Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos-caddy
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Guillaume Hervier
slapos-caddy
Commits
cccb5580
Commit
cccb5580
authored
Aug 12, 2011
by
Gabriel Monnerat
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
refactor code and add function to add a valid certificate if it is passed in partition_parameter_kw
parent
802423d8
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
36 additions
and
4 deletions
+36
-4
slapos/recipe/apache/__init__.py
slapos/recipe/apache/__init__.py
+36
-4
No files found.
slapos/recipe/apache/__init__.py
View file @
cccb5580
...
...
@@ -54,14 +54,11 @@ class Recipe(BaseSlapRecipe):
self
.
path_list
.
append
(
self
.
killpidfromfile
)
ca_conf
=
self
.
installCertificateAuthority
()
# This should come from parameter.
frontend_port_number
=
4443
frontend_domain_name
=
self
.
parameter_dict
.
get
(
"domain"
,
"host.vifib.net"
)
key
,
certificate
=
self
.
requestCertificate
(
frontend_domain_name
)
base_varnish_port
=
26009
slave_instance_list
=
self
.
parameter_dict
.
get
(
"slave_instance_list"
,
[])
rewrite_rule_list
=
[]
...
...
@@ -112,9 +109,27 @@ class Recipe(BaseSlapRecipe):
else
:
rewrite_rule_list
.
append
(
"%s %s"
%
(
reference
.
replace
(
"-"
,
""
),
url
))
valid_certificate_str
=
self
.
parameter_dict
.
get
(
"domain_ssl_ca_cert"
)
valid_key_str
=
self
.
parameter_dict
.
get
(
"domain_ssl_ca_key"
)
if
valid_certificate_str
is
None
and
valid_key_str
is
None
:
ca_conf
=
self
.
installCertificateAuthority
()
key
,
certificate
=
self
.
requestCertificate
(
frontend_domain_name
)
else
:
ca_conf
=
self
.
installValidCertificateAuthority
(
frontend_domain_name
,
valid_certificate_str
,
valid_key_str
)
key
=
ca_conf
.
pop
(
"key"
)
certificate
=
ca_conf
.
pop
(
"certificate"
)
if
service_dict
!=
{}:
if
valid_certificate_str
is
not
None
and
valid_key_str
is
not
None
:
self
.
installCertificateAuthority
()
stunnel_key
,
stunnel_certificate
=
\
self
.
requestCertificate
(
frontend_domain_name
)
else
:
stunnel_key
,
stunnet_certificate
=
key
,
certificate
self
.
installStunnel
(
service_dict
,
certificate
,
key
,
stunnel_certificate
,
stunnel_
key
,
ca_conf
[
"ca_crl"
],
ca_conf
[
"certificate_authority_path"
])
...
...
@@ -192,6 +207,23 @@ class Recipe(BaseSlapRecipe):
self
.
path_list
.
append
(
wrapper
)
return
cron_d
def
installValidCertificateAuthority
(
self
,
domain_name
,
certificate
,
key
):
ca_dir
=
os
.
path
.
join
(
self
.
data_root_directory
,
'ca'
)
ca_private
=
os
.
path
.
join
(
ca_dir
,
'private'
)
ca_certs
=
os
.
path
.
join
(
ca_dir
,
'certs'
)
ca_crl
=
os
.
path
.
join
(
ca_dir
,
'crl'
)
self
.
_createDirectory
(
ca_dir
)
for
path
in
(
ca_private
,
ca_certs
,
ca_crl
):
self
.
_createDirectory
(
path
)
key_path
=
os
.
path
.
join
(
ca_private
,
domain_name
+
".key"
)
certificate_path
=
os
.
path
.
join
(
ca_certs
,
domain_name
+
".crt"
)
self
.
_writeFile
(
key_path
,
key
)
self
.
_writeFile
(
certificate_path
,
certificate
)
return
dict
(
certificate_authority_path
=
ca_dir
,
ca_crl
=
ca_crl
,
certificate
=
certificate_path
,
key
=
key_path
)
def
installCertificateAuthority
(
self
,
ca_country_code
=
'XX'
,
ca_email
=
'xx@example.com'
,
ca_state
=
'State'
,
ca_city
=
'City'
,
ca_company
=
'Company'
):
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment