Commit 62645121 authored by Łukasz Nowak's avatar Łukasz Nowak

caddy-frontend: Implement type:notebook

parent 73c65ed7
...@@ -91,7 +91,7 @@ md5sum = a0c5c376753da042c5f8444a33066acf ...@@ -91,7 +91,7 @@ md5sum = a0c5c376753da042c5f8444a33066acf
[template-nginx-notebook-slave-virtualhost] [template-nginx-notebook-slave-virtualhost]
filename = templates/nginx-notebook-slave.conf.in filename = templates/nginx-notebook-slave.conf.in
md5sum = 193184d052d8ef8b09fa980cbca90798 md5sum = 753e87647d1ed4655432393bba062d3f
[template-apache-lazy-script-call] [template-apache-lazy-script-call]
filename = templates/apache-lazy-script-call.sh.in filename = templates/apache-lazy-script-call.sh.in
......
{% set url = slave_parameter.get('url') -%} {% set url = slave_parameter.get('url') %}
{% set https_url = slave_parameter.get('https-url', url) -%} {% set https_url = slave_parameter.get('https-url', url) %}
{% if url.startswith("http://") or url.startswith("https://") -%} {% if url.startswith("http://") or url.startswith("https://") %}
{% set upstream = url.split("/")[2] -%} {% set upstream = url.split("/")[2] %}
{% set https_upstream = https_url.split("/")[2] -%} {% set https_upstream = https_url.split("/")[2] %}
{% set protocol = url.split("/")[0] -%}
{% set https_protocol = https_url.split("/")[0] -%} https://{{ slave_parameter.get('custom_domain') }}:{{ nginx_https_port }} {
{% set proxy_pass = '%s//%s' % (protocol, slave_parameter.get('slave_reference')) -%} bind {{ local_ipv4 }}
{% set https_proxy_pass = '%s//https_%s' % (protocol, slave_parameter.get('slave_reference')) -%} log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}"
{%- set ssl_configuration_list = [('ssl_certificate', 'path_to_ssl_crt'), errors {{ slave_parameter.get('error_log') }}
('ssl_certificate_key', 'path_to_ssl_key')] -%}
tls {{ slave_parameter.get('path_to_ssl_crt', slave_parameter.get('login_certificate')) }} {{ slave_parameter.get('path_to_ssl_key', slave_parameter.get('login_key')) }} {
{% if slave_parameter.get('path_to_ssl_ca_crt') %}
# TODO-Caddy upstream {{ slave_parameter.get('slave_reference') }} { clients {{ slave_parameter.get('path_to_ssl_ca_crt') }}
# TODO-Caddy server {{ upstream }}; {% endif %}
# TODO-Caddy } alpn http/1.1
}
# TODO-Caddy upstream https_{{ slave_parameter.get('slave_reference') }} {
# TODO-Caddy server {{ https_upstream }}; proxy / {{ https_upstream }} {
# TODO-Caddy } transparent
insecure_skip_verify
}
# TODO-Caddy server { rewrite {
# TODO-Caddy listen {{ local_ipv4 }}:{{ nginx_http_port }}; regexp "/(api/kernels/[^/]+/(channels|iopub|shell|stdin)|terminals/websocket)/?"
# TODO-Caddy to /proxy/{1}
# TODO-Caddy server_name {{ slave_parameter.get('custom_domain') }}; }
# TODO-Caddy proxy /proxy/ {{ https_upstream }} {
# TODO-Caddy error_log {{ slave_parameter.get('error_log') }} error; header_upstream X-Real-IP {remote}
# TODO-Caddy access_log {{ slave_parameter.get('access_log') }} custom; header_upstream Host {host}
# TODO-Caddy websocket
# TODO-Caddy location / { without /proxy/
# TODO-Caddy proxy_pass {{ proxy_pass }}; insecure_skip_verify
# TODO-Caddy proxy_set_header Host $host; }
# TODO-Caddy } }
# TODO-Caddy
# TODO-Caddy location ~ /api/kernels/ { http://{{ slave_parameter.get('custom_domain') }}:{{ nginx_http_port }} {
# TODO-Caddy proxy_pass {{ proxy_pass }}; bind {{ local_ipv4 }}
# TODO-Caddy proxy_set_header Host $host; log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}"
# TODO-Caddy # websocket support errors {{ slave_parameter.get('error_log') }}
# TODO-Caddy proxy_http_version 1.1;
# TODO-Caddy proxy_set_header Upgrade "websocket"; proxy / {{ upstream }} {
# TODO-Caddy proxy_set_header Connection "Upgrade"; transparent
# TODO-Caddy proxy_read_timeout 86400; insecure_skip_verify
# TODO-Caddy } }
# TODO-Caddy rewrite {
# TODO-Caddy location ~ /terminals/ { regexp "/(api/kernels/[^/]+/(channels|iopub|shell|stdin)|terminals/websocket)/?"
# TODO-Caddy proxy_pass {{ proxy_pass }}; to /proxy/{1}
# TODO-Caddy proxy_set_header Host $host; }
# TODO-Caddy # websocket support proxy /proxy/ {{ upstream }} {
# TODO-Caddy proxy_http_version 1.1; header_upstream X-Real-IP {remote}
# TODO-Caddy proxy_set_header Upgrade "websocket"; header_upstream Host {host}
# TODO-Caddy proxy_set_header Connection "Upgrade"; websocket
# TODO-Caddy proxy_read_timeout 86400; without /proxy/
# TODO-Caddy } insecure_skip_verify
# TODO-Caddy } }
}
# TODO-Caddy server { {% endif %}
# TODO-Caddy listen {{ local_ipv4 }}:{{ nginx_https_port }} ssl;
# TODO-Caddy
# TODO-Caddy server_name {{ slave_parameter.get('custom_domain') }};
# TODO-Caddy
# TODO-Caddy error_log {{ slave_parameter.get('error_log') }} error;
# TODO-Caddy access_log {{ slave_parameter.get('access_log') }} custom;
# TODO-Caddy
# TODO-Caddy ssl on;
# TODO-Caddy
# TODO-Caddy ssl_session_timeout 5m;
# TODO-Caddy ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# TODO-Caddy ssl_ciphers 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5';
# TODO-Caddy ssl_prefer_server_ciphers on;
# TODO-Caddy ssl_session_cache shared:SSL:10m;
{% for key, value in ssl_configuration_list -%}
{% if value in slave_parameter -%}
# TODO-Caddy {{ ' %s' % key }} {{ slave_parameter.get(value) }};
{% endif -%}
{% endfor %}
# TODO-Caddy location / {
# TODO-Caddy proxy_pass {{ https_proxy_pass }};
# TODO-Caddy proxy_set_header Host $host;
# TODO-Caddy }
# TODO-Caddy
# TODO-Caddy location ~ /api/kernels/ {
# TODO-Caddy proxy_pass {{ https_proxy_pass }};
# TODO-Caddy proxy_set_header Host $host;
# TODO-Caddy # websocket support
# TODO-Caddy proxy_http_version 1.1;
# TODO-Caddy proxy_set_header Upgrade "websocket";
# TODO-Caddy proxy_set_header Connection "Upgrade";
# TODO-Caddy proxy_read_timeout 86400;
# TODO-Caddy }
# TODO-Caddy
# TODO-Caddy location ~ /terminals/ {
# TODO-Caddy proxy_pass {{ https_proxy_pass }};
# TODO-Caddy proxy_set_header Host $host;
# TODO-Caddy # websocket support
# TODO-Caddy proxy_http_version 1.1;
# TODO-Caddy proxy_set_header Upgrade "websocket";
# TODO-Caddy proxy_set_header Connection "Upgrade";
# TODO-Caddy proxy_read_timeout 86400;
# TODO-Caddy }
# TODO-Caddy }
{% endif -%}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment