unverified') + + self.assertLogAccessUrlWithPop(parameter_dict) + self.assertEqual( + { + 'domain': 'sslproxyverifysslproxycacrtunverified.example.com', + 'replication_number': '1', + 'url': 'http://sslproxyverifysslproxycacrtunverified.example.com', + 'site_url': + 'http://sslproxyverifysslproxycacrtunverified.example.com', + 'secure_access': + 'https://sslproxyverifysslproxycacrtunverified.example.com', + 'public-ipv4': LOCAL_IPV4, + }, + parameter_dict + ) + + result = self.fakeHTTPSResult( + parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') + + self.assertEqual( + self.certificate_pem, + der2pem(result.peercert)) + + self.assertEqual( + httplib.BAD_GATEWAY, + result.status_code + ) + + result_http = self.fakeHTTPResult( + parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') + + self.assertEqual( + httplib.BAD_GATEWAY, + result_http.status_code + ) + def test_ssl_proxy_verify_ssl_proxy_ca_crt(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'ssl-proxy-verify_ssl_proxy_ca_crt'] + parameter_dict = self.parseSlaveParameterDict( + 'ssl-proxy-verify_ssl_proxy_ca_crt') - self.assertLogAccessUrlWithPop( - parameter_dict, 'ssl-proxy-verify_ssl_proxy_ca_crt') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'sslproxyverifysslproxycacrt.example.com', @@ -1664,28 +1862,52 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) + self.assertEqualResultJson(result, 'Path', '/test-path') + + try: + j = result.json() + except Exception: + raise ValueError('JSON decode problem in:\n%s' % (result.text,)) + self.assertFalse('remote_user' in j['Incoming Headers'].keys()) + self.assertEqual( - httplib.NOT_IMPLEMENTED, - result.status_code + 'gzip', + result.headers['Content-Encoding'] + ) + + self.assertEqual( + 'secured=value;secure, nonsecured=value', + result.headers['Set-Cookie'] ) result_http = self.fakeHTTPResult( parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') + self.assertEqualResultJson(result_http, 'Path', '/test-path') + + try: + j = result_http.json() + except Exception: + raise ValueError('JSON decode problem in:\n%s' % (result.text,)) + self.assertFalse('remote_user' in j['Incoming Headers'].keys()) self.assertEqual( - httplib.NOT_IMPLEMENTED, - result_http.status_code + 'gzip', + result_http.headers['Content-Encoding'] + ) + + self.assertEqual( + 'secured=value;secure, nonsecured=value', + result_http.headers['Set-Cookie'] ) def test_ssl_proxy_verify_unverified(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'ssl-proxy-verify-unverified'] + parameter_dict = self.parseSlaveParameterDict( + 'ssl-proxy-verify-unverified') - self.assertLogAccessUrlWithPop( - parameter_dict, 'ssl-proxy-verify-unverified') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'sslproxyverifyunverified.example.com', @@ -1702,7 +1924,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual( @@ -1710,12 +1932,52 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { result.status_code ) + def test_enable_cache_ssl_proxy_verify_ssl_proxy_ca_crt_unverified(self): + parameter_dict = self.parseSlaveParameterDict( + 'enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified') + + self.assertLogAccessUrlWithPop(parameter_dict) + self.assertEqual( + { + 'domain': + 'enablecachesslproxyverifysslproxycacrtunverified.example.com', + 'replication_number': '1', + 'url': + 'http://enablecachesslproxyverifysslproxycacrtunverified.example.com', + 'site_url': + 'http://enablecachesslproxyverifysslproxycacrtunverified.example.com', + 'secure_access': + 'https://enablecachesslproxyverifysslproxycacrtunverified.example.com', + 'public-ipv4': LOCAL_IPV4, + }, + parameter_dict + ) + + result = self.fakeHTTPSResult( + parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') + + self.assertEqual( + self.certificate_pem, + der2pem(result.peercert)) + + self.assertEqual( + httplib.BAD_GATEWAY, + result.status_code + ) + + result_http = self.fakeHTTPResult( + parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') + + self.assertEqual( + httplib.BAD_GATEWAY, + result_http.status_code + ) + def test_enable_cache_ssl_proxy_verify_ssl_proxy_ca_crt(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt'] + parameter_dict = self.parseSlaveParameterDict( + 'enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt') - self.assertLogAccessUrlWithPop( - parameter_dict, 'enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'enablecachesslproxyverifysslproxycacrt.example.com', @@ -1734,28 +1996,82 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) + self.assertEqualResultJson(result, 'Path', '/test-path') + + headers = result.headers.copy() + + self.assertKeyWithPop('Via', headers) + self.assertKeyWithPop('Server', headers) + self.assertKeyWithPop('Date', headers) + self.assertKeyWithPop('Age', headers) + + # drop keys appearing randomly in headers + headers.pop('Transfer-Encoding', None) + headers.pop('Content-Length', None) + headers.pop('Connection', None) + headers.pop('Keep-Alive', None) + self.assertEqual( - httplib.NOT_IMPLEMENTED, - result.status_code + {'Content-type': 'application/json', + 'Set-Cookie': 'secured=value;secure, nonsecured=value', + 'Content-Encoding': 'gzip', 'Vary': 'Accept-Encoding'}, + headers ) - result_http = self.fakeHTTPResult( - parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') + result_direct = self.fakeHTTPResult( + parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path', + port=26011) + + self.assertEqualResultJson(result_direct, 'Path', '/test-path') + + try: + j = result_direct.json() + except Exception: + raise ValueError('JSON decode problem in:\n%s' % (result_direct.text,)) + self.assertFalse('remote_user' in j['Incoming Headers'].keys()) self.assertEqual( - httplib.NOT_IMPLEMENTED, - result_http.status_code + 'gzip', + result_direct.headers['Content-Encoding'] + ) + + self.assertEqual( + 'secured=value;secure, nonsecured=value', + result_direct.headers['Set-Cookie'] + ) + + result_direct_https_backend = self.fakeHTTPResult( + parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path', + port=26012) + + self.assertEqualResultJson( + result_direct_https_backend, 'Path', '/test-path') + + try: + j = result_direct_https_backend.json() + except Exception: + raise ValueError('JSON decode problem in:\n%s' % ( + result_direct_https_backend.text,)) + self.assertFalse('remote_user' in j['Incoming Headers'].keys()) + + self.assertEqual( + 'gzip', + result_direct_https_backend.headers['Content-Encoding'] + ) + + self.assertEqual( + 'secured=value;secure, nonsecured=value', + result_direct_https_backend.headers['Set-Cookie'] ) def test_enable_cache_ssl_proxy_verify_unverified(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'enable_cache-ssl-proxy-verify-unverified'] + parameter_dict = self.parseSlaveParameterDict( + 'enable_cache-ssl-proxy-verify-unverified') - self.assertLogAccessUrlWithPop( - parameter_dict, 'enable_cache-ssl-proxy-verify-unverified') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'enablecachesslproxyverifyunverified.example.com', @@ -1773,7 +2089,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual( @@ -1781,20 +2097,21 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { result.status_code ) - def test_type_zope_ssl_proxy_verify_ssl_proxy_ca_crt(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'type-zope-ssl-proxy-verify_ssl_proxy_ca_crt'] + def test_type_zope_ssl_proxy_verify_ssl_proxy_ca_crt_unverified(self): + parameter_dict = self.parseSlaveParameterDict( + 'type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified') - self.assertLogAccessUrlWithPop( - parameter_dict, 'type-zope-ssl-proxy-verify_ssl_proxy_ca_crt') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { - 'domain': 'typezopesslproxyverifysslproxycacrt.example.com', + 'domain': 'typezopesslproxyverifysslproxycacrtunverified.example.com', 'replication_number': '1', - 'url': 'http://typezopesslproxyverifysslproxycacrt.example.com', - 'site_url': 'http://typezopesslproxyverifysslproxycacrt.example.com', + 'url': + 'http://typezopesslproxyverifysslproxycacrtunverified.example.com', + 'site_url': + 'http://typezopesslproxyverifysslproxycacrtunverified.example.com', 'secure_access': - 'https://typezopesslproxyverifysslproxycacrt.example.com', + 'https://typezopesslproxyverifysslproxycacrtunverified.example.com', 'public-ipv4': LOCAL_IPV4, }, parameter_dict @@ -1804,11 +2121,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual( - httplib.NOT_IMPLEMENTED, + httplib.BAD_GATEWAY, result.status_code ) @@ -1816,16 +2133,65 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - httplib.NOT_IMPLEMENTED, + httplib.BAD_GATEWAY, result_http.status_code ) + def test_type_zope_ssl_proxy_verify_ssl_proxy_ca_crt(self): + parameter_dict = self.parseSlaveParameterDict( + 'type-zope-ssl-proxy-verify_ssl_proxy_ca_crt') + + self.assertLogAccessUrlWithPop(parameter_dict) + self.assertEqual( + { + 'domain': 'typezopesslproxyverifysslproxycacrt.example.com', + 'replication_number': '1', + 'url': 'http://typezopesslproxyverifysslproxycacrt.example.com', + 'site_url': 'http://typezopesslproxyverifysslproxycacrt.example.com', + 'secure_access': + 'https://typezopesslproxyverifysslproxycacrt.example.com', + 'public-ipv4': LOCAL_IPV4, + }, + parameter_dict + ) + + result = self.fakeHTTPSResult( + parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') + + self.assertEqual( + self.certificate_pem, + der2pem(result.peercert)) + + try: + j = result.json() + except Exception: + raise ValueError('JSON decode problem in:\n%s' % (result.text,)) + self.assertFalse('remote_user' in j['Incoming Headers'].keys()) + + self.assertEqualResultJson( + result, + 'Path', + '/VirtualHostBase/https//' + 'typezopesslproxyverifysslproxycacrt.example.com:443/' + '/VirtualHostRoot/test-path' + ) + + result = self.fakeHTTPResult( + parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') + + self.assertEqualResultJson( + result, + 'Path', + '/VirtualHostBase/http//' + 'typezopesslproxyverifysslproxycacrt.example.com:80/' + '/VirtualHostRoot/test-path' + ) + def test_type_zope_ssl_proxy_verify_unverified(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'type-zope-ssl-proxy-verify-unverified'] + parameter_dict = self.parseSlaveParameterDict( + 'type-zope-ssl-proxy-verify-unverified') - self.assertLogAccessUrlWithPop( - parameter_dict, 'type-zope-ssl-proxy-verify-unverified') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'typezopesslproxyverifyunverified.example.com', @@ -1843,7 +2209,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual( @@ -1852,9 +2218,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_monitor_ipv6_test(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'monitor-ipv6-test'] - self.assertLogAccessUrlWithPop(parameter_dict, 'monitor-ipv6-test') + parameter_dict = self.parseSlaveParameterDict('monitor-ipv6-test') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'monitoripv6test.example.com', @@ -1871,7 +2236,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual(httplib.NOT_FOUND, result.status_code) @@ -1895,9 +2260,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_monitor_ipv4_test(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'monitor-ipv4-test'] - self.assertLogAccessUrlWithPop(parameter_dict, 'monitor-ipv4-test') + parameter_dict = self.parseSlaveParameterDict('monitor-ipv4-test') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'monitoripv4test.example.com', @@ -1914,7 +2278,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual(httplib.NOT_FOUND, result.status_code) @@ -1938,9 +2302,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_re6st_optimal_test(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 're6st-optimal-test'] - self.assertLogAccessUrlWithPop(parameter_dict, 're6st-optimal-test') + parameter_dict = self.parseSlaveParameterDict('re6st-optimal-test') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 're6stoptimaltest.example.com', @@ -1957,7 +2320,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual(httplib.NOT_FOUND, result.status_code) @@ -1982,9 +2345,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_enable_cache(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'enable_cache'] - self.assertLogAccessUrlWithPop(parameter_dict, 'enable_cache') + parameter_dict = self.parseSlaveParameterDict('enable_cache') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'enablecache.example.com', @@ -2001,7 +2363,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -2073,10 +2435,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_enable_cache_disable_no_cache_request(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'enable_cache-disable-no-cache-request'] - self.assertLogAccessUrlWithPop( - parameter_dict, 'enable_cache-disable-no-cache-request') + parameter_dict = self.parseSlaveParameterDict( + 'enable_cache-disable-no-cache-request') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'enablecachedisablenocacherequest.example.com', @@ -2095,7 +2456,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { headers={'Pragma': 'no-cache', 'Cache-Control': 'something'}) self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -2127,10 +2488,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { self.assertFalse('pragma' in j['Incoming Headers'].keys()) def test_enable_cache_disable_via_header(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'enable_cache-disable-via-header'] - self.assertLogAccessUrlWithPop( - parameter_dict, 'enable_cache-disable-via-header') + parameter_dict = self.parseSlaveParameterDict( + 'enable_cache-disable-via-header') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'enablecachedisableviaheader.example.com', @@ -2148,7 +2508,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -2173,9 +2533,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ) def test_enable_http2_false(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'enable-http2-false'] - self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-false') + parameter_dict = self.parseSlaveParameterDict('enable-http2-false') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'enablehttp2false.example.com', @@ -2193,7 +2552,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -2223,9 +2582,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4'])) def test_enable_http2_default(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'enable-http2-default'] - self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-default') + parameter_dict = self.parseSlaveParameterDict('enable-http2-default') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'enablehttp2default.example.com', @@ -2243,7 +2601,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -2273,10 +2631,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4'])) def test_prefer_gzip_encoding_to_backend(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'prefer-gzip-encoding-to-backend'] - self.assertLogAccessUrlWithPop( - parameter_dict, 'prefer-gzip-encoding-to-backend') + parameter_dict = self.parseSlaveParameterDict( + 'prefer-gzip-encoding-to-backend') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'prefergzipencodingtobackend.example.com', @@ -2295,7 +2652,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { headers={'Accept-Encoding': 'gzip, deflate'}) self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -2313,9 +2670,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { 'deflate', result.json()['Incoming Headers']['accept-encoding']) def test_disabled_cookie_list(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'disabled-cookie-list'] - self.assertLogAccessUrlWithPop(parameter_dict, 'disabled-cookie-list') + parameter_dict = self.parseSlaveParameterDict('disabled-cookie-list') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'disabledcookielist.example.com', @@ -2337,7 +2693,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { )) self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -2346,11 +2702,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { 'Coffee=present', result.json()['Incoming Headers']['cookie']) def test_apache_custom_http_s_rejected(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'apache_custom_http_s-rejected'] + parameter_dict = self.parseSlaveParameterDict( + 'apache_custom_http_s-rejected') self.assertEqual( { - 'request-error-list': '["slave not authorized"]' + 'request-error-list': ["slave not authorized"] }, parameter_dict) slave_configuration_file_list = glob.glob(os.path.join( @@ -2367,10 +2723,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { self.assertEqual([], configuration_file_with_custom_http_list) def test_apache_custom_http_s_accepted(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'apache_custom_http_s-accepted'] - self.assertLogAccessUrlWithPop( - parameter_dict, 'apache_custom_http_s-accepted') + parameter_dict = self.parseSlaveParameterDict( + 'apache_custom_http_s-accepted') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( {'replication_number': '1', 'public-ipv4': LOCAL_IPV4}, parameter_dict @@ -2381,7 +2736,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -2424,11 +2779,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { self.assertEqual(1, len(configuration_file_with_custom_http_list)) def test_caddy_custom_http_s_rejected(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'caddy_custom_http_s-rejected'] + parameter_dict = self.parseSlaveParameterDict( + 'caddy_custom_http_s-rejected') self.assertEqual( { - 'request-error-list': '["slave not authorized"]' + 'request-error-list': ["slave not authorized"] }, parameter_dict) slave_configuration_file_list = glob.glob(os.path.join( @@ -2445,11 +2800,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { self.assertEqual([], configuration_file_with_custom_http_list) def test_caddy_custom_http_s(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'caddy_custom_http_s'] + parameter_dict = self.parseSlaveParameterDict( + 'caddy_custom_http_s') self.assertEqual( { - 'request-error-list': '["slave not authorized"]' + 'request-error-list': ["slave not authorized"] }, parameter_dict) slave_configuration_file_list = glob.glob(os.path.join( @@ -2466,10 +2821,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { self.assertEqual([], configuration_file_with_custom_http_list) def test_caddy_custom_http_s_accepted(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'caddy_custom_http_s-accepted'] - self.assertLogAccessUrlWithPop( - parameter_dict, 'caddy_custom_http_s-accepted') + parameter_dict = self.parseSlaveParameterDict( + 'caddy_custom_http_s-accepted') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( {'replication_number': '1', 'public-ipv4': LOCAL_IPV4}, parameter_dict @@ -2480,7 +2834,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -2523,9 +2877,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { self.assertEqual(1, len(configuration_file_with_custom_http_list)) def test_https_url(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'url_https-url'] - self.assertLogAccessUrlWithPop(parameter_dict, 'url_https-url') + parameter_dict = self.parseSlaveParameterDict('url_https-url') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'urlhttpsurl.example.com', @@ -2542,7 +2895,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/https/test-path') @@ -2559,8 +2912,8 @@ class TestReplicateSlave(SlaveHttpFrontendTestCase, TestDataMixin): 'domain': 'example.com', 'nginx-domain': 'nginx.example.com', 'public-ipv4': LOCAL_IPV4, - 'apache-certificate': open('wildcard.example.com.crt').read(), - 'apache-key': open('wildcard.example.com.key').read(), + 'apache-certificate': cls.certificate_pem, + 'apache-key': cls.key_pem, '-frontend-quantity': 2, '-sla-2-computer_guid': 'slapos.test', '-frontend-2-state': 'stopped', @@ -2582,9 +2935,8 @@ class TestReplicateSlave(SlaveHttpFrontendTestCase, TestDataMixin): } def test(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'replicate'] - self.assertLogAccessUrlWithPop(parameter_dict, 'replicate') + parameter_dict = self.parseSlaveParameterDict('replicate') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'replicate.example.com', @@ -2601,7 +2953,7 @@ class TestReplicateSlave(SlaveHttpFrontendTestCase, TestDataMixin): parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -2631,8 +2983,8 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase, 'domain': 'example.com', 'nginx-domain': 'nginx.example.com', 'public-ipv4': LOCAL_IPV4, - 'apache-certificate': open('wildcard.example.com.crt').read(), - 'apache-key': open('wildcard.example.com.key').read(), + 'apache-certificate': cls.certificate_pem, + 'apache-key': cls.key_pem, 'enable-http2-by-default': 'false', 'port': HTTPS_PORT, 'plain_http_port': HTTP_PORT, @@ -2656,9 +3008,8 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase, } def test_enable_http2_default(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'enable-http2-default'] - self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-default') + parameter_dict = self.parseSlaveParameterDict('enable-http2-default') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'enablehttp2default.example.com', @@ -2676,9 +3027,8 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase, isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4'])) def test_enable_http2_false(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'enable-http2-false'] - self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-false') + parameter_dict = self.parseSlaveParameterDict('enable-http2-false') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'enablehttp2false.example.com', @@ -2696,9 +3046,8 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase, isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4'])) def test_enable_http2_true(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'enable-http2-true'] - self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-true') + parameter_dict = self.parseSlaveParameterDict('enable-http2-true') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'enablehttp2true.example.com', @@ -2724,8 +3073,8 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase, 'domain': 'example.com', 'nginx-domain': 'nginx.example.com', 'public-ipv4': LOCAL_IPV4, - 'apache-certificate': open('wildcard.example.com.crt').read(), - 'apache-key': open('wildcard.example.com.key').read(), + 'apache-certificate': cls.certificate_pem, + 'apache-key': cls.key_pem, 'port': HTTPS_PORT, 'plain_http_port': HTTP_PORT, 'nginx_port': NGINX_HTTPS_PORT, @@ -2748,9 +3097,8 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase, } def test_enable_http2_default(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'enable-http2-default'] - self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-default') + parameter_dict = self.parseSlaveParameterDict('enable-http2-default') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'enablehttp2default.example.com', @@ -2768,9 +3116,8 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase, isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4'])) def test_enable_http2_false(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'enable-http2-false'] - self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-false') + parameter_dict = self.parseSlaveParameterDict('enable-http2-false') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'enablehttp2false.example.com', @@ -2788,9 +3135,8 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase, isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4'])) def test_enable_http2_true(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'enable-http2-true'] - self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-true') + parameter_dict = self.parseSlaveParameterDict('enable-http2-true') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'enablehttp2true.example.com', @@ -2829,9 +3175,8 @@ class TestRe6stVerificationUrlDefaultSlave(SlaveHttpFrontendTestCase, } def test_default(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'default'] - self.assertLogAccessUrlWithPop(parameter_dict, 'default') + parameter_dict = self.parseSlaveParameterDict('default') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'default.None', @@ -2879,9 +3224,8 @@ class TestRe6stVerificationUrlSlave(SlaveHttpFrontendTestCase, } def test_default(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'default'] - self.assertLogAccessUrlWithPop(parameter_dict, 'default') + parameter_dict = self.parseSlaveParameterDict('default') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'default.None', @@ -2915,8 +3259,8 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase, 'domain': 'example.com', 'nginx-domain': 'nginx.example.com', 'public-ipv4': LOCAL_IPV4, - 'apache-certificate': open('wildcard.example.com.crt').read(), - 'apache-key': open('wildcard.example.com.key').read(), + 'apache-certificate': cls.certificate_pem, + 'apache-key': cls.key_pem, 'port': HTTPS_PORT, 'plain_http_port': HTTP_PORT, 'nginx_port': NGINX_HTTPS_PORT, @@ -2939,7 +3283,7 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase, } def test_master_partition_state(self): - parameter_dict = self.computer_partition.getConnectionParameterDict() + parameter_dict = self.parseConnectionParameterDict() self.assertKeyWithPop('monitor-setup-url', parameter_dict) expected_parameter_dict = { @@ -2948,10 +3292,11 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase, 'accepted-slave-amount': '1', 'rejected-slave-amount': '2', 'slave-amount': '3', - 'rejected-slave-dict': - '{"_https-url": ["slave https-url \\"https://[fd46::c2ae]:!py!u\'123123' - '\'\\" invalid"], "_url": ["slave url \\"https://[fd46::c2ae]:!py!u\'' - '123123\'\\" invalid"]}' + 'rejected-slave-dict': { + '_https-url': ['slave https-url "https://[fd46::c2ae]:!py!u\'123123\'"' + ' invalid'], + '_url': [u'slave url "https://[fd46::c2ae]:!py!u\'123123\'" invalid'] + } } self.assertEqual( @@ -2960,9 +3305,8 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase, ) def test_empty(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'empty'] - self.assertLogAccessUrlWithPop(parameter_dict, 'empty') + parameter_dict = self.parseSlaveParameterDict('empty') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'empty.example.com', @@ -2979,29 +3323,27 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase, parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual(httplib.NOT_FOUND, result.status_code) def test_url(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'url'].copy() + parameter_dict = self.parseSlaveParameterDict('url') self.assertEqual( { - 'request-error-list': '["slave url \\"https://[fd46::c2ae]:!py!' - 'u\'123123\'\\" invalid"]' + 'request-error-list': [ + "slave url \"https://[fd46::c2ae]:!py!u'123123'\" invalid"] }, parameter_dict ) def test_https_url(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'https-url'].copy() + parameter_dict = self.parseSlaveParameterDict('https-url') self.assertEqual( { - 'request-error-list': '["slave https-url \\"https://[fd46::c2ae]:' - '!py!u\'123123\'\\" invalid"]' + 'request-error-list': [ + "slave https-url \"https://[fd46::c2ae]:!py!u'123123'\" invalid"] }, parameter_dict ) @@ -3023,8 +3365,7 @@ class TestDefaultMonitorHttpdPort(SlaveHttpFrontendTestCase, TestDataMixin): } def test(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'test'] + parameter_dict = self.parseSlaveParameterDict('test') self.assertKeyWithPop('log-access-url', parameter_dict) self.assertEqual( { @@ -3054,8 +3395,8 @@ class TestQuicEnabled(SlaveHttpFrontendTestCase, TestDataMixin): 'nginx-domain': 'nginx.example.com', 'public-ipv4': LOCAL_IPV4, 'enable-quic': 'true', - 'apache-certificate': open('wildcard.example.com.crt').read(), - 'apache-key': open('wildcard.example.com.key').read(), + 'apache-certificate': cls.certificate_pem, + 'apache-key': cls.key_pem, '-frontend-authorized-slave-string': '_apache_custom_http_s-accepted _caddy_custom_http_s-accepted', 'port': HTTPS_PORT, @@ -3090,9 +3431,8 @@ class TestQuicEnabled(SlaveHttpFrontendTestCase, TestDataMixin): if os.path.exists(os.path.join(q, 'etc', 'trafficserver'))][0] def test_url(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'url'].copy() - self.assertLogAccessUrlWithPop(parameter_dict, 'url') + parameter_dict = self.parseSlaveParameterDict('url') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'url.example.com', @@ -3109,7 +3449,7 @@ class TestQuicEnabled(SlaveHttpFrontendTestCase, TestDataMixin): parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') @@ -3123,35 +3463,26 @@ class TestQuicEnabled(SlaveHttpFrontendTestCase, TestDataMixin): self.assertKeyWithPop('Date', result.headers) self.assertKeyWithPop('Content-Length', result.headers) - self.assertEqual( - {'Content-Encoding': 'gzip', - 'Alt-Svc': 'quic=":11443"; ma=2592000; v="39"', # QUIC advertises - 'Set-Cookie': 'secured=value;secure, nonsecured=value', - 'Vary': 'Accept-Encoding', - 'Server': 'Caddy, BaseHTTP/0.3 Python/2.7.14', - 'Content-Type': 'application/json'}, - result.headers + quic_status, quic_result = getQUIC( + 'https://%s/%s' % (parameter_dict['domain'], 'test-path'), + parameter_dict['public-ipv4'], + HTTPS_PORT ) - result_http = self.fakeHTTPResult( - parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') - self.assertEqualResultJson(result_http, 'Path', '/test-path') + self.assertTrue(quic_status, quic_result) try: - j = result_http.json() + quic_jsoned = quic_result.split('body: ')[2].split('trailers')[0] except Exception: - raise ValueError('JSON decode problem in:\n%s' % (result.text,)) - self.assertFalse('remote_user' in j['Incoming Headers'].keys()) - - self.assertEqual( - 'gzip', - result_http.headers['Content-Encoding'] - ) - - self.assertEqual( - 'secured=value;secure, nonsecured=value', - result_http.headers['Set-Cookie'] - ) + raise ValueError('JSON not found at all in QUIC result:\n%s' % ( + quic_result,)) + try: + j = json.loads(quic_jsoned) + except Exception: + raise ValueError('JSON decode problem in:\n%s' % (quic_jsoned,)) + key = 'Path' + self.assertTrue(key in j, 'No key %r in %s' % (key, j)) + self.assertEqual('/test-path', j[key]) class TestSlaveBadParameters(SlaveHttpFrontendTestCase, TestDataMixin): @@ -3161,8 +3492,8 @@ class TestSlaveBadParameters(SlaveHttpFrontendTestCase, TestDataMixin): 'domain': 'example.com', 'nginx-domain': 'nginx.example.com', 'public-ipv4': LOCAL_IPV4, - 'apache-certificate': open('wildcard.example.com.crt').read(), - 'apache-key': open('wildcard.example.com.key').read(), + 'apache-certificate': cls.certificate_pem, + 'apache-key': cls.key_pem, '-frontend-authorized-slave-string': '_caddy_custom_http_s-reject', 'port': HTTPS_PORT, 'plain_http_port': HTTP_PORT, @@ -3231,7 +3562,7 @@ https://www.google.com {}""", } def test_master_partition_state(self): - parameter_dict = self.computer_partition.getConnectionParameterDict() + parameter_dict = self.parseConnectionParameterDict() self.assertKeyWithPop('monitor-setup-url', parameter_dict) expected_parameter_dict = { @@ -3240,14 +3571,21 @@ https://www.google.com {}""", 'accepted-slave-amount': '8', 'rejected-slave-amount': '4', 'slave-amount': '12', - 'rejected-slave-dict': - '{"_caddy_custom_http_s-reject": ["slave caddy_custom_http ' - 'configuration invalid", "slave caddy_custom_https configuration ' - 'invalid"], "_server-alias-unsafe": ["server-alias \'${section:option}\'' - ' not valid", "server-alias \'afterspace\' not valid"], ' - '"_custom_domain-unsafe": ["custom_domain \'${section:option} ' - 'afterspace\\\\nafternewline\' invalid"], "_ssl_key-ssl_crt-unsafe": ' - '["slave ssl_key and ssl_crt does not match"]}' + 'rejected-slave-dict': { + '_caddy_custom_http_s-reject': [ + 'slave caddy_custom_http configuration invalid', + 'slave caddy_custom_https configuration invalid'], + '_custom_domain-unsafe': [ + "custom_domain '${section:option} afterspace\\nafternewline' invalid" + ], + '_server-alias-unsafe': [ + "server-alias '${section:option}' not valid", + "server-alias 'afterspace' not valid" + ], + '_ssl_key-ssl_crt-unsafe': [ + 'slave ssl_key and ssl_crt does not match' + ] + } } self.assertEqual( @@ -3256,9 +3594,8 @@ https://www.google.com {}""", ) def test_server_alias_same(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'server-alias-same'] - self.assertLogAccessUrlWithPop(parameter_dict, 'server-alias-same') + parameter_dict = self.parseSlaveParameterDict('server-alias-same') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'serveraliassame.example.com', @@ -3275,15 +3612,14 @@ https://www.google.com {}""", parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson(result, 'Path', '/test-path') def test_re6st_optimal_test_unsafe(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 're6st-optimal-test-unsafe'] - self.assertLogAccessUrlWithPop(parameter_dict, 're6st-optimal-test-unsafe') + parameter_dict = self.parseSlaveParameterDict('re6st-optimal-test-unsafe') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 're6stoptimaltestunsafe.example.com', @@ -3300,7 +3636,7 @@ https://www.google.com {}""", parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual(httplib.NOT_FOUND, result.status_code) @@ -3325,10 +3661,8 @@ https://www.google.com {}""", ) def test_re6st_optimal_test_nocomma(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 're6st-optimal-test-nocomma'] - self.assertLogAccessUrlWithPop( - parameter_dict, 're6st-optimal-test-nocomma') + parameter_dict = self.parseSlaveParameterDict('re6st-optimal-test-nocomma') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 're6stoptimaltestnocomma.example.com', @@ -3345,7 +3679,7 @@ https://www.google.com {}""", parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual(httplib.NOT_FOUND, result.status_code) @@ -3361,34 +3695,31 @@ https://www.google.com {}""", ) def test_custom_domain_unsafe(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'custom_domain-unsafe'] + parameter_dict = self.parseSlaveParameterDict('custom_domain-unsafe') self.assertEqual( { - 'request-error-list': - '["custom_domain \'${section:option} afterspace\\\\nafternewline\' ' - 'invalid"]' + 'request-error-list': [ + "custom_domain '${section:option} afterspace\\nafternewline' invalid" + ] }, parameter_dict ) def test_server_alias_unsafe(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'server-alias-unsafe'] + parameter_dict = self.parseSlaveParameterDict('server-alias-unsafe') self.assertEqual( { - 'request-error-list': - '["server-alias \'${section:option}\' not valid", "server-alias ' - '\'afterspace\' not valid"]' + 'request-error-list': [ + "server-alias '${section:option}' not valid", "server-alias " + "'afterspace' not valid"] }, parameter_dict ) def test_virtualhostroot_http_port_unsafe(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'virtualhostroot-http-port-unsafe'] - self.assertLogAccessUrlWithPop( - parameter_dict, 'virtualhostroot-http-port-unsafe') + parameter_dict = self.parseSlaveParameterDict( + 'virtualhostroot-http-port-unsafe') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'virtualhostroothttpportunsafe.example.com', @@ -3413,10 +3744,9 @@ https://www.google.com {}""", ) def test_virtualhostroot_https_port_unsafe(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'virtualhostroot-https-port-unsafe'] - self.assertLogAccessUrlWithPop( - parameter_dict, 'virtualhostroot-https-port-unsafe') + parameter_dict = self.parseSlaveParameterDict( + 'virtualhostroot-https-port-unsafe') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'virtualhostroothttpsportunsafe.example.com', @@ -3434,7 +3764,7 @@ https://www.google.com {}""", parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqualResultJson( @@ -3445,9 +3775,8 @@ https://www.google.com {}""", ) def default_path_unsafe(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'default-path-unsafe'] - self.assertLogAccessUrlWithPop(parameter_dict, 'default-path-unsafe') + parameter_dict = self.parseSlaveParameterDict('default-path-unsafe') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'defaultpathunsafe.example.com', @@ -3464,7 +3793,7 @@ https://www.google.com {}""", parameter_dict['domain'], parameter_dict['public-ipv4'], '') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual( @@ -3474,9 +3803,8 @@ https://www.google.com {}""", ) def test_monitor_ipv4_test_unsafe(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'monitor-ipv4-test-unsafe'] - self.assertLogAccessUrlWithPop(parameter_dict, 'monitor-ipv4-test-unsafe') + parameter_dict = self.parseSlaveParameterDict('monitor-ipv4-test-unsafe') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'monitoripv4testunsafe.example.com', @@ -3493,7 +3821,7 @@ https://www.google.com {}""", parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual(httplib.NOT_FOUND, result.status_code) @@ -3517,9 +3845,8 @@ https://www.google.com {}""", ) def test_monitor_ipv6_test_unsafe(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'monitor-ipv6-test-unsafe'] - self.assertLogAccessUrlWithPop(parameter_dict, 'monitor-ipv6-test-unsafe') + parameter_dict = self.parseSlaveParameterDict('monitor-ipv6-test-unsafe') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'monitoripv6testunsafe.example.com', @@ -3536,7 +3863,7 @@ https://www.google.com {}""", parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') self.assertEqual( - open('wildcard.example.com.crt').read(), + self.certificate_pem, der2pem(result.peercert)) self.assertEqual(httplib.NOT_FOUND, result.status_code) @@ -3560,21 +3887,20 @@ https://www.google.com {}""", ) def test_ssl_key_ssl_crt_unsafe(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'ssl_key-ssl_crt-unsafe'] + parameter_dict = self.parseSlaveParameterDict('ssl_key-ssl_crt-unsafe') self.assertEqual( - {'request-error-list': '["slave ssl_key and ssl_crt does not match"]'}, + {'request-error-list': ["slave ssl_key and ssl_crt does not match"]}, parameter_dict ) def test_caddy_custom_http_s_reject(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'caddy_custom_http_s-reject'] + parameter_dict = self.parseSlaveParameterDict('caddy_custom_http_s-reject') self.assertEqual( { - 'request-error-list': - '["slave caddy_custom_http configuration invalid", ' - '"slave caddy_custom_https configuration invalid"]' + 'request-error-list': [ + "slave caddy_custom_http configuration invalid", + "slave caddy_custom_https configuration invalid" + ] }, parameter_dict ) @@ -3587,8 +3913,8 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin): 'domain': 'example.com', 'nginx-domain': 'nginx.example.com', 'public-ipv4': LOCAL_IPV4, - 'apache-certificate': open('wildcard.example.com.crt').read(), - 'apache-key': open('wildcard.example.com.key').read(), + 'apache-certificate': cls.certificate_pem, + 'apache-key': cls.key_pem, '-frontend-authorized-slave-string': '_caddy_custom_http_s-reject', 'port': HTTPS_PORT, 'plain_http_port': HTTP_PORT, @@ -3618,7 +3944,7 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin): } def test_master_partition_state(self): - parameter_dict = self.computer_partition.getConnectionParameterDict() + parameter_dict = self.parseConnectionParameterDict() self.assertKeyWithPop('monitor-setup-url', parameter_dict) expected_parameter_dict = { @@ -3627,10 +3953,11 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin): 'accepted-slave-amount': '1', 'rejected-slave-amount': '3', 'slave-amount': '4', - 'rejected-slave-dict': - '{"_site_4": ["custom_domain \'duplicate.example.com\' clashes"], ' - '"_site_1": ["custom_domain \'duplicate.example.com\' clashes"], ' - '"_site_3": ["server-alias \'duplicate.example.com\' clashes"]}' + 'rejected-slave-dict': { + '_site_1': ["custom_domain 'duplicate.example.com' clashes"], + '_site_3': ["server-alias 'duplicate.example.com' clashes"], + '_site_4': ["custom_domain 'duplicate.example.com' clashes"] + } } self.assertEqual( @@ -3639,20 +3966,17 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin): ) def test_site_1(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'site_1'] + parameter_dict = self.parseSlaveParameterDict('site_1') self.assertEqual( { - 'request-error-list': - '["custom_domain \'duplicate.example.com\' clashes"]' + 'request-error-list': ["custom_domain 'duplicate.example.com' clashes"] }, parameter_dict ) def test_site_2(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'site_2'] - self.assertLogAccessUrlWithPop(parameter_dict, 'site_2') + parameter_dict = self.parseSlaveParameterDict('site_2') + self.assertLogAccessUrlWithPop(parameter_dict) self.assertEqual( { 'domain': 'duplicate.example.com', @@ -3666,23 +3990,19 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin): ) def test_site_3(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'site_3'] + parameter_dict = self.parseSlaveParameterDict('site_3') self.assertEqual( { - 'request-error-list': - '["server-alias \'duplicate.example.com\' clashes"]' + 'request-error-list': ["server-alias 'duplicate.example.com' clashes"] }, parameter_dict, ) def test_site_4(self): - parameter_dict = self.slave_connection_parameter_dict_dict[ - 'site_4'] + parameter_dict = self.parseSlaveParameterDict('site_4') self.assertEqual( { - 'request-error-list': - '["custom_domain \'duplicate.example.com\' clashes"]' + 'request-error-list': ["custom_domain 'duplicate.example.com' clashes"] }, parameter_dict ) diff --git a/software/caddy-frontend/test/test_data/test.TestDuplicateSiteKeyProtection.test_file_list_run-CADDY.txt b/software/caddy-frontend/test/test_data/test.TestDuplicateSiteKeyProtection.test_file_list_run-CADDY.txt index 8a8c2471f50e35655df9d973efb16d28beabc868..7e14aaaf1b60e42552da63d4fadff8a044b5438a 100644 --- a/software/caddy-frontend/test/test_data/test.TestDuplicateSiteKeyProtection.test_file_list_run-CADDY.txt +++ b/software/caddy-frontend/test/test_data/test.TestDuplicateSiteKeyProtection.test_file_list_run-CADDY.txt @@ -1,8 +1,14 @@ TestDuplicateSiteKeyProtection-0/var/run/monitor-httpd.pid TestDuplicateSiteKeyProtection-0/var/run/monitor/monitor-bootstrap.pid -TestDuplicateSiteKeyProtection-1/var/run/caddy_configuration.signature +TestDuplicateSiteKeyProtection-1/var/run/caddy_graceful_signature +TestDuplicateSiteKeyProtection-1/var/run/caddy_graceful_signature.tmp +TestDuplicateSiteKeyProtection-1/var/run/caddy_validate_signature +TestDuplicateSiteKeyProtection-1/var/run/caddy_validate_signature.status TestDuplicateSiteKeyProtection-1/var/run/httpd.pid TestDuplicateSiteKeyProtection-1/var/run/monitor-httpd.pid TestDuplicateSiteKeyProtection-1/var/run/monitor/monitor-bootstrap.pid -TestDuplicateSiteKeyProtection-1/var/run/ncaddy_configuration.signature -TestDuplicateSiteKeyProtection-1/var/run/nginx.pid \ No newline at end of file +TestDuplicateSiteKeyProtection-1/var/run/nginx.pid +TestDuplicateSiteKeyProtection-1/var/run/nginx_graceful_signature +TestDuplicateSiteKeyProtection-1/var/run/nginx_graceful_signature.tmp +TestDuplicateSiteKeyProtection-1/var/run/nginx_validate_signature +TestDuplicateSiteKeyProtection-1/var/run/nginx_validate_signature.status \ No newline at end of file diff --git a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_file_list_run-CADDY.txt b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_file_list_run-CADDY.txt index f92a782447acaaf41cbe5e54a85aef0231858c5d..78243f7632fce16d90eb51351c21704fd1c74c4b 100644 --- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_file_list_run-CADDY.txt +++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_file_list_run-CADDY.txt @@ -1,8 +1,14 @@ TestEnableHttp2ByDefaultDefaultSlave-0/var/run/monitor-httpd.pid TestEnableHttp2ByDefaultDefaultSlave-0/var/run/monitor/monitor-bootstrap.pid -TestEnableHttp2ByDefaultDefaultSlave-1/var/run/caddy_configuration.signature +TestEnableHttp2ByDefaultDefaultSlave-1/var/run/caddy_graceful_signature +TestEnableHttp2ByDefaultDefaultSlave-1/var/run/caddy_graceful_signature.tmp +TestEnableHttp2ByDefaultDefaultSlave-1/var/run/caddy_validate_signature +TestEnableHttp2ByDefaultDefaultSlave-1/var/run/caddy_validate_signature.status TestEnableHttp2ByDefaultDefaultSlave-1/var/run/httpd.pid TestEnableHttp2ByDefaultDefaultSlave-1/var/run/monitor-httpd.pid TestEnableHttp2ByDefaultDefaultSlave-1/var/run/monitor/monitor-bootstrap.pid -TestEnableHttp2ByDefaultDefaultSlave-1/var/run/ncaddy_configuration.signature -TestEnableHttp2ByDefaultDefaultSlave-1/var/run/nginx.pid \ No newline at end of file +TestEnableHttp2ByDefaultDefaultSlave-1/var/run/nginx.pid +TestEnableHttp2ByDefaultDefaultSlave-1/var/run/nginx_graceful_signature +TestEnableHttp2ByDefaultDefaultSlave-1/var/run/nginx_graceful_signature.tmp +TestEnableHttp2ByDefaultDefaultSlave-1/var/run/nginx_validate_signature +TestEnableHttp2ByDefaultDefaultSlave-1/var/run/nginx_validate_signature.status \ No newline at end of file diff --git a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_file_list_run-CADDY.txt b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_file_list_run-CADDY.txt index 9d4fd191db5e7d749dcf37d0d050214f003ae09e..8b00c8e4dea8a9923873497defcc6bd509d76dde 100644 --- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_file_list_run-CADDY.txt +++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_file_list_run-CADDY.txt @@ -1,8 +1,14 @@ TestEnableHttp2ByDefaultFalseSlave-0/var/run/monitor-httpd.pid TestEnableHttp2ByDefaultFalseSlave-0/var/run/monitor/monitor-bootstrap.pid -TestEnableHttp2ByDefaultFalseSlave-1/var/run/caddy_configuration.signature +TestEnableHttp2ByDefaultFalseSlave-1/var/run/caddy_graceful_signature +TestEnableHttp2ByDefaultFalseSlave-1/var/run/caddy_graceful_signature.tmp +TestEnableHttp2ByDefaultFalseSlave-1/var/run/caddy_validate_signature +TestEnableHttp2ByDefaultFalseSlave-1/var/run/caddy_validate_signature.status TestEnableHttp2ByDefaultFalseSlave-1/var/run/httpd.pid TestEnableHttp2ByDefaultFalseSlave-1/var/run/monitor-httpd.pid TestEnableHttp2ByDefaultFalseSlave-1/var/run/monitor/monitor-bootstrap.pid -TestEnableHttp2ByDefaultFalseSlave-1/var/run/ncaddy_configuration.signature -TestEnableHttp2ByDefaultFalseSlave-1/var/run/nginx.pid \ No newline at end of file +TestEnableHttp2ByDefaultFalseSlave-1/var/run/nginx.pid +TestEnableHttp2ByDefaultFalseSlave-1/var/run/nginx_graceful_signature +TestEnableHttp2ByDefaultFalseSlave-1/var/run/nginx_graceful_signature.tmp +TestEnableHttp2ByDefaultFalseSlave-1/var/run/nginx_validate_signature +TestEnableHttp2ByDefaultFalseSlave-1/var/run/nginx_validate_signature.status \ No newline at end of file diff --git a/software/caddy-frontend/test/test_data/test.TestMalformedBackenUrlSlave.test_file_list_run-CADDY.txt b/software/caddy-frontend/test/test_data/test.TestMalformedBackenUrlSlave.test_file_list_run-CADDY.txt index a6d812a828841e1fb853e6aa67ec1a7a4cc48b64..2dd96cf77a8d2d3f53b73f9e60687855c2b2bd14 100644 --- a/software/caddy-frontend/test/test_data/test.TestMalformedBackenUrlSlave.test_file_list_run-CADDY.txt +++ b/software/caddy-frontend/test/test_data/test.TestMalformedBackenUrlSlave.test_file_list_run-CADDY.txt @@ -1,8 +1,14 @@ TestMalformedBackenUrlSlave-0/var/run/monitor-httpd.pid TestMalformedBackenUrlSlave-0/var/run/monitor/monitor-bootstrap.pid -TestMalformedBackenUrlSlave-1/var/run/caddy_configuration.signature +TestMalformedBackenUrlSlave-1/var/run/caddy_graceful_signature +TestMalformedBackenUrlSlave-1/var/run/caddy_graceful_signature.tmp +TestMalformedBackenUrlSlave-1/var/run/caddy_validate_signature +TestMalformedBackenUrlSlave-1/var/run/caddy_validate_signature.status TestMalformedBackenUrlSlave-1/var/run/httpd.pid TestMalformedBackenUrlSlave-1/var/run/monitor-httpd.pid TestMalformedBackenUrlSlave-1/var/run/monitor/monitor-bootstrap.pid -TestMalformedBackenUrlSlave-1/var/run/ncaddy_configuration.signature TestMalformedBackenUrlSlave-1/var/run/nginx.pid +TestMalformedBackenUrlSlave-1/var/run/nginx_graceful_signature +TestMalformedBackenUrlSlave-1/var/run/nginx_graceful_signature.tmp +TestMalformedBackenUrlSlave-1/var/run/nginx_validate_signature +TestMalformedBackenUrlSlave-1/var/run/nginx_validate_signature.status \ No newline at end of file diff --git a/software/caddy-frontend/test/test_data/test.TestQuicEnabled.test_file_list_run-CADDY.txt b/software/caddy-frontend/test/test_data/test.TestQuicEnabled.test_file_list_run-CADDY.txt index 60062c2dc0f03c23111181e6e4da41344a459146..245dc9d43887b634fa3ffebf1d9261aa319295c0 100644 --- a/software/caddy-frontend/test/test_data/test.TestQuicEnabled.test_file_list_run-CADDY.txt +++ b/software/caddy-frontend/test/test_data/test.TestQuicEnabled.test_file_list_run-CADDY.txt @@ -1,8 +1,14 @@ TestQuicEnabled-0/var/run/monitor-httpd.pid TestQuicEnabled-0/var/run/monitor/monitor-bootstrap.pid -TestQuicEnabled-1/var/run/caddy_configuration.signature +TestQuicEnabled-1/var/run/caddy_graceful_signature +TestQuicEnabled-1/var/run/caddy_graceful_signature.tmp +TestQuicEnabled-1/var/run/caddy_validate_signature +TestQuicEnabled-1/var/run/caddy_validate_signature.status TestQuicEnabled-1/var/run/httpd.pid TestQuicEnabled-1/var/run/monitor-httpd.pid TestQuicEnabled-1/var/run/monitor/monitor-bootstrap.pid -TestQuicEnabled-1/var/run/ncaddy_configuration.signature -TestQuicEnabled-1/var/run/nginx.pid \ No newline at end of file +TestQuicEnabled-1/var/run/nginx.pid +TestQuicEnabled-1/var/run/nginx_graceful_signature +TestQuicEnabled-1/var/run/nginx_graceful_signature.tmp +TestQuicEnabled-1/var/run/nginx_validate_signature +TestQuicEnabled-1/var/run/nginx_validate_signature.status \ No newline at end of file diff --git a/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_file_list_run-CADDY.txt b/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_file_list_run-CADDY.txt index bd4a4da9a294e9730ca74f5c93244c422542be09..640f3946be1677d24bf7232f1b9b6151dfdbd021 100644 --- a/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_file_list_run-CADDY.txt +++ b/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_file_list_run-CADDY.txt @@ -1,8 +1,12 @@ TestRe6stVerificationUrlDefaultSlave-0/var/run/monitor-httpd.pid TestRe6stVerificationUrlDefaultSlave-0/var/run/monitor/monitor-bootstrap.pid -TestRe6stVerificationUrlDefaultSlave-1/var/run/caddy_configuration.signature +TestRe6stVerificationUrlDefaultSlave-1/var/run/caddy_graceful_signature +TestRe6stVerificationUrlDefaultSlave-1/var/run/caddy_graceful_signature.tmp +TestRe6stVerificationUrlDefaultSlave-1/var/run/caddy_validate_signature TestRe6stVerificationUrlDefaultSlave-1/var/run/httpd.pid TestRe6stVerificationUrlDefaultSlave-1/var/run/monitor-httpd.pid TestRe6stVerificationUrlDefaultSlave-1/var/run/monitor/monitor-bootstrap.pid -TestRe6stVerificationUrlDefaultSlave-1/var/run/ncaddy_configuration.signature -TestRe6stVerificationUrlDefaultSlave-1/var/run/nginx.pid \ No newline at end of file +TestRe6stVerificationUrlDefaultSlave-1/var/run/nginx.pid +TestRe6stVerificationUrlDefaultSlave-1/var/run/nginx_graceful_signature +TestRe6stVerificationUrlDefaultSlave-1/var/run/nginx_graceful_signature.tmp +TestRe6stVerificationUrlDefaultSlave-1/var/run/nginx_validate_signature \ No newline at end of file diff --git a/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlSlave.test_file_list_run-CADDY.txt b/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlSlave.test_file_list_run-CADDY.txt index 42d767e1b0bf1b18a194ea34c65eef410393d152..6dc365c88bc0fdd8551c4e46fefcd833771ec98a 100644 --- a/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlSlave.test_file_list_run-CADDY.txt +++ b/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlSlave.test_file_list_run-CADDY.txt @@ -1,8 +1,12 @@ TestRe6stVerificationUrlSlave-0/var/run/monitor-httpd.pid TestRe6stVerificationUrlSlave-0/var/run/monitor/monitor-bootstrap.pid -TestRe6stVerificationUrlSlave-1/var/run/caddy_configuration.signature +TestRe6stVerificationUrlSlave-1/var/run/caddy_graceful_signature +TestRe6stVerificationUrlSlave-1/var/run/caddy_graceful_signature.tmp +TestRe6stVerificationUrlSlave-1/var/run/caddy_validate_signature TestRe6stVerificationUrlSlave-1/var/run/httpd.pid TestRe6stVerificationUrlSlave-1/var/run/monitor-httpd.pid TestRe6stVerificationUrlSlave-1/var/run/monitor/monitor-bootstrap.pid -TestRe6stVerificationUrlSlave-1/var/run/ncaddy_configuration.signature -TestRe6stVerificationUrlSlave-1/var/run/nginx.pid \ No newline at end of file +TestRe6stVerificationUrlSlave-1/var/run/nginx.pid +TestRe6stVerificationUrlSlave-1/var/run/nginx_graceful_signature +TestRe6stVerificationUrlSlave-1/var/run/nginx_graceful_signature.tmp +TestRe6stVerificationUrlSlave-1/var/run/nginx_validate_signature \ No newline at end of file diff --git a/software/caddy-frontend/test/test_data/test.TestReplicateSlave.test_file_list_run-CADDY.txt b/software/caddy-frontend/test/test_data/test.TestReplicateSlave.test_file_list_run-CADDY.txt index cf16c727fd461b5bd3c69e5448b7ccae15668bdd..3bb17bc37c48a2e2aa898396694cd9076499a422 100644 --- a/software/caddy-frontend/test/test_data/test.TestReplicateSlave.test_file_list_run-CADDY.txt +++ b/software/caddy-frontend/test/test_data/test.TestReplicateSlave.test_file_list_run-CADDY.txt @@ -1,8 +1,14 @@ TestReplicateSlave-0/var/run/monitor-httpd.pid TestReplicateSlave-0/var/run/monitor/monitor-bootstrap.pid -TestReplicateSlave-1/var/run/caddy_configuration.signature +TestReplicateSlave-1/var/run/caddy_graceful_signature +TestReplicateSlave-1/var/run/caddy_graceful_signature.tmp +TestReplicateSlave-1/var/run/caddy_validate_signature +TestReplicateSlave-1/var/run/caddy_validate_signature.status TestReplicateSlave-1/var/run/httpd.pid TestReplicateSlave-1/var/run/monitor-httpd.pid TestReplicateSlave-1/var/run/monitor/monitor-bootstrap.pid -TestReplicateSlave-1/var/run/ncaddy_configuration.signature -TestReplicateSlave-1/var/run/nginx.pid \ No newline at end of file +TestReplicateSlave-1/var/run/nginx.pid +TestReplicateSlave-1/var/run/nginx_graceful_signature +TestReplicateSlave-1/var/run/nginx_graceful_signature.tmp +TestReplicateSlave-1/var/run/nginx_validate_signature +TestReplicateSlave-1/var/run/nginx_validate_signature.status \ No newline at end of file diff --git a/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_log-CADDY.txt b/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_log-CADDY.txt index c78f159514adf1ced54969d96e4d17c43a7fa06e..bb4d3f9a19bbcb8c53c12a255996124e87537318 100644 --- a/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_log-CADDY.txt +++ b/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_log-CADDY.txt @@ -27,6 +27,8 @@ TestSlave-1/var/log/httpd/_enable_cache-disable-via-header_access_log TestSlave-1/var/log/httpd/_enable_cache-disable-via-header_error_log TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify-unverified_access_log TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify-unverified_error_log +TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log +TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_error_log TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt_access_log TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt_error_log TestSlave-1/var/log/httpd/_enable_cache_access_log @@ -51,6 +53,8 @@ TestSlave-1/var/log/httpd/_server-alias_custom_domain-duplicated_error_log TestSlave-1/var/log/httpd/_server-alias_error_log TestSlave-1/var/log/httpd/_ssl-proxy-verify-unverified_access_log TestSlave-1/var/log/httpd/_ssl-proxy-verify-unverified_error_log +TestSlave-1/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log +TestSlave-1/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt-unverified_error_log TestSlave-1/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt_access_log TestSlave-1/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt_error_log TestSlave-1/var/log/httpd/_ssl_ca_crt_does_not_match_access_log @@ -67,6 +71,8 @@ TestSlave-1/var/log/httpd/_type-zope-path_access_log TestSlave-1/var/log/httpd/_type-zope-path_error_log TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify-unverified_access_log TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify-unverified_error_log +TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log +TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_error_log TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt_access_log TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt_error_log TestSlave-1/var/log/httpd/_type-zope-virtualhostroot-http-port_access_log diff --git a/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_run-CADDY.txt b/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_run-CADDY.txt index 46950716a3ba85a6f2e18b2113b37fd74c1dbbf0..7594246e003da80cc39d3bbbd918cefefe0f4b27 100644 --- a/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_run-CADDY.txt +++ b/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_run-CADDY.txt @@ -1,8 +1,14 @@ TestSlave-0/var/run/monitor-httpd.pid TestSlave-0/var/run/monitor/monitor-bootstrap.pid -TestSlave-1/var/run/caddy_configuration.signature +TestSlave-1/var/run/caddy_graceful_signature +TestSlave-1/var/run/caddy_graceful_signature.tmp +TestSlave-1/var/run/caddy_validate_signature +TestSlave-1/var/run/caddy_validate_signature.status TestSlave-1/var/run/httpd.pid TestSlave-1/var/run/monitor-httpd.pid TestSlave-1/var/run/monitor/monitor-bootstrap.pid -TestSlave-1/var/run/ncaddy_configuration.signature -TestSlave-1/var/run/nginx.pid \ No newline at end of file +TestSlave-1/var/run/nginx.pid +TestSlave-1/var/run/nginx_graceful_signature +TestSlave-1/var/run/nginx_graceful_signature.tmp +TestSlave-1/var/run/nginx_validate_signature +TestSlave-1/var/run/nginx_validate_signature.status \ No newline at end of file diff --git a/software/caddy-frontend/test/test_data/test.TestSlave.test_monitor_promise_list-CADDY.txt b/software/caddy-frontend/test/test_data/test.TestSlave.test_monitor_promise_list-CADDY.txt index e3d0e87dd86dd77354fed39fe7885baed224af93..efc3c38adbfd42195845b5ff1c821ee66c7f7aad 100644 --- a/software/caddy-frontend/test/test_data/test.TestSlave.test_monitor_promise_list-CADDY.txt +++ b/software/caddy-frontend/test/test_data/test.TestSlave.test_monitor_promise_list-CADDY.txt @@ -28,6 +28,8 @@ TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify-unverified- TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify-unverified-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-day TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-hour +TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified-error-log-last-day +TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_https-only-error-log-last-day TestSlave-1/etc/monitor-promise/check-_https-only-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_monitor-ipv4-test-error-log-last-day @@ -53,6 +55,8 @@ TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify-unverified-error-log-las TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify-unverified-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-day TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-hour +TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify_ssl_proxy_ca_crt-unverified-error-log-last-day +TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify_ssl_proxy_ca_crt-unverified-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_ssl_ca_crt_does_not_match-error-log-last-day TestSlave-1/etc/monitor-promise/check-_ssl_ca_crt_does_not_match-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_ssl_ca_crt_garbage-error-log-last-day @@ -73,6 +77,8 @@ TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify-unverified-err TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify-unverified-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-day TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-hour +TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified-error-log-last-day +TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_type-zope-virtualhostroot-http-port-error-log-last-day TestSlave-1/etc/monitor-promise/check-_type-zope-virtualhostroot-http-port-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_type-zope-virtualhostroot-https-port-error-log-last-day diff --git a/software/caddy-frontend/test/test_data/test.TestSlaveBadParameters.test_file_list_run-CADDY.txt b/software/caddy-frontend/test/test_data/test.TestSlaveBadParameters.test_file_list_run-CADDY.txt index 9218d3bf8d8ac367d123293fa86e9ddea1b84ecb..085d557fc9662a64506018a186b986636f20b604 100644 --- a/software/caddy-frontend/test/test_data/test.TestSlaveBadParameters.test_file_list_run-CADDY.txt +++ b/software/caddy-frontend/test/test_data/test.TestSlaveBadParameters.test_file_list_run-CADDY.txt @@ -1,8 +1,14 @@ TestSlaveBadParameters-0/var/run/monitor-httpd.pid TestSlaveBadParameters-0/var/run/monitor/monitor-bootstrap.pid -TestSlaveBadParameters-1/var/run/caddy_configuration.signature +TestSlaveBadParameters-1/var/run/caddy_graceful_signature +TestSlaveBadParameters-1/var/run/caddy_graceful_signature.tmp +TestSlaveBadParameters-1/var/run/caddy_validate_signature +TestSlaveBadParameters-1/var/run/caddy_validate_signature.status TestSlaveBadParameters-1/var/run/httpd.pid TestSlaveBadParameters-1/var/run/monitor-httpd.pid TestSlaveBadParameters-1/var/run/monitor/monitor-bootstrap.pid -TestSlaveBadParameters-1/var/run/ncaddy_configuration.signature -TestSlaveBadParameters-1/var/run/nginx.pid \ No newline at end of file +TestSlaveBadParameters-1/var/run/nginx.pid +TestSlaveBadParameters-1/var/run/nginx_graceful_signature +TestSlaveBadParameters-1/var/run/nginx_graceful_signature.tmp +TestSlaveBadParameters-1/var/run/nginx_validate_signature +TestSlaveBadParameters-1/var/run/nginx_validate_signature.status \ No newline at end of file diff --git a/software/caddy-frontend/test/testserver.example.com.pem b/software/caddy-frontend/test/testserver.example.com.pem deleted file mode 100644 index 0204df0624551385b68d6b338bfdd717ba09aae7..0000000000000000000000000000000000000000 --- a/software/caddy-frontend/test/testserver.example.com.pem +++ /dev/null @@ -1,47 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEogIBAAKCAQEAp0BSMfhzYo62X7FtSivZRpFn3HH5ij/fhQGla3C7gCIjsQCe -FZwYvK6i+qyGz4vC6fxj04ZHrAn6Xh3AQN/HA9OGEew0opL1tPtLoblbWTQv9gqh -nBupfPPZnvf7DOzfMKUvcl2RJAUZ9jWLGiUvYhtdCVGR9evq1z6O5ZMfoy29L1fB -Qc7k8Y6+bgunu85uVXxIxZQkb9wWY6A6B1qKLYkF3qi/6hto/XY+DEL23aBzWLuz -Zv1LmrzFarAsnc/UzsubrPaTho3EknNcfIxfNioFf0MBykEhTwZh6owh2c70ri2y -J0mg3bGMDcQyxlZrGPQVAlV9/1zrIKogrufDtQIDAQABAoIBACqXLZc+DpwNfZG2 -y/70VZsr0ggIGiTDiTcEqUxH4+eIShB7+MXF/2KlEinFn3rgu1z8gatO6Zd83v3y -k4+xrKtjxSNxRCIWTG2vBJ6FZia8LG56XJc1UB7athNOUOcEtv1bQ07bVueWSPsy -vV6GE5/nGfUSiZnXXvE7JAaARbE2vix85CEZbSqps4plw+IRla5izgk2lfGeXZO4 -tv0ci+5C+U5CbOA+i9I/m0qZBAqzBqCxiN/VRZSG6kxc0XF58NaJNCFqGUCzd+On -nLhSWxE+0+roj4BSsV8H2AHQzFy/d9eMiSoSGPLb0Sa0zvbcvf6SeknymEiTTAUK -nj94do0CgYEA0ontvQtCir443/2rkaUeXscJQO07QeGqztgSjEZj5GiT9cgBqlWQ -DsY6BoOHHMjJcWy4gEiz+whZOw87exy1ECevx5fazQzBwJvMD3qTOilOk49VzKs1 -xrOdm3Me3E3X8AT3kKxrGdT/kHWlCij/Y+SIq2+YVh6t15p9P51eY2MCgYEAy12Q -K+llzNyL/6ml7CczfjNHkUlIMXlHs+bRk1eG+clUmoIQR7bxuhM6G23auGpq58mu -KhfThEytxU1vDSsXJKueLD59pWRDvwLDlLxoXXWgkdzWRMzKkJc/vd3GTJBW2ZpX -e66TEowBJkaftVAkGnded9EoKQKbGF2+/4/chAcCgYA1/8xrJT0u6rUZti1QEMKm -WnRkI7SEJEY0ATVYpyEtzyjL7D2JG6L0NyFg1FFOL62DGviDZqJK64w/WpvN6sIB -37v0/FzRJMl5BjyjZ7PlQfz2WdgOw4bqbN0qpq8uoASXeh6pC5/4oyndOl9XKMbA -LzhiiB/RTtMVrnkbXNh9swKBgDhBZI1RHhECfVO2ySg/W9YwNz7wZ6EP7I7ObfD1 -SGg2kkm/auN7rviLMwq9Y8CZ54LA3oXUW3WAhJ1Mo0igP+Gr+7A/hSBIURk4mYO+ -bpxT2pwe28LiZ7KBtGdAPweU8gF12XdkPljmE7dT2AAe8C3GEYLRf+uARgkCfcBS -OmznAoGAFXa3/sx8uBrA4rxpE9b/nEQNr8n0NatH7tW3fry88wYBLyFYdHrAmM/p -7a1/iLFvCl3fzZdiAxPplFw6neCpxD2ghHXZjN5njevs9AECNhf5M3EraNJW3tn5 -b6+wwlbNqFm8NymFoq3Zeq8HUXPQbdUKOwSiwxQ5+5XdSsYOZoQ= ------END RSA PRIVATE KEY----- ------BEGIN CERTIFICATE----- -MIIDRTCCAi0CCQDQ1EVpyJg5UzANBgkqhkiG9w0BAQsFADBjMQswCQYDVQQGEwJB -VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0 -cyBQdHkgTHRkMRwwGgYDVQQDDBNUZXN0IFNlcnZlciBSb290IENBMB4XDTE4MDYy -NzExMjIxMloXDTI4MDYyNDExMjIxMlowZjELMAkGA1UEBhMCQVUxEzARBgNVBAgM -ClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEf -MB0GA1UEAwwWdGVzdHNlcnZlci5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAKdAUjH4c2KOtl+xbUor2UaRZ9xx+Yo/34UBpWtwu4Ai -I7EAnhWcGLyuovqshs+Lwun8Y9OGR6wJ+l4dwEDfxwPThhHsNKKS9bT7S6G5W1k0 -L/YKoZwbqXzz2Z73+wzs3zClL3JdkSQFGfY1ixolL2IbXQlRkfXr6tc+juWTH6Mt -vS9XwUHO5PGOvm4Lp7vOblV8SMWUJG/cFmOgOgdaii2JBd6ov+obaP12PgxC9t2g -c1i7s2b9S5q8xWqwLJ3P1M7Lm6z2k4aNxJJzXHyMXzYqBX9DAcpBIU8GYeqMIdnO -9K4tsidJoN2xjA3EMsZWaxj0FQJVff9c6yCqIK7nw7UCAwEAATANBgkqhkiG9w0B -AQsFAAOCAQEAtEfuCYN5xQ+xwFF4UwJtQvv+DGlxzSPZUxY4h5BH7BbyC+XVvo7l -iY0pCHI7PsZRSMK3KaUuLYll/7mNB6GCE2zocWfIZwTgoJEhw35iVj07SYIcnd5h -R1XBGEn2EQfZEkjH5kuTBUKR1EE5yJimhG89chQkP5eAWsPNUM55XmojNt5uZawb -C8bJXGtlNGSgmfXCcGBp9VW3ImEKDoyLJuBqIcBfMv/3ENnKbuTt+cLaaLWkqX48 -JSqEL41S6tU8Jmv3HrhSWmZJjCJ+gRXKANhlAOxuddTkaEnToe9G51Ekj0uRHF37 -LHdySTpMHXg1Cm4njhLqVcRoikrSkYcHPA== ------END CERTIFICATE----- diff --git a/software/caddy-frontend/test/testserver.root.ca.crt b/software/caddy-frontend/test/testserver.root.ca.crt deleted file mode 100644 index aeb3bd1bce68f5935be5a9d96379a65ec7589f1c..0000000000000000000000000000000000000000 --- a/software/caddy-frontend/test/testserver.root.ca.crt +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDmTCCAoGgAwIBAgIJAOZ30I7+VqTNMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNV -BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX -aWRnaXRzIFB0eSBMdGQxHDAaBgNVBAMME1Rlc3QgU2VydmVyIFJvb3QgQ0EwHhcN -MTgwNjI3MTExOTEzWhcNMjgwNjI0MTExOTEzWjBjMQswCQYDVQQGEwJBVTETMBEG -A1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkg -THRkMRwwGgYDVQQDDBNUZXN0IFNlcnZlciBSb290IENBMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEA6arXFNc2fl39wAgvFvB7XQILJ8xT/89n6KwvZHIs -eqptNgT7k2LCrsWDqvQS+fsAY62OSpt6gWckM2Q9toY6niXzvElj/+C3FxdEounN -dgHfG1M3imTbAPR/E2bPGUoWtod0DrHkIF3HlqvjTsKvk0t2XglbobZc3JFHzw2R -Vnh0NjGHxH5tvE0hiM2rdyMUOXJeLqz/iILqOEjBscHKUcb9rTvI08N0/FFpRtbB -JAgQeZB85ZxGqyg1pRwveG+mDALv9IImqtIpe9D/OwjOyF8MErS/Yfjqyw2eejj/ -dX9GNFnuGxlyZ7GKRncHPR2QmKrIz+1NNqsXITPs5zVo/QIDAQABo1AwTjAdBgNV -HQ4EFgQUerhRsTxEadhORRVlRtqZryF456kwHwYDVR0jBBgwFoAUerhRsTxEadhO -RRVlRtqZryF456kwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAs6Oi -CMhQ6a8bW7u8jcC7Y2/50TlviQo+IQ44wgCJrnZCHDXdMLwwm7VjiUl33Z6YjnT+ -UVzkA7O2aTHop1peR3kpJ/JP6yrGudj7gZJNLlQXEKopT0MFaZWxI80LP8gIHlsx -nzhe6Kzw8xtGiC0O4j3aJwsJp/ggaNYp37AyEA0KkGbLtA5QrpfZfvPV/zoiXQbn -HkzaYgf1VcfwjoSi4cBO0IE2iHWjGKCoo3WGCKzoyY/ldpyqFhOvAhL5FoS7hQcl -5meowzyz7OVGqvbhZgETNqFyl0la9JeMhbDG3+tHX6K5dbcOYRJUv/INO2CNnW/K -o1vE6iTVxjew2tnoMQ== ------END CERTIFICATE----- diff --git a/software/caddy-frontend/test/testserver.root.ca.key b/software/caddy-frontend/test/testserver.root.ca.key deleted file mode 100644 index 830a625c3f21d8c17c53cad3a43c9a6a3d6f700c..0000000000000000000000000000000000000000 --- a/software/caddy-frontend/test/testserver.root.ca.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEA6arXFNc2fl39wAgvFvB7XQILJ8xT/89n6KwvZHIseqptNgT7 -k2LCrsWDqvQS+fsAY62OSpt6gWckM2Q9toY6niXzvElj/+C3FxdEounNdgHfG1M3 -imTbAPR/E2bPGUoWtod0DrHkIF3HlqvjTsKvk0t2XglbobZc3JFHzw2RVnh0NjGH -xH5tvE0hiM2rdyMUOXJeLqz/iILqOEjBscHKUcb9rTvI08N0/FFpRtbBJAgQeZB8 -5ZxGqyg1pRwveG+mDALv9IImqtIpe9D/OwjOyF8MErS/Yfjqyw2eejj/dX9GNFnu -GxlyZ7GKRncHPR2QmKrIz+1NNqsXITPs5zVo/QIDAQABAoIBAQDRYTFrTlFZOJXZ -TjwL3R9dvygJ2HDoh4w/lJK++gPbQv2raxmW/ucePoR2WlDqyTyXFPys49cJP0fT -+R3HgU3jSnS2IjlGHrFRMpthNAnUlWa7EH1zOF5545w+4V/v9FCX7JZVWJfnXMEs -xQdhGtjDLtp49v+xzzw0tMXYxfqWtJBuFT2Dft60lH/kcCyD7TWQD30OyP28QuYK -Zn4uCDBCOYuHTb/eu6MLKGRkuyRbgXoCCjjziQ/u8lcUx7nPa1qTdGHAglNei5CV -nrDsaEQGd3U7jUgOpbd+a5E5UaFtR8HoBtIDQf72JTWBrKSjkmIHZsJSU8tMKZi4 -nGr7mA4hAoGBAPcGQWdAa6qZIKTwp6EDJMBbSDH70ykBFgE4nmKAlxcfPlR0CU3R -iahVvvuNyE//rPEhZBGqh8VEfZfkz1H5zLJQS5EV6ePbKYQE2q9JHugMrw8zh5MH -89NpK+O9p/3MrCPAZgWGVQ3nfLkV0WTGGiSdLFDAvBtRZeMmsi2JedTJAoGBAPIo -V1bwRzihtvZT/rc86jYvJbMR49lbal8pHsIg5FS0EAgQp4tgMnEfqI3UHvjYIUJa -CursrHOFX0hypP2DW2BxJ6yMYv/jQivyxziCSd+xrSfR0B3vjJ33ayqs3EnS4MzY -jbaWm1O2Z585ZlulqGWfhJ3m7dzeGqXmNrMWABCVAoGAYU59hQbDYrhfO5nw7mQm -nf9XORlR3N0opeJ/wZ2V5u3Px8TNxXG9ICpmyQDY32p/3ZyhprPeN777GlJvuIMG -N1eZ7NUNBUzX1cFzw4iyPAaDDyHlTe3cBnNvbo7PFhMB3DN1/Mclygxd/SqzCVdg -BPxE8Kp7budpk0ky9u0oqMECgYEAq6hPKXDQe+Oe6AToxgnnWRuY1NR0uOqlf+mN -RT29vhGaX602p4U8nJY9jLR2dB35jah4nsnBAW7k+V1TeeY4yyfLYPRvZUc67B6A -fJ1XMrwnq9d+eQoLmxr9m9XHnolfE7ba1jjyyKe/0s4Esii/M7KddrVxniTPrRSB -Z/fLefUCgYEAl2Al2BK4ZYK6HSeFxZ1kaVkcefL1QBMzgLY8LPVpReoaULdFzwat -3elM8C31FDBvIaWzJCQMIIrFEldvU4tvBF7Mbe8lDDQXotoI6zTWMnNUGV3Xd0wc -hep0oINBctav7pVJ7Mf+X0Wqfc4D40FPbMzHMUxfdKs9eo9qR/fktYI= ------END RSA PRIVATE KEY----- diff --git a/software/caddy-frontend/test/testserver.srl b/software/caddy-frontend/test/testserver.srl deleted file mode 100644 index d704ae3cf7ed490e0b93e7c8ba19cd32d323e9f4..0000000000000000000000000000000000000000 --- a/software/caddy-frontend/test/testserver.srl +++ /dev/null @@ -1 +0,0 @@ -D0D44569C8983953 diff --git a/software/caddy-frontend/test/wildcard.example.com.crt b/software/caddy-frontend/test/wildcard.example.com.crt deleted file mode 100644 index d0056bf95be257e8874152059dd3fd702cf8e4ec..0000000000000000000000000000000000000000 --- a/software/caddy-frontend/test/wildcard.example.com.crt +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDjzCCAnegAwIBAgIJAP4QzV9d5d8KMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV -BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX -aWRnaXRzIFB0eSBMdGQxFjAUBgNVBAMMDSouZXhhbXBsZS5jb20wIBcNMTgwNDE3 -MTE0MjAxWhgPMjExODAzMjQxMTQyMDFaMF0xCzAJBgNVBAYTAkFVMRMwEQYDVQQI -DApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQx -FjAUBgNVBAMMDSouZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw -ggEKAoIBAQC0MNnojTq6Yp60ecvP5lZGa6owZp64sumaT66JInTFJcSV/ls0AbPN -KPTcNRgbFLIuv/3Xhgi6YAxIz2PXdCDPj1fp4rVIijhpedaWZaIOeTqSGEg+5/iL -4UTxm166NgCU1zp0QsmU8MXJFv4YxTZsF9LlGFcP6uUQ9sY98yv+hErCxRXo+dXd -GGG4LTVLGPeRYNX2JVD5BxoNkL5/3IMylrFvI8aRFTKVn1P8UPJ5K9du3E0wHJY6 -MkstZX3xKcGKSn2w1zIaq/NcrbLXvp6eZauLtMpZ9vW+CtYV3diOm2TiMvQIyCRM -4mWbaf76bpGiz9/+11w6U9n6zMzKTq+5AgMBAAGjUDBOMB0GA1UdDgQWBBT/Kswu -BKM3GXaIWvQ8Vs1xhs/1vzAfBgNVHSMEGDAWgBT/KswuBKM3GXaIWvQ8Vs1xhs/1 -vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAeeV7VIqbNL6Xe0I5y -fl44ogBY0zoYJH+p7HCebazZKepy7f+EeWv8B3dHODrilSYCnsOqhta8mMSMrgsT -TFByr/8NN/4UFe9FeKnxD9Sun0EetESkaeMqAGCK921lT0eU4IhA0JLRj16HomuK -I/JBFwUXFn6vVypw5R41zwnikv+EB0fSC4biSXWXUarGqlRCF7o00CPKqAaTE0yX -H4Yz3lR/Vuce7uFvkIY+F4vXtq1sy/tb4QBWlDS6t7cmeBGcvaQ8mlndA9T+us0l -/wb9mzdTcwkrkM2kk++GnS0NCAQfOalF3x8wG6j8DrU2dQ1NXh205c/zo0BljQr8 -P84v ------END CERTIFICATE----- diff --git a/software/caddy-frontend/test/wildcard.example.com.key b/software/caddy-frontend/test/wildcard.example.com.key deleted file mode 100644 index 9e6cf5c0e3b468a871b5aa71262b3a5435694c1e..0000000000000000000000000000000000000000 --- a/software/caddy-frontend/test/wildcard.example.com.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC0MNnojTq6Yp60 -ecvP5lZGa6owZp64sumaT66JInTFJcSV/ls0AbPNKPTcNRgbFLIuv/3Xhgi6YAxI -z2PXdCDPj1fp4rVIijhpedaWZaIOeTqSGEg+5/iL4UTxm166NgCU1zp0QsmU8MXJ -Fv4YxTZsF9LlGFcP6uUQ9sY98yv+hErCxRXo+dXdGGG4LTVLGPeRYNX2JVD5BxoN -kL5/3IMylrFvI8aRFTKVn1P8UPJ5K9du3E0wHJY6MkstZX3xKcGKSn2w1zIaq/Nc -rbLXvp6eZauLtMpZ9vW+CtYV3diOm2TiMvQIyCRM4mWbaf76bpGiz9/+11w6U9n6 -zMzKTq+5AgMBAAECggEAR9n2+pFearYqnMK4b9Vkb7485gH1pqbJGdxON6bCs16F -Dl6X1ZwcK2H6idiuHRZamuO5//gVgOQN4fa41FAdSUbagowBR8S+C+kmlWA/h8/1 -eA4wuMzdQkH4sPMIie5Auxk72OJM6ZQ8+huuBQiW0/GICgxzowhCgUo18LwHvfwt -XWLHplRFczgM4WEu+HVx1W9y/irOhEUEzwNfXdDTVE4bnwzb24qR0CRIdp3gc8Os -JoUFMgbV3qfJLmzqURLIlVc3Y9FFbWrr5zhzTx2vvoT1j83e56qKHbKanr2R6NQZ -UOsCgDvzrc9WqKE9/hwvxvPlx/L3UWuhPMpljZ8gBQKBgQDX4Qo27l8KPk9fXA18 -SrRcAAGN+moc+Y0T9WbcbXCJLLU6TO3eJqW9H3Kwb80O/zycUBFK/dIOwZZYgsuQ -oXFG4ykSXFY/JGTEBIkvQ7LI/7t5mn0xlw3tqB7xuMO5QEyZMQFi0xP5h1B5coiO -Wv9T1xit4FHX2EN/CJLwlzzl1wKBgQDVrdvGi+j/1pGaEST1yhvrDduHrlMsF4BI -X8VaNXNXg9+GxsAA6+pRPRoHvmmz/RUr/km+JxWLHEZpFDOhIzJV4JYXv/q7KDH+ -Mjf7uyRshBnR+QU38RqkENIJhEZJSa8ZYmkgU9yCDozkfVzYKdxUy6Z0+o2Omzls -cpZP1PFE7wKBgQCGXZx0+kMPZh8TFIGURg8iYCKXkzBu3miP7qNaOYfc6YXXRsCb -D+UC5MsGxF+WoQjBphhNW9RduOJyLt6zI7kUzRjoQ66u2GEbnFMipvlln765fo3D -yugxbv3rp/uylzHV+6mIMCbzneRZ4w7ZxAu9zFihCMkIFqRUMir7MrcFuwKBgFbK -88ZF9jJU+XdXF2gu3AAx9MW77VSvhw/ets7ZfyxBCH46JKs7KEYvR291zIGrfvoL -o/B09681oPP1nLMLFNsFCnJDLJjwzr2tsEez0CuzzLkZKSF78ZJKssXi0JncMB9j -dcgHyD2bo2b79MZo2nIm9kn1q6INMtn2AVAT8pxJAoGAZfysuUMc0bdKVi41SD0A -Ej7qX+qbXX+aA4OkTqJP3QxssD6CuZZwUKW7qj8AoOcLKsmwdjetetny46OMEXzN -5Fk3ahCD1cycFGBawNY10x5Xy+4iApzPiO1Ujd3t7FAIrLPWFwzmLIL8pxUNuHEn -OC9RrI4tzsvWHhMaLKVCh0g= ------END PRIVATE KEY----- diff --git a/software/erp5testnode/buildout.hash.cfg b/software/erp5testnode/buildout.hash.cfg index b168396821b181146c888d0d00cb22f8cedfd6f2..212170ef2caf6fdfa62c0a87e1fc11adf39dc846 100644 --- a/software/erp5testnode/buildout.hash.cfg +++ b/software/erp5testnode/buildout.hash.cfg @@ -18,4 +18,4 @@ md5sum = 307663d73ef3ef94b02567ecd322252e [template-default] filename = instance-default.cfg -md5sum = d5a4270e5e7827db2e6a19d2eedb570b +md5sum = ff368286a75243d0536ee6a974107b6f diff --git a/software/erp5testnode/instance-default.cfg b/software/erp5testnode/instance-default.cfg index b93ed1c29aa2fa3d6e630d039575466b4f4ebe17..fa2673c04ee05ba323859a3894820dd3b7d3cb38 100644 --- a/software/erp5testnode/instance-default.cfg +++ b/software/erp5testnode/instance-default.cfg @@ -85,8 +85,6 @@ rendered = $${basedirectory:services}/shellinaboxd template = inline: #!/bin/sh exec ${shellinabox:location}/bin/shellinaboxd \ - --disable-ssl \ - --disable-ssl-menu \ --unixdomain-only=$${:socket}:$(id -u):$(id -g):0600 \ --service "/:$(id -u):$(id -g):HOME:$${shell-environment:shell} -l" diff --git a/software/erp5testnode/testsuite/caddy-frontend/buildout.hash.cfg b/software/erp5testnode/testsuite/caddy-frontend/buildout.hash.cfg index 695cc710761fed9b8cf857abd70c0946545f8949..40284cf2adc38cf8b7add6ee4cb1462c303b7e71 100644 --- a/software/erp5testnode/testsuite/caddy-frontend/buildout.hash.cfg +++ b/software/erp5testnode/testsuite/caddy-frontend/buildout.hash.cfg @@ -15,4 +15,4 @@ [template] filename = instance.cfg -md5sum = a345d46655c3e841c2ecf4e3a0446c8f +md5sum = d8d9e9a4bd00ccba2c448bb9d5d6aeae diff --git a/software/erp5testnode/testsuite/caddy-frontend/instance.cfg b/software/erp5testnode/testsuite/caddy-frontend/instance.cfg index 6ce09e07256c2181989e295827098b682430a05f..3a4b96da49e2de46483e997a9546e95dc2bc07f9 100644 --- a/software/erp5testnode/testsuite/caddy-frontend/instance.cfg +++ b/software/erp5testnode/testsuite/caddy-frontend/instance.cfg @@ -37,7 +37,7 @@ command-line = # XXX slapos.cookbook:wrapper does not allow extending env, so we add some default $PATH entries ( not sure they are needed ) environment = - PATH=${curl:location}/bin/:${openssl:location}/bin/:/usr/bin/:/bin + PATH=${quic_client-bin:location}:${curl:location}/bin/:/usr/bin/:/bin LOCAL_IPV4=$${slap-configuration:ipv4-random} GLOBAL_IPV6=$${slap-configuration:ipv6-random} SLAPOS_TEST_WORKING_DIR=$${create-directory:working-dir} diff --git a/software/erp5testnode/testsuite/caddy-frontend/software.cfg b/software/erp5testnode/testsuite/caddy-frontend/software.cfg index 60cab619d3ef57e3cb1664565c7e2835fcb77f01..01edc61842d87bba5564ff4a55ccc74293b8bfb7 100644 --- a/software/erp5testnode/testsuite/caddy-frontend/software.cfg +++ b/software/erp5testnode/testsuite/caddy-frontend/software.cfg @@ -3,7 +3,9 @@ extends = ../../../../component/git/buildout.cfg ../../../../component/curl/buildout.cfg + ../../../../component/python-cryptography/buildout.cfg ../../../../stack/slapos.cfg + ../../../../component/quic_client-bin/buildout.cfg ./buildout.hash.cfg parts = @@ -30,6 +32,7 @@ recipe = zc.recipe.egg eggs = ${slapos.test.caddy-frontend-setup:egg} ${erp5.util-setup:egg} + ${python-cryptography:egg} slapos.core entry-points = runTestSuite=erp5.util.testsuite:runTestSuite diff --git a/software/erp5testnode/testsuite/seleniumrunner/README.md b/software/erp5testnode/testsuite/seleniumrunner/README.md deleted file mode 100644 index 63fb9fb5663570a998a39eca4cac886ce8a19ac7..0000000000000000000000000000000000000000 --- a/software/erp5testnode/testsuite/seleniumrunner/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# Selenium Server test - -This software release is simply to run the test suite from `../seleniumrunner/test/setup.py` - -Nexedi staff can see the results of this test from the test suite -`SLAPOS-SELENIUMRUNNER-TEST` in test result module. - diff --git a/software/erp5testnode/testsuite/seleniumserver/README.md b/software/erp5testnode/testsuite/seleniumserver/README.md new file mode 100644 index 0000000000000000000000000000000000000000..9065482d8b23c38d61339637ed5586ac52117d21 --- /dev/null +++ b/software/erp5testnode/testsuite/seleniumserver/README.md @@ -0,0 +1,7 @@ +# Selenium Server test + +This software release is simply to run the test suite from `../../seleniumserver/test/setup.py` + +Nexedi staff can see the results of this test from the test suite +`SLAPOS-SELENIUMSERVER-TEST` in test result module. + diff --git a/software/erp5testnode/testsuite/seleniumrunner/buildout.hash.cfg b/software/erp5testnode/testsuite/seleniumserver/buildout.hash.cfg similarity index 94% rename from software/erp5testnode/testsuite/seleniumrunner/buildout.hash.cfg rename to software/erp5testnode/testsuite/seleniumserver/buildout.hash.cfg index 85487dfcc24d59309dcbd55503bb6f6e42e8e331..de115e5fdf88739a1fccce50e66b84256d951c12 100644 --- a/software/erp5testnode/testsuite/seleniumrunner/buildout.hash.cfg +++ b/software/erp5testnode/testsuite/seleniumserver/buildout.hash.cfg @@ -15,5 +15,5 @@ [template] filename = instance.cfg.in -md5sum = 7e75c9eccb580f278da1784941363432 +md5sum = 3019fd19f6623cca92741582b265a1da diff --git a/software/erp5testnode/testsuite/seleniumrunner/instance.cfg.in b/software/erp5testnode/testsuite/seleniumserver/instance.cfg.in similarity index 94% rename from software/erp5testnode/testsuite/seleniumrunner/instance.cfg.in rename to software/erp5testnode/testsuite/seleniumserver/instance.cfg.in index a24906fc0df7c3927864533601e1b256311dcd81..18e8af2498ce1ef08a777a799904cb5996e962db 100644 --- a/software/erp5testnode/testsuite/seleniumrunner/instance.cfg.in +++ b/software/erp5testnode/testsuite/seleniumserver/instance.cfg.in @@ -33,7 +33,7 @@ wrapper-path = $${create-directory:bin}/runTestSuite command-line = ${buildout:bin-directory}/runTestSuite --python_interpreter=${buildout:bin-directory}/${eggs:interpreter} - --source_code_path_list=$${slapos:location}/software/seleniumrunner/test + --source_code_path_list=$${slapos:location}/software/seleniumserver/test # XXX we need "standard" path entries to compile softwares inside test diff --git a/software/erp5testnode/testsuite/seleniumrunner/software.cfg b/software/erp5testnode/testsuite/seleniumserver/software.cfg similarity index 86% rename from software/erp5testnode/testsuite/seleniumrunner/software.cfg rename to software/erp5testnode/testsuite/seleniumserver/software.cfg index 98c0d1f2dad372c236d479f65a352243437df92e..fb853f614735aad21770a71ed8dd43e2afd256a2 100644 --- a/software/erp5testnode/testsuite/seleniumrunner/software.cfg +++ b/software/erp5testnode/testsuite/seleniumserver/software.cfg @@ -16,10 +16,10 @@ parts = [setup-develop-egg] recipe = zc.recipe.egg:develop -[slapos.test.seleniumrunner-setup] +[slapos.test.seleniumserver-setup] <= setup-develop-egg -egg = slapos.test.seleniumrunner -setup = ${slapos-repository:location}/software/seleniumrunner/test/ +egg = slapos.test.seleniumserver +setup = ${slapos-repository:location}/software/seleniumserver/test/ [eggs] recipe = zc.recipe.egg @@ -27,7 +27,7 @@ eggs = ${pillow-python:egg} ${python-pynacl:egg} ${bcrypt:egg} - ${slapos.test.seleniumrunner-setup:egg} + ${slapos.test.seleniumserver-setup:egg} slapos.core entry-points = runTestSuite=erp5.util.testsuite:runTestSuite diff --git a/software/gitlab/gitlab-parameters.cfg b/software/gitlab/gitlab-parameters.cfg index 537cee6ee09abecbdfdb1510d1de3199633fe0ea..8abf419e74547dcf8e95b5eea72c66381fa6d432 100644 --- a/software/gitlab/gitlab-parameters.cfg +++ b/software/gitlab/gitlab-parameters.cfg @@ -101,7 +101,7 @@ configuration.nginx_gzip_comp_level = 2 configuration.nginx_gzip_proxied = any configuration.nginx_gzip_types = text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/json configuration.nginx_keepalive_timeout = 65 -configuration.nginx_header_allow_origin = * +configuration.nginx_header_allow_origin = $http_origin # configuring trusted proxies # GitLab is behind a reverse proxy, so we don't want the IP address of the proxy diff --git a/software/gitlab/software.cfg b/software/gitlab/software.cfg index 76bd68b729cd35c639ac88b710cd854fd760c6d4..f2226e9a562a543db64e0c2cf484328f617b9f86 100644 --- a/software/gitlab/software.cfg +++ b/software/gitlab/software.cfg @@ -293,7 +293,7 @@ md5sum = 7782f5c5d75663c2586e28d029c51e49 [gitlab-parameters.cfg] <= download-file -md5sum = dec5d989e2d969369bd1eaffcbfb78d6 +md5sum = 8f4537cb8a0c9a8e0058c30cb687681c [gitlab-shell-config.yml.in] <= download-template @@ -325,7 +325,7 @@ md5sum = a56a44e96f65f5ed20211bb6a54279f4 [nginx-gitlab-http.conf.in] <= download-template -md5sum = 697140d980c75ddc1dd0a656b1c88447 +md5sum = abcc5eda03e10b26c74619f299a7f6a8 [nginx.conf.in] <= download-template @@ -345,7 +345,7 @@ md5sum = 4e1ced687a86e4cfff2dde91237e3942 [template-gitlab-resiliency-restore.sh.in] <= download-template -md5sum = 420d999daae050351a51487b9d2f8fe0 +md5sum = 590fcadf26085fdd17487175bc0a469d [unicorn.rb.in] <= download-template diff --git a/software/gitlab/template/nginx-gitlab-http.conf.in b/software/gitlab/template/nginx-gitlab-http.conf.in index 525f99d689e81416c38dc833f0252a5eee3f8945..3ac1a94276544d9c5d5141cb3dd53720f525ea08 100644 --- a/software/gitlab/template/nginx-gitlab-http.conf.in +++ b/software/gitlab/template/nginx-gitlab-http.conf.in @@ -120,6 +120,7 @@ server { location {{ path }} { # Set CORS header add_header 'Access-Control-Allow-Origin' {{ cfg('nginx_header_allow_origin') }}; + add_header 'Access-Control-Allow-Credentials' true; ## If you use HTTPS make sure you disable gzip compression ## to be safe against BREACH attack. {{ 'gzip off;' if cfg_https else ''}} diff --git a/software/gitlab/template/template-gitlab-resiliency-restore.sh.in b/software/gitlab/template/template-gitlab-resiliency-restore.sh.in index f81bc874aeb12877b6d5a856d4a1b7518b33a4ef..3675ca75775dc7a0ad6f9940443097dfb58a74d5 100644 --- a/software/gitlab/template/template-gitlab-resiliency-restore.sh.in +++ b/software/gitlab/template/template-gitlab-resiliency-restore.sh.in @@ -69,7 +69,7 @@ trap "echo 'kill $postgres_pid" EXIT TERM INT echo "Starting Redis server..." $redis_executable & redis_pid=$! -trap "kill $redis_pid" EXIT TERM INT +trap "kill $postgres_pid $redis_pid" EXIT TERM INT echo "[OK]" echo "Restoring gitlab data..." @@ -86,11 +86,11 @@ $promise_check/gitlab-app echo "Starting Unicorn to check gitlab-shell promise..." $unicorn_script & unicorn_pid=$! -trap "kill $unicorn_pid" EXIT TERM INT +trap "kill $postgres_pid $redis_pid $unicorn_pid" EXIT TERM INT sleep 60 if [ -s "$run_location/unicorn.pid" ]; then unicorn_ppid=$(head -n 1 $run_location/unicorn.pid) > /dev/null 2>&1 - trap "kill $unicorn_ppid" EXIT TERM INT + trap "kill $postgres_pid $redis_pid $unicorn_ppid" EXIT TERM INT fi $promise_check/gitlab-shell diff --git a/software/kvm/instance-kvm-cluster.cfg.jinja2.in b/software/kvm/instance-kvm-cluster.cfg.jinja2.in index 59245cd36f93adde65905698e06f73e636491968..7b2e3eb6a3e2219eae6e52a34da88bdd6f34ef46 100644 --- a/software/kvm/instance-kvm-cluster.cfg.jinja2.in +++ b/software/kvm/instance-kvm-cluster.cfg.jinja2.in @@ -136,7 +136,7 @@ return = {% if str(kvm_parameter_dict.get('use-tap', 'True')).lower() == 'true' -%} {{ ' ' }}tap-ipv4 -{% do publish_dict.__setitem__('lan-' ~ instance_name, '${' ~ section ~ ':connection-tap-ipv4}') -%} +{% do publish_dict.__setitem__(instance_name ~ '-lan', '${' ~ section ~ ':connection-tap-ipv4}') -%} {% do kvm_hostname_list.append(instance_name ~ ' ' ~ '${' ~ section ~ ':connection-tap-ipv4}') -%} {% endif -%} {% do monitor_base_url_dict.__setitem__(instance_name, '${' ~ section ~ ':connection-monitor-base-url}') -%} diff --git a/software/kvm/instance-kvm-export.cfg.jinja2 b/software/kvm/instance-kvm-export.cfg.jinja2 index f433b120152e08441d6274127782341365ff5f76..dd8a099e58d0a73bfb70d32c68eb905de23ce1b3 100644 --- a/software/kvm/instance-kvm-export.cfg.jinja2 +++ b/software/kvm/instance-kvm-export.cfg.jinja2 @@ -7,12 +7,15 @@ parts += cron-entry-backup certificate-authority + certificate-authority-service publish-connection-information kvm-vnc-promise kvm-disk-image-corruption-promise websockify-sighandler + websockify-sighandler-service novnc-promise cron + cron-service frontend-promise # monitor parts monitor-base diff --git a/software/kvm/instance-kvm.cfg.jinja2 b/software/kvm/instance-kvm.cfg.jinja2 index 3cfed1e13c000e9c8bed1a8f4e55f3769a14edef..ff0b3c59fb80a9045cd3fd8ee5b70045c3d11163 100644 --- a/software/kvm/instance-kvm.cfg.jinja2 +++ b/software/kvm/instance-kvm.cfg.jinja2 @@ -184,8 +184,13 @@ hash-files = ${buildout:directory}/software_release/buildout.cfg {% if use_nat == 'true' and nat_rule_list -%} {% for port in nat_rule_list.split(' ') -%} +{% if ':' in port -%} +{% set proto, port = port.split(':') -%} +{% else -%} +{% set proto, port = 'tcp', port -%} +{% endif -%} {% set external_port = 10000 + port|int() -%} -{% set section_name = '6tunnel-' ~ external_port -%} +{% set section_name = '6tunnel-' ~ proto ~ '-' ~ external_port -%} [{{ section_name }}] <= tunnel-6to4-base ipv4-port = {{ external_port }} @@ -419,8 +424,13 @@ maximum-extra-disk-amount = {{ disk_number }} {% if nat_rule_list -%} # Publish NAT port mapping status {% for port in nat_rule_list.split(' ') -%} +{% if ':' in port -%} +{% set proto, port = port.split(':') -%} +{% else -%} +{% set proto, port = 'tcp', port -%} +{% endif -%} {% set external_port = 10000 + port|int() -%} -nat-rule-port-{{port}} = ${slap-network-information:global-ipv6} : ${6tunnel-{{external_port}}:ipv6-port} +nat-rule-port-{{proto}}-{{port}} = ${slap-network-information:global-ipv6} : ${6tunnel-{{proto}}-{{external_port}}:ipv6-port} {% if slapparameter_dict.get('publish-nat-url', False) -%} nat-rule-url-{{port}} = [${slap-network-information:global-ipv6}]:${6tunnel-{{external_port}}:ipv6-port} {% endif -%} diff --git a/software/kvm/software.cfg b/software/kvm/software.cfg index 04c8d502e5726d5b1a2d41fb17f4615c3191bc98..b51e2e89467cf112c5c6b4d66e8e6522cbf6aaed 100644 --- a/software/kvm/software.cfg +++ b/software/kvm/software.cfg @@ -99,7 +99,7 @@ recipe = hexagonit.recipe.download ignore-existing = true url = ${:_profile_base_location_}/instance-kvm.cfg.jinja2 mode = 644 -md5sum = 149df1bc788ce68c86a5fda4872e008e +md5sum = 0668791e78430bafdec5300b4ea8d90a download-only = true on-update = true @@ -108,7 +108,7 @@ recipe = hexagonit.recipe.download ignore-existing = true url = ${:_profile_base_location_}/instance-kvm-cluster.cfg.jinja2.in mode = 644 -md5sum = fa40e4729c27236c655f66966e43becf +md5sum = 1282296397d445ccae59e6de7915840c download-only = true on-update = true @@ -144,7 +144,7 @@ recipe = hexagonit.recipe.download ignore-existing = true url = ${:_profile_base_location_}/instance-kvm-export.cfg.jinja2 mode = 644 -md5sum = fbad91193be6ebde5fc4c05a38a55e7b +md5sum = 00ce5e6da3c833d9d9d1825311f11a81 download-only = true on-update = true diff --git a/software/plantuml/software.cfg b/software/plantuml/software.cfg index 46fe92a823b3521f02242ad16711015b2bd15635..8809dd3ede860bb4fe24140628626f7d010d8a04 100644 --- a/software/plantuml/software.cfg +++ b/software/plantuml/software.cfg @@ -31,9 +31,8 @@ output = ${buildout:directory}/${:_buildout_section_name_} [plantuml.war] recipe = slapos.recipe.build:download -# XXX the war from sourceforge has no version in URL -url = https://netcologne.dl.sourceforge.net/project/plantuml/plantuml.war#2018-10-21 -md5sum = f956cd28b18ec34740bb1757276f9641 +url = https://downloads.sourceforge.net/project/plantuml/1.2018.13/plantuml.1.2018.13.war +md5sum = cda05c8163237de039d777c197b3d282 [versions] slapos.recipe.template = 4.3 diff --git a/software/seleniumrunner/buildout.hash.cfg b/software/seleniumrunner/buildout.hash.cfg index 8fd7aa08bc9dcd29cb892325d09a39c7d515e514..e5cca69f629f814b2999a9d9158eeadb27a0318d 100644 --- a/software/seleniumrunner/buildout.hash.cfg +++ b/software/seleniumrunner/buildout.hash.cfg @@ -15,8 +15,4 @@ [template] filename = instance.cfg.in -md5sum = c4ac5de141ae6a64848309af03e51d88 - -[template-selenium] -filename = instance-selenium.cfg.in -md5sum = 4167621b473f81892d38389ac427c6ba +md5sum = 1f31a063c79e19243dcc5508e08a6ae5 diff --git a/software/seleniumrunner/instance.cfg.in b/software/seleniumrunner/instance.cfg.in index a672b5b982ddfa45925fd27818b688c1d67086f1..a63ec2fbc197525eabeba47f2df7d12d8e7a7804 100644 --- a/software/seleniumrunner/instance.cfg.in +++ b/software/seleniumrunner/instance.cfg.in @@ -1,20 +1,9 @@ [buildout] parts = - switch-softwaretype +# this sofware has no instance, it's only intended to make programs +# available for erp5testnode from its software. eggs-directory = ${buildout:eggs-directory} develop-eggs-directory = ${buildout:develop-eggs-directory} offline = true -[switch-softwaretype] -recipe = slapos.cookbook:softwaretype -default = ${template-selenium:output} - -[slap-connection] -# part to migrate to new - separated words -computer-id = $${slap_connection:computer_id} -partition-id = $${slap_connection:partition_id} -server-url = $${slap_connection:server_url} -software-release-url = $${slap_connection:software_release_url} -key-file = $${slap_connection:key_file} -cert-file = $${slap_connection:cert_file} diff --git a/software/seleniumrunner/software.cfg b/software/seleniumrunner/software.cfg index a368d89c64a71e39d25d29261aad56b0b62a08a8..82c9345b6baffd7d082bf6e9cd555efd108d49f5 100644 --- a/software/seleniumrunner/software.cfg +++ b/software/seleniumrunner/software.cfg @@ -1,38 +1,25 @@ -# Selenium server -# https://seleniumhq.github.io/docs/grid.html +# Selenium runner, helper software for erp5testnode. +# +# Seleniumrunner responsability is to install Xvfb as +# ${buildout:parts-directory}/xserver/bin/Xvfb, a default firefox as +# ${buildout:bin-directory}/firefox and a geckodriver as +# ${buildout:bin-directory}/geckodriver聽for erp5testnode. [buildout] extends = ../../component/xorg/buildout.cfg - ../../component/lxml-python/buildout.cfg ../../component/firefox/buildout.cfg - ../../component/chromium/buildout.cfg - ../../component/chromedriver/buildout.cfg ../../component/coreutils/buildout.cfg - ../../component/java/buildout.cfg - ../../component/caddy/buildout.cfg - ../../component/openssh/buildout.cfg ../../stack/slapos.cfg ./buildout.hash.cfg parts = slapos-cookbook template + xserver firefox-wrapper geckodriver -# seleniumserver needs to install a default firefox as ${buildout:bin-directory}/firefox and -# a geckodriver as ${buildout:bin-directory}/geckodriver聽for erp5testnode -[instance-recipe] -egg = slapos.cookbook -module = seleniumrunner - -[selenium-server] -recipe = slapos.recipe.build:download -version = 3.14.0 -md5sum = 376450bd517510442b60018646deadfe -filename = selenium-server-standalone-${:version}.jar -url = https://selenium-release.storage.googleapis.com/3.14/${:filename} [macro-template] recipe = slapos.recipe.template @@ -43,10 +30,6 @@ mode = 0644 <= macro-template output = ${buildout:directory}/template.cfg -[template-selenium] -<= macro-template -output = ${buildout:directory}/template-selenium.cfg - [versions] plone.recipe.command = 1.1 slapos.recipe.template = 4.3 diff --git a/software/seleniumrunner/test/README.md b/software/seleniumrunner/test/README.md deleted file mode 100644 index 6dade517327d7b58f83fdeccbabc2dc1b820685f..0000000000000000000000000000000000000000 --- a/software/seleniumrunner/test/README.md +++ /dev/null @@ -1 +0,0 @@ -Tests for SeleniumRunner software release diff --git a/software/seleniumserver/buildout.hash.cfg b/software/seleniumserver/buildout.hash.cfg new file mode 100644 index 0000000000000000000000000000000000000000..8fd7aa08bc9dcd29cb892325d09a39c7d515e514 --- /dev/null +++ b/software/seleniumserver/buildout.hash.cfg @@ -0,0 +1,22 @@ +# THIS IS NOT A BUILDOUT FILE, despite purposedly using a compatible syntax. +# The only allowed lines here are (regexes): +# - "^#" comments, copied verbatim +# - "^[" section beginings, copied verbatim +# - lines containing an "=" sign which must fit in the following categorie. +# - "^\s*filename\s*=\s*path\s*$" where "path" is relative to this file +# Copied verbatim. +# - "^\s*hashtype\s*=.*" where "hashtype" is one of the values supported +# by the re-generation script. +# Re-generated. +# - other lines are copied verbatim +# Substitution (${...:...}), extension ([buildout] extends = ...) and +# section inheritance (< = ...) are NOT supported (but you should really +# not need these here). + +[template] +filename = instance.cfg.in +md5sum = c4ac5de141ae6a64848309af03e51d88 + +[template-selenium] +filename = instance-selenium.cfg.in +md5sum = 4167621b473f81892d38389ac427c6ba diff --git a/software/seleniumrunner/instance-selenium.cfg.in b/software/seleniumserver/instance-selenium.cfg.in similarity index 100% rename from software/seleniumrunner/instance-selenium.cfg.in rename to software/seleniumserver/instance-selenium.cfg.in diff --git a/software/seleniumserver/instance.cfg.in b/software/seleniumserver/instance.cfg.in new file mode 100644 index 0000000000000000000000000000000000000000..a672b5b982ddfa45925fd27818b688c1d67086f1 --- /dev/null +++ b/software/seleniumserver/instance.cfg.in @@ -0,0 +1,20 @@ +[buildout] +parts = + switch-softwaretype + +eggs-directory = ${buildout:eggs-directory} +develop-eggs-directory = ${buildout:develop-eggs-directory} +offline = true + +[switch-softwaretype] +recipe = slapos.cookbook:softwaretype +default = ${template-selenium:output} + +[slap-connection] +# part to migrate to new - separated words +computer-id = $${slap_connection:computer_id} +partition-id = $${slap_connection:partition_id} +server-url = $${slap_connection:server_url} +software-release-url = $${slap_connection:software_release_url} +key-file = $${slap_connection:key_file} +cert-file = $${slap_connection:cert_file} diff --git a/software/seleniumserver/software.cfg b/software/seleniumserver/software.cfg new file mode 100644 index 0000000000000000000000000000000000000000..e59c7e3834f57084fe571f7e81f20187f03629c8 --- /dev/null +++ b/software/seleniumserver/software.cfg @@ -0,0 +1,44 @@ +# Selenium server +# https://seleniumhq.github.io/docs/grid.html + +[buildout] +extends = + ../../component/xorg/buildout.cfg + ../../component/lxml-python/buildout.cfg + ../../component/firefox/buildout.cfg + ../../component/chromium/buildout.cfg + ../../component/chromedriver/buildout.cfg + ../../component/coreutils/buildout.cfg + ../../component/java/buildout.cfg + ../../component/caddy/buildout.cfg + ../../component/openssh/buildout.cfg + ../../stack/slapos.cfg + ./buildout.hash.cfg + +parts = + slapos-cookbook + template + +[selenium-server] +recipe = slapos.recipe.build:download +version = 3.14.0 +md5sum = 376450bd517510442b60018646deadfe +filename = selenium-server-standalone-${:version}.jar +url = https://selenium-release.storage.googleapis.com/3.14/${:filename} + +[macro-template] +recipe = slapos.recipe.template +url = ${:_profile_base_location_}/${:filename} +mode = 0644 + +[template] +<= macro-template +output = ${buildout:directory}/template.cfg + +[template-selenium] +<= macro-template +output = ${buildout:directory}/template-selenium.cfg + +[versions] +plone.recipe.command = 1.1 +slapos.recipe.template = 4.3 diff --git a/software/seleniumserver/test/README.md b/software/seleniumserver/test/README.md new file mode 100644 index 0000000000000000000000000000000000000000..bb969a2f6934fceb0a3d38c1ac4e65bc27d45354 --- /dev/null +++ b/software/seleniumserver/test/README.md @@ -0,0 +1 @@ +Tests for SeleniumServer software release diff --git a/software/seleniumrunner/test/setup.py b/software/seleniumserver/test/setup.py similarity index 95% rename from software/seleniumrunner/test/setup.py rename to software/seleniumserver/test/setup.py index 1bba558eb7a1be064a0268c0114904e4be39c4cf..53f5b09d1621bbfee82bb052dd30c058816ef66e 100644 --- a/software/seleniumrunner/test/setup.py +++ b/software/seleniumserver/test/setup.py @@ -27,12 +27,12 @@ from setuptools import setup, find_packages version = '0.0.1.dev0' -name = 'slapos.test.seleniumrunner' +name = 'slapos.test.seleniumserver' long_description = open("README.md").read() setup(name=name, version=version, - description="Test for SlapOS' Seleniumrunner", + description="Test for SlapOS' Selenium Server", long_description=long_description, long_description_content_type='text/markdown', maintainer="Nexedi", diff --git a/software/seleniumrunner/test/test.py b/software/seleniumserver/test/test.py similarity index 100% rename from software/seleniumrunner/test/test.py rename to software/seleniumserver/test/test.py diff --git a/software/seleniumrunner/test/utils.py b/software/seleniumserver/test/utils.py similarity index 100% rename from software/seleniumrunner/test/utils.py rename to software/seleniumserver/test/utils.py diff --git a/software/slapos-master/buildout.hash.cfg b/software/slapos-master/buildout.hash.cfg index 48bdc6727f35e87f828c3b8fecb9e1194eb9302b..ee9c285b1a866f4f5e088649a5ee1926e3877f66 100644 --- a/software/slapos-master/buildout.hash.cfg +++ b/software/slapos-master/buildout.hash.cfg @@ -14,11 +14,11 @@ # not need these here). [template-erp5] filename = instance-erp5.cfg.in -md5sum = 6dfda47ff95a3fa768382d8002c8a780 +md5sum = a617197b7be3cc40d97a97c75f923a48 [template-balancer] filename = instance-balancer.cfg.in -md5sum = 3c7afbf160b943d2a10f527722792a23 +md5sum = 0f0ff00eca0b2ba1f1626b6415acb719 [template-apache-backend-conf] filename = apache-backend.conf.in diff --git a/software/slapos-master/instance-balancer.cfg.in b/software/slapos-master/instance-balancer.cfg.in index 3686c549b831b3b850d71c759fd0af578bf4ab83..6b7efc28bd149308bb76c3175bd25c924944b725 100644 --- a/software/slapos-master/instance-balancer.cfg.in +++ b/software/slapos-master/instance-balancer.cfg.in @@ -3,7 +3,7 @@ {% set caucase_url = slapparameter_dict.get('caucase-url', '') -%} {% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%} {% set use_ipv6 = slapparameter_dict.get('use-ipv6', False) -%} -{% set shared_ca_path = slapparameter_dict['shared-certificate-authority-path'] -%} +{% set shared_ca_path = slapparameter_dict.get('shared-certificate-authority-path') -%} {# XXX: This template only supports exactly one IPv4 and (if ipv6 is used) one IPv6 per partition. No more (undefined result), no less (IndexError). @@ -104,6 +104,7 @@ ipv4 = {{ ipv4 }} {% for family_name, parameter_id_list in sorted( slapparameter_dict['zope-family-dict'].iteritems()) -%} {% set zope_family_address_list = [] -%} +{% set ssl_authentication = slapparameter_dict['ssl-authentication-dict'].get(family_name, False) -%} {% set has_webdav = [] -%} {% for parameter_id in parameter_id_list -%} {% set zope_address_list = slapparameter_dict[parameter_id] -%} @@ -130,7 +131,7 @@ ipv6 = {{ zope_address.split(']:')[0][1:] }} {% set test_runner_apache_url_list = [] %} {% set test_runner_external_port = next_port() %} {% for i, (test_runner_internal_ip, test_runner_internal_port) in - enumerate(slapparameter_dict[parameter_id ~ '-test-runner-address-list']) %} + enumerate(slapparameter_dict.get(parameter_id ~ '-test-runner-address-list', [])) %} {% do test_runner_backend_mapping.__setitem__( 'unit_test_' ~ i, 'http://' ~ test_runner_internal_ip ~ ':' ~ test_runner_internal_port ) %} @@ -162,7 +163,6 @@ ipv6 = {{ zope_address.split(']:')[0][1:] }} {% set internal_scheme = 'http' -%} {% set external_scheme = 'https' -%} {% endif -%} -{% set ssl_authentication = slapparameter_dict['ssl-authentication-dict'].get(family_name, False) -%} {% do apache_dict.__setitem__(family_name, (next_port(), external_scheme, internal_scheme ~ '://' ~ ipv4 ~ ':' ~ haproxy_port ~ backend_path, ssl_authentication)) -%} {% endfor -%} @@ -330,6 +330,12 @@ newcerts = ${:ca-dir}/newcerts crl = ${:ca-dir}/crl apachedex = ${monitor-directory:private}/apachedex +[{{ section('resiliency-exclude-file') }}] +# Generate rdiff exclude file in case of resiliency +< = jinja2-template-base +template = {{ 'inline:{{ "${directory:log}/**\\n" }}' }} +rendered = ${directory:srv}/exporter.exclude + [{{ section('monitor-generate-apachedex-report') }}] recipe = slapos.cookbook:cron.d cron-entries = ${cron:cron-entries} diff --git a/software/slapos-master/instance-erp5.cfg.in b/software/slapos-master/instance-erp5.cfg.in index 2350cf65b1934ddb4e5452836da23d92b9188c73..306443ddc9c7400c333ee45980d2bcb650300a71 100644 --- a/software/slapos-master/instance-erp5.cfg.in +++ b/software/slapos-master/instance-erp5.cfg.in @@ -195,7 +195,9 @@ config-longrequest-logger-timeout = {{ dumps(zope_parameter_dict.get('longreques config-large-file-threshold = {{ dumps(zope_parameter_dict.get('large-file-threshold', "10MB")) }} config-port-base = {{ dumps(zope_parameter_dict.get('port-base', 2200)) }} config-webdav = {{ dumps(zope_parameter_dict.get('webdav', False)) }} +{% if test_runner_enabled -%} config-test-runner-apache-url-list = ${publish-early:{{ zope_family }}-test-runner-url-list} +{% endif -%} {% endfor -%} {# if not explicitly configured, connect jupyter to first zope family, which -#} @@ -365,9 +367,11 @@ hosts-dict = {{ '${' ~ zope_address_list_id_dict.keys()[0] ~ ':connection-hosts- {% for name, value in publish_dict.items() -%} {{ name }} = {{ value }} {% endfor -%} -{% for zope_family_name in zope_family_name_list -%} +{% if test_runner_enabled -%} +{% for zope_family_name in zope_family_name_list -%} {{ zope_family_name }}-test-runner-url-list = ${request-balancer:connection-{{ zope_family_name }}-test-runner-url-list} -{% endfor -%} +{% endfor -%} +{% endif -%} [publish-early] @@ -378,9 +382,11 @@ recipe = slapos.cookbook:publish-early {%- if has_posftix %} smtpd-sasl-password gen-smtpd-sasl-password:passwd {%- endif %} -{% for zope_family_name in zope_family_name_list %} +{% if test_runner_enabled -%} +{% for zope_family_name in zope_family_name_list %} {{ zope_family_name }}-test-runner-url-list default-balancer-test-runner-url-list:default -{% endfor -%} +{% endfor -%} +{% endif -%} {%- if neo %} neo-cluster gen-neo-cluster:name {%- if neo[0] %} diff --git a/software/slapos-testing/software.cfg b/software/slapos-testing/software.cfg index 20660fde7317d887a351d2e4d373da09a326c480..a98ac097f9eff5390649cb177f21c686193c9ad5 100644 --- a/software/slapos-testing/software.cfg +++ b/software/slapos-testing/software.cfg @@ -38,6 +38,7 @@ setup = ${caucase-repository:location} <= setup-develop-egg egg = kedifa setup = ${kedifa-repository:location} +depends = ${caucase-setup:egg} [slapos.libnetworkcache-setup] <= setup-develop-egg diff --git a/software/slaprunner/buildout.hash.cfg b/software/slaprunner/buildout.hash.cfg index 7b9b0488172024890a286140c3984243d517a9f5..1241c7b099d37596e95e129a7d456801c9789358 100644 --- a/software/slaprunner/buildout.hash.cfg +++ b/software/slaprunner/buildout.hash.cfg @@ -18,7 +18,7 @@ md5sum = f0cab61c7b8478afb8b676fc725d50d5 [template-runner] filename = instance-runner.cfg -md5sum = cd855670076979919c0fd00cc0f5938c +md5sum = d9096d49eda70f3aa02c44615077f6c9 [template-runner-import-script] filename = template/runner-import.sh.jinja2 @@ -26,11 +26,11 @@ md5sum = ed2e08c07a6727b2012f15da67c0705d [instance-runner-import] filename = instance-runner-import.cfg.in -md5sum = 2d516c6f1337efb7def32771c2eabc2b +md5sum = 1ed9526a6e5ac9a80e5b3add2d0a88fe [instance-runner-export] filename = instance-runner-export.cfg.in -md5sum = 01395b98534066ec23a5ad5c96d5f1e7 +md5sum = 8132130c89896c2d30a08f3b3a7000ff [template-resilient] filename = instance-resilient.cfg.jinja2 diff --git a/software/slaprunner/instance-runner-export.cfg.in b/software/slaprunner/instance-runner-export.cfg.in index 27fd5a0f4c9ceae0a223974322d4a4449e07ef6f..8c1537a08255564d9f74b5a9ef6b6d8d31960816 100644 --- a/software/slaprunner/instance-runner-export.cfg.in +++ b/software/slaprunner/instance-runner-export.cfg.in @@ -23,6 +23,7 @@ parts += runner-sshkeys-authority runner-sshkeys-authority-service runner-sshkeys-sshd + runner-sshkeys-sshd-service runtestsuite symlinks shellinabox diff --git a/software/slaprunner/instance-runner-import.cfg.in b/software/slaprunner/instance-runner-import.cfg.in index df4a8ae0b88cbeff9fa28f5ac0317c87340a6eb7..79209ab645230243fc38937cf282b0939bc8e7db 100644 --- a/software/slaprunner/instance-runner-import.cfg.in +++ b/software/slaprunner/instance-runner-import.cfg.in @@ -19,6 +19,7 @@ parts += runner-sshkeys-authority runner-sshkeys-authority-service runner-sshkeys-sshd + runner-sshkeys-sshd-service runtestsuite shellinabox shellinabox-service diff --git a/software/slaprunner/instance-runner.cfg b/software/slaprunner/instance-runner.cfg index 9ba6272d7f38afe302ad2a9dd78c8a2a91de7dfd..f091d00bf59be534ead9ac26456786a937c81f01 100644 --- a/software/slaprunner/instance-runner.cfg +++ b/software/slaprunner/instance-runner.cfg @@ -703,8 +703,6 @@ rendered = $${directory:bin}/shellinaboxd template = inline: #!/bin/sh exec ${shellinabox:location}/bin/shellinaboxd \ - --disable-ssl \ - --disable-ssl-menu \ --unixdomain-only=$${:socket}:$(id -u):$(id -g):0600 \ --service "/:$(id -u):$(id -g):HOME:$${shell-environment:shell} -l" diff --git a/software/unstable/MediaWiki/software.cfg b/software/unstable/MediaWiki/software.cfg index 4e90c6eca4c6a608efec036998d3941208bc5a26..00402837d9d6fd9c6d8cf5869f4f418ba066b742 100644 --- a/software/unstable/MediaWiki/software.cfg +++ b/software/unstable/MediaWiki/software.cfg @@ -60,68 +60,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/b2evolution/software.cfg b/software/unstable/b2evolution/software.cfg index 474c59fc96b04f2f33705f0ee7ee8f1726858b0a..ef2c9ae75e22b455c5fe4ed7b7706b4d5071a040 100644 --- a/software/unstable/b2evolution/software.cfg +++ b/software/unstable/b2evolution/software.cfg @@ -45,68 +45,8 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.6 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/cmsmadesimple/software.cfg b/software/unstable/cmsmadesimple/software.cfg index 26daf0545fac1ecad28c3371d5d575e0b757e30f..a0415300d943dea67e3d1b924039d1a31f3e7c1b 100644 --- a/software/unstable/cmsmadesimple/software.cfg +++ b/software/unstable/cmsmadesimple/software.cfg @@ -44,68 +44,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/coppermine/software.cfg b/software/unstable/coppermine/software.cfg index f5cd700501ca6c3975a0832b2d44b1aeaa8b3071..615e64475f0b87c61fa7afcdda252af0f1e67c8e 100644 --- a/software/unstable/coppermine/software.cfg +++ b/software/unstable/coppermine/software.cfg @@ -55,68 +55,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/dotclear/software.cfg b/software/unstable/dotclear/software.cfg index 4c2daf0ce9792b54abeb9a58bc40a019993d0c6d..38ceb763f866e665e1c6060c9ef821416630a02b 100644 --- a/software/unstable/dotclear/software.cfg +++ b/software/unstable/dotclear/software.cfg @@ -55,68 +55,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/dotproject/software.cfg b/software/unstable/dotproject/software.cfg index abb11a96364776e1493563fd13d866a1f58c76b4..e5596e0c3e35c2f4fb316bacb03a3283a4091dbd 100644 --- a/software/unstable/dotproject/software.cfg +++ b/software/unstable/dotproject/software.cfg @@ -55,68 +55,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/eSKUeL/software.cfg b/software/unstable/eSKUeL/software.cfg index 5e467d3c0362fe052f1213046f5e39689e80b74d..a77fcc5a6ca91d86adadd7c22b3a1704ad8e0b9a 100644 --- a/software/unstable/eSKUeL/software.cfg +++ b/software/unstable/eSKUeL/software.cfg @@ -44,68 +44,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.6 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/lxc/software.cfg b/software/unstable/lxc/software.cfg index 9283ef30f137605b72ff88fd9cda81dbeda47ac3..2887204db4978f174266328e35c81f1e3bb9410c 100644 --- a/software/unstable/lxc/software.cfg +++ b/software/unstable/lxc/software.cfg @@ -65,8 +65,3 @@ eggs = slapos.toolbox [versions] - -# if you upgrade to >1.0.29 this recipe may break -# as slapos.cookbook:downloader was removed. -slapos.cookbook = 0.64.1 -slapos.toolbox = 0.30 diff --git a/software/unstable/magento/software.cfg b/software/unstable/magento/software.cfg index d353960d6574deccebac7f82a4240cf03c4ef9d0..e1684c0412e408718f5331f568fb2ec339ead7dd 100644 --- a/software/unstable/magento/software.cfg +++ b/software/unstable/magento/software.cfg @@ -43,68 +43,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.6 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/net2ftp/software.cfg b/software/unstable/net2ftp/software.cfg index c09d6880a95f87c0f322504f23d22963fbf06b31..04c2d8c8a1e08b44030540b1fe90fc19165ca7c0 100644 --- a/software/unstable/net2ftp/software.cfg +++ b/software/unstable/net2ftp/software.cfg @@ -68,68 +68,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.6 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/openX/software.cfg b/software/unstable/openX/software.cfg index 295e3014cd0d190938ef6835f3541902da295886..21834636a265b492f2d65ca586386371fac92503 100644 --- a/software/unstable/openX/software.cfg +++ b/software/unstable/openX/software.cfg @@ -44,68 +44,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.6 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/os-commerce/software.cfg b/software/unstable/os-commerce/software.cfg index dccb79d4a8f4c92b0d0d706a091266801f3c9064..65c78f454a0b34a52070bf6f7159a11b2bbef4b9 100644 --- a/software/unstable/os-commerce/software.cfg +++ b/software/unstable/os-commerce/software.cfg @@ -45,68 +45,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.6 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/phpbb/software.cfg b/software/unstable/phpbb/software.cfg index 8490b04b0add6ac737a077c4ad0423feb1959cc7..0d47e99ba707731a15a84b48e24f8d572cf138fb 100644 --- a/software/unstable/phpbb/software.cfg +++ b/software/unstable/phpbb/software.cfg @@ -47,68 +47,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/phpmyadmin/software.cfg b/software/unstable/phpmyadmin/software.cfg index 9a283b123ca0df60d2726dcf353d0d62899190fc..f67fef7f76879cce5b29876b0b4af869f70b6c35 100644 --- a/software/unstable/phpmyadmin/software.cfg +++ b/software/unstable/phpmyadmin/software.cfg @@ -55,68 +55,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/phpnuke/software.cfg b/software/unstable/phpnuke/software.cfg index 89d37088daf2a1b24185c31aeb0c9a72f84c5081..9bf9f8399393b6bf44879f3170464ba5291941cb 100644 --- a/software/unstable/phpnuke/software.cfg +++ b/software/unstable/phpnuke/software.cfg @@ -56,68 +56,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/pimcore/software.cfg b/software/unstable/pimcore/software.cfg index 99ad19ddd9996e26b5ecaf4d376b1520c9fa8ba9..61a3287eb656c64b6bb89c707586cd1f0a7fa3cc 100644 --- a/software/unstable/pimcore/software.cfg +++ b/software/unstable/pimcore/software.cfg @@ -44,68 +44,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/piwigo/software.cfg b/software/unstable/piwigo/software.cfg index 5ac62e7755dc3c5de208840ce639a4ee91639e7a..e9c1b9b88f574aca78ddc7938776c6f644dd54b6 100644 --- a/software/unstable/piwigo/software.cfg +++ b/software/unstable/piwigo/software.cfg @@ -56,68 +56,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/piwik/software.cfg b/software/unstable/piwik/software.cfg index 9990997a4bcd532da5e231f7dee8ba3a4e04a4b1..2ca5937839bd53a8b8ebaff5b474f32ef2851f08 100644 --- a/software/unstable/piwik/software.cfg +++ b/software/unstable/piwik/software.cfg @@ -46,68 +46,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/prestashop/software.cfg b/software/unstable/prestashop/software.cfg index 006f0866e6d9e78c41e668138ac06f1844ed0502..bb8edf1e0d58ca3b89d78c95646e359492e1911a 100644 --- a/software/unstable/prestashop/software.cfg +++ b/software/unstable/prestashop/software.cfg @@ -47,68 +47,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/punbb/software.cfg b/software/unstable/punbb/software.cfg index cbf4bc05c9b7b5409b109a1b807a9a07f322ac1f..b05c5e31f766571dc9d2420a67d97a022c04d037 100644 --- a/software/unstable/punbb/software.cfg +++ b/software/unstable/punbb/software.cfg @@ -55,68 +55,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/simpleMachineForum/software.cfg b/software/unstable/simpleMachineForum/software.cfg index c9349fcf96bd20223b1dc6809b75cbda8f0322a3..b168988bd44f32a690c0458fad7585e66d762526 100644 --- a/software/unstable/simpleMachineForum/software.cfg +++ b/software/unstable/simpleMachineForum/software.cfg @@ -45,68 +45,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/spip/software.cfg b/software/unstable/spip/software.cfg index 39477c2520ca336e057a114d9ed4da1d354e2d91..e23f84da06c3b5f2f3ca4d0c04bcd62e81fee90e 100644 --- a/software/unstable/spip/software.cfg +++ b/software/unstable/spip/software.cfg @@ -44,68 +44,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/statusnet/software.cfg b/software/unstable/statusnet/software.cfg index 29e208d74c7f9b54042b47378da5b23fb3ecdfbb..09dad6357d4d34c9572c9604b4806e1c10379715 100644 --- a/software/unstable/statusnet/software.cfg +++ b/software/unstable/statusnet/software.cfg @@ -44,68 +44,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/sugar-crm/software.cfg b/software/unstable/sugar-crm/software.cfg index 76f6591fb3aeaf393ea4ef74eec5d61d370d8975..9582525ebad8b5e8420a07042529e0a364d5685a 100644 --- a/software/unstable/sugar-crm/software.cfg +++ b/software/unstable/sugar-crm/software.cfg @@ -44,68 +44,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/tiki/software.cfg b/software/unstable/tiki/software.cfg index a310a089cb0381bb8f138581efecf057feff3aa8..9ade9a5ff6118950e49bfe5a6e460674b2f0e74e 100644 --- a/software/unstable/tiki/software.cfg +++ b/software/unstable/tiki/software.cfg @@ -44,68 +44,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/trac-svn/software.cfg b/software/unstable/trac-svn/software.cfg index f680ad91344ddaf3629b6e6e2e489e65856fe7c1..0126a802f28bf19947ae455e635fe8790909f4ba 100644 --- a/software/unstable/trac-svn/software.cfg +++ b/software/unstable/trac-svn/software.cfg @@ -179,22 +179,6 @@ gitdb = 0.5.4 plone.recipe.command = 1.1 pycrypto = 2.6 slapos.recipe.template = 2.4.2 -slapos.toolbox = 0.34.0 smmap = 0.8.2 z3c.recipe.scripts = 1.0.1 -# Required by: -# slapos.toolbox==0.34.0 -GitPython = 0.3.2.RC1 - -# Required by: -# slapos.toolbox==0.34.0 -atomize = 0.1.1 - -# Required by: -# slapos.toolbox==0.34.0 -feedparser = 5.1.3 - -# Required by: -# slapos.toolbox==0.34.0 -paramiko = 1.10.1 diff --git a/software/unstable/xoops/software.cfg b/software/unstable/xoops/software.cfg index c09259c72d61cc58450604fd92590d66c6acfe52..3977ccbda9194b591c64b2479ce12b71ad948fed 100644 --- a/software/unstable/xoops/software.cfg +++ b/software/unstable/xoops/software.cfg @@ -45,68 +45,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.5 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/zencart/software.cfg b/software/unstable/zencart/software.cfg index 6c63efd73e2a52ac6fb09875ac2c1acb2a513f3b..e4cd146e294a506c037c7a14cf12923c58f53ef4 100644 --- a/software/unstable/zencart/software.cfg +++ b/software/unstable/zencart/software.cfg @@ -57,68 +57,7 @@ buildout-versions = 1.7 hexagonit.recipe.cmmi = 1.5.0 meld3 = 0.6.7 plone.recipe.command = 1.1 -slapos.cookbook = 0.34 -slapos.recipe.build = 0.7 slapos.recipe.template = 2.2 -slapos.toolbox = 0.10 - -# Required by: -# slapos.core==0.18 -# slapos.toolbox==0.10 -Flask = 0.8 - -# Required by: -# slapos.cookbook==0.34 -PyXML = 0.8.4 - -# Required by: -# hexagonit.recipe.cmmi==1.5.0 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.34 -# slapos.core==0.18 -# slapos.toolbox==0.10 -# xml-marshaller==0.9.7 -lxml = 2.3.1 - -# Required by: -# slapos.cookbook==0.34 -netaddr = 0.7.6 - -# Required by: -# slapos.core==0.18 -netifaces = 0.6 - -# Required by: -# slapos.toolbox==0.10 -paramiko = 1.7.7.1 - -# Required by: -# slapos.toolbox==0.10 -psutil = 0.3.0 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -slapos.core = 0.18 - -# Required by: -# slapos.core==0.18 -supervisor = 3.0a10 - -# Required by: -# slapos.cookbook==0.34 -# slapos.toolbox==0.10 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.cookbook==0.34 -zc.recipe.egg = 1.3.2 - -# Required by: -# slapos.core==0.18 -zope.interface = 3.8.0 [downloadcache-workaround] # workaround irritating problem of hexagonit.recipe.cmmi which automatically diff --git a/software/unstable/zimbra-kvm/software.cfg b/software/unstable/zimbra-kvm/software.cfg index 0ae6e98ea2b84d1919b1ba96a927409543fc8200..798bc4e7d8838a137727bd9c274ea3248321b629 100644 --- a/software/unstable/zimbra-kvm/software.cfg +++ b/software/unstable/zimbra-kvm/software.cfg @@ -14,79 +14,8 @@ lxml = 3.1.0 meld3 = 0.6.10 plone.recipe.command = 1.1 pycrypto = 2.6 -slapos.cookbook = 0.73.1 slapos.recipe.template = 2.4.2 -slapos.toolbox = 0.33.1 smmap = 0.8.2 websockify = 0.3.0 z3c.recipe.scripts = 1.0.1 -# Required by: -# slapos.core==0.35.1 -# slapos.toolbox==0.33.1 -Flask = 0.9 - -# Required by: -# slapos.toolbox==0.33.1 -GitPython = 0.3.2.RC1 - -# Required by: -# slapos.toolbox==0.33.1 -atomize = 0.1.1 - -# Required by: -# slapos.toolbox==0.33.1 -feedparser = 5.1.3 - -# Required by: -# hexagonit.recipe.cmmi==1.6 -hexagonit.recipe.download = 1.6nxd002 - -# Required by: -# slapos.cookbook==0.73.1 - -# Required by: -# slapos.cookbook==0.73.1 -netaddr = 0.7.10 - -# Required by: -# slapos.core==0.35.1 -netifaces = 0.10.4 - -# Required by: -# slapos.toolbox==0.33.1 -paramiko = 1.10.0 - -# Required by: -# slapos.toolbox==0.33.1 -psutil = 0.6.1 - -# Required by: -# slapos.core==0.35.1 -pyflakes = 0.6.1 - -# Required by: -# slapos.cookbook==0.73.1 -pytz = 2012j - -# Required by: -# slapos.cookbook==0.73.1 -# slapos.toolbox==0.33.1 -slapos.core = 0.35.1 - -# Required by: -# slapos.core==0.35.1 -supervisor = 3.0b1 - -# Required by: -# slapos.core==0.35.1 -unittest2 = 0.5.1 - -# Required by: -# slapos.cookbook==0.73.1 -# slapos.toolbox==0.33.1 -xml-marshaller = 0.9.7 - -# Required by: -# slapos.core==0.35.1 -zope.interface = 4.0.5 \ No newline at end of file diff --git a/stack/erp5/buildout.cfg b/stack/erp5/buildout.cfg index 392700b180e9465249884513258089f735bd3c1b..9f7514a984c6fa6cc4bded1c988e84d9f8efcd39 100644 --- a/stack/erp5/buildout.cfg +++ b/stack/erp5/buildout.cfg @@ -407,10 +407,8 @@ initialization = parts_directory = '''${buildout:parts-directory}''' repository_id_list = \ '''${erp5_repository_list:repository_id_list}'''.split()[::-1] - os.environ['erp5_tests_bt5_path'] = ','.join(sum(( - [bt5_path, os.path.join(bt5_path, '*')] - for bt5_path in (os.path.join(parts_directory, x, 'bt5') - for x in repository_id_list)), [])) + os.environ['erp5_tests_bt5_path'] = ','.join( + os.path.join(parts_directory, x, 'bt5') for x in repository_id_list) extra_path_list = '''${:extra-paths}'''.split() sys.path[:0] = sum(( glob.glob(os.path.join(x, 'tests')) diff --git a/stack/slapos.cfg b/stack/slapos.cfg index 3c7aec154bc2f4ad07724871681a6533b8ba9aac..e485512d3065c11d0bb41cbdba8c5a62949a6daa 100644 --- a/stack/slapos.cfg +++ b/stack/slapos.cfg @@ -135,13 +135,13 @@ pytz = 2016.10 requests = 2.13.0 six = 1.11.0 slapos.cookbook = 1.0.75 -slapos.core = 1.4.13 +slapos.core = 1.4.14 slapos.extension.strip = 0.4 slapos.extension.shared = 1.0 slapos.libnetworkcache = 0.16 slapos.rebootstrap = 4.1 -slapos.recipe.build = 0.39 -slapos.recipe.cmmi = 0.8 +slapos.recipe.build = 0.40 +slapos.recipe.cmmi = 0.10 slapos.toolbox = 0.83 stevedore = 1.21.0 unicodecsv = 0.14.1