Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
5
Merge Requests
5
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Jérome Perrin
slapos
Commits
87637cb1
Commit
87637cb1
authored
Jun 19, 2020
by
Łukasz Nowak
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
caddy-frontend: Improve readability of most complex template
parent
78b214a2
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
195 additions
and
212 deletions
+195
-212
software/caddy-frontend/buildout.hash.cfg
software/caddy-frontend/buildout.hash.cfg
+1
-1
software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
.../caddy-frontend/templates/apache-custom-slave-list.cfg.in
+194
-211
No files found.
software/caddy-frontend/buildout.hash.cfg
View file @
87637cb1
...
@@ -30,7 +30,7 @@ md5sum = a544bf7586f5945bbf108abe9818c7dd
...
@@ -30,7 +30,7 @@ md5sum = a544bf7586f5945bbf108abe9818c7dd
[template-slave-list]
[template-slave-list]
_update_hash_filename_ = templates/apache-custom-slave-list.cfg.in
_update_hash_filename_ = templates/apache-custom-slave-list.cfg.in
md5sum =
83992a72b440e422e6d6dae54990f3b1
md5sum =
9da1616d203e4909af37e658aa923d95
[template-replicate-publish-slave-information]
[template-replicate-publish-slave-information]
_update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in
_update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in
...
...
software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
View file @
87637cb1
{% if software_type == slap_software_type %}
{%- if software_type == slap_software_type %}
{%- set kedifa_updater_mapping = [] %}
{% set kedifa_updater_mapping = [] %}
{%- set cached_server_dict = {} %}
{% set cached_server_dict = {} %}
{%- set part_list = [] %}
{% set part_list = [] %}
{%- set cache_port = caddy_configuration.get('cache-port') %}
{% set cache_port = caddy_configuration.get('cache-port') %}
{%- set cached_port = caddy_configuration.get('cache-through-port') %}
{% set cached_port = caddy_configuration.get('cache-through-port') %}
{%- set ssl_cached_port = caddy_configuration.get('ssl-cache-through-port') %}
{% set ssl_cached_port = caddy_configuration.get('ssl-cache-through-port') %}
{%- set cache_access = "http://%s:%s" % (local_ipv4, cache_port) %}
{% set cache_access = "http://%s:%s" % (local_ipv4, cache_port) %}
{%- set ssl_cache_access = "http://%s:%s/HTTPS" % (local_ipv4, cache_port) %}
{% set ssl_cache_access = "http://%s:%s/HTTPS" % (local_ipv4, cache_port) %}
{%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] %}
{% set TRUE_VALUES = ['y', 'yes', '1', 'true'] %}
{%- set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': local_ipv4, 'http_port': http_port, 'https_port': https_port} %}
{% set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': local_ipv4, 'http_port': http_port, 'https_port': https_port} %}
{%- set slave_log_dict = {} %}
{% set slave_log_dict = {} %}
{%- if extra_slave_instance_list %}
{% if extra_slave_instance_list %}
{%- set slave_instance_information_list = [] %}
{% set slave_instance_information_list = [] %}
{%- set slave_instance_list = slave_instance_list + json_module.loads(extra_slave_instance_list) %}
{% set slave_instance_list = slave_instance_list + json_module.loads(extra_slave_instance_list) %}
{%- endif %}
{% endif %}
{%- if master_key_download_url %}
{%- do kedifa_updater_mapping.append((master_key_download_url, master_certificate, apache_certificate)) %}
{%- else %}
{%- do kedifa_updater_mapping.append(('notreadyyet', master_certificate, apache_certificate)) %}
{%- endif %}
{%- if slave_kedifa_information %}
{%- set slave_kedifa_information = json_module.loads(slave_kedifa_information) %}
{%- else %}
{%- set slave_kedifa_information = {} %}
{%- endif -%}
[jinja2-template-base]
[jinja2-template-base]
recipe = slapos.recipe.template:jinja2
recipe = slapos.recipe.template:jinja2
extensions = jinja2.ext.do
extensions = jinja2.ext.do
...
@@ -30,18 +39,6 @@ sharedscripts = true
...
@@ -30,18 +39,6 @@ sharedscripts = true
notifempty = true
notifempty = true
create = true
create = true
{% if master_key_download_url %}
{% do kedifa_updater_mapping.append((master_key_download_url, master_certificate, apache_certificate)) %}
{% else %}
{% do kedifa_updater_mapping.append(('notreadyyet', master_certificate, apache_certificate)) %}
{% endif %}
{% if slave_kedifa_information %}
{% set slave_kedifa_information = json_module.loads(slave_kedifa_information) %}
{% else %}
{% set slave_kedifa_information = {} %}
{% endif %}
# empty sections if no slaves are available
# empty sections if no slaves are available
[slave-log-directory-dict]
[slave-log-directory-dict]
[slave-password]
[slave-password]
...
@@ -49,169 +46,160 @@ create = true
...
@@ -49,169 +46,160 @@ create = true
# empty section if no cached slaves are available
# empty section if no cached slaves are available
[slave-log-cache-direct-directory-dict]
[slave-log-cache-direct-directory-dict]
{# Loop thought slave list to set up slaves #}
{#- Loop thought slave list to set up slaves #}
{% for slave_instance in slave_instance_list %}
{%- for slave_instance in slave_instance_list %}
{# Manage ciphers #}
{#- Manage ciphers #}
{% set slave_ciphers = slave_instance.get('ciphers', '').strip().split() %}
{%- set slave_ciphers = slave_instance.get('ciphers', '').strip().split() %}
{% if slave_ciphers %}
{%- if slave_ciphers %}
{% set slave_cipher_list = ' '.join(slave_ciphers) %}
{%- set slave_cipher_list = ' '.join(slave_ciphers) %}
{% else %}
{%- else %}
{% set slave_cipher_list = ciphers.strip() %}
{%- set slave_cipher_list = ciphers.strip() %}
{% endif %}
{%- endif %}
{% do slave_instance.__setitem__('cipher_list', slave_cipher_list) %}
{%- do slave_instance.__setitem__('cipher_list', slave_cipher_list) %}
{% set slave_type = slave_instance.get('type', '') %}
{%- set slave_type = slave_instance.get('type', '') %}
{% set enable_cache = (('' ~ slave_instance.get('enable_cache', '')).lower() in TRUE_VALUES and slave_type != 'redirect') %}
{%- set enable_cache = (('' ~ slave_instance.get('enable_cache', '')).lower() in TRUE_VALUES and slave_type != 'redirect') %}
{% set slave_reference = slave_instance.get('slave_reference') %}
{%- set slave_reference = slave_instance.get('slave_reference') %}
{% set slave_kedifa = slave_kedifa_information.get(slave_reference) %}
{%- set slave_kedifa = slave_kedifa_information.get(slave_reference) %}
{% if slave_kedifa %}
{%- if slave_kedifa %}
{% set key_download_url = slave_kedifa.get('key-download-url') %}
{%- set key_download_url = slave_kedifa.get('key-download-url') %}
{% else %}
{%- else %}
{% set key_download_url = 'notreadyyet' %}
{%- set key_download_url = 'notreadyyet' %}
{% endif %}
{%- endif %}
{% set slave_section_title = 'dynamic-template-slave-instance-%s' % slave_reference %}
{%- set slave_section_title = 'dynamic-template-slave-instance-%s' % slave_reference %}
{% set slave_parameter_dict = generic_instance_parameter_dict.copy() %}
{%- set slave_parameter_dict = generic_instance_parameter_dict.copy() %}
{% set slave_publish_dict = {} %}
{%- set slave_publish_dict = {} %}
{% set slave_configuration_section_name = 'slave-instance-%s-configuration' % slave_reference %}
{%- set slave_configuration_section_name = 'slave-instance-%s-configuration' % slave_reference %}
{% set slave_logrotate_section = slave_reference + "-logs" %}
{%- set slave_logrotate_section = slave_reference + "-logs" %}
{% set slave_logrotate_cache_direct_section = slave_reference + "-cache-direct-logs" %}
{%- set slave_logrotate_cache_direct_section = slave_reference + "-cache-direct-logs" %}
{% set slave_password_section = slave_reference + "-password" %}
{%- set slave_password_section = slave_reference + "-password" %}
{% set slave_ln_section = slave_reference + "-ln" %}
{%- set slave_ln_section = slave_reference + "-ln" %}
{#- extend parts #}
{# extend parts #}
{%- do part_list.extend([slave_ln_section]) %}
{% do part_list.extend([slave_ln_section]) %}
{%- do part_list.extend([slave_logrotate_section, slave_section_title]) %}
{% do part_list.extend([slave_logrotate_section, slave_section_title]) %}
{%- set slave_log_folder = '${logrotate-directory:logrotate-backup}/' + slave_reference + "-logs" %}
{%- if enable_cache %}
{% set slave_log_folder = '${logrotate-directory:logrotate-backup}/' + slave_reference + "-logs" %}
{%- set slave_log_cache_direct_folder = '${logrotate-directory:logrotate-backup}/' + slave_logrotate_cache_direct_section %}
{% if enable_cache %}
{%- do part_list.extend([slave_logrotate_cache_direct_section]) %}
{% set slave_log_cache_direct_folder = '${logrotate-directory:logrotate-backup}/' + slave_logrotate_cache_direct_section %}
{%- endif %}
{% do part_list.extend([slave_logrotate_cache_direct_section]) %}
{#- Pass HTTP2 switch #}
{% endif %}
{%- do slave_instance.__setitem__('enable_http2_by_default', enable_http2_by_default) %}
{%- do slave_instance.__setitem__('global_disable_http2', global_disable_http2) %}
{# Pass HTTP2 switch #}
{#- Pass proxy_try_duration and proxy_try_interval #}
{% do slave_instance.__setitem__('enable_http2_by_default', enable_http2_by_default) %}
{%- do slave_instance.__setitem__('proxy_try_duration', proxy_try_duration) %}
{% do slave_instance.__setitem__('global_disable_http2', global_disable_http2) %}
{%- do slave_instance.__setitem__('proxy_try_interval', proxy_try_interval) %}
{#- Set Up log files #}
{# Pass proxy_try_duration and proxy_try_interval #}
{%- do slave_parameter_dict.__setitem__('access_log', '/'.join([caddy_log_directory, '%s_access_log' % slave_reference])) %}
{% do slave_instance.__setitem__('proxy_try_duration', proxy_try_duration) %}
{%- do slave_parameter_dict.__setitem__('error_log', '/'.join([caddy_log_directory, '%s_error_log' % slave_reference])) %}
{% do slave_instance.__setitem__('proxy_try_interval', proxy_try_interval) %}
{%- do slave_instance.__setitem__('access_log', slave_parameter_dict.get('access_log')) %}
{%- do slave_instance.__setitem__('error_log', slave_parameter_dict.get('error_log')) %}
{# Set Up log files #}
{%- if enable_cache %}
{% do slave_parameter_dict.__setitem__('access_log', '/'.join([caddy_log_directory, '%s_access_log' % slave_reference])) %}
{%- do slave_parameter_dict.__setitem__('access_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_access_log' % slave_reference])) %}
{% do slave_parameter_dict.__setitem__('error_log', '/'.join([caddy_log_directory, '%s_error_log' % slave_reference])) %}
{%- do slave_parameter_dict.__setitem__('error_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_error_log' % slave_reference])) %}
{% do slave_instance.__setitem__('access_log', slave_parameter_dict.get('access_log')) %}
{%- do slave_instance.__setitem__('access_log_cache_direct', slave_parameter_dict.get('access_log_cache_direct')) %}
{% do slave_instance.__setitem__('error_log', slave_parameter_dict.get('error_log')) %}
{%- do slave_instance.__setitem__('error_log_cache_direct', slave_parameter_dict.get('error_log_cache_direct')) %}
{% if enable_cache %}
{%- endif %}
{% do slave_parameter_dict.__setitem__('access_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_access_log' % slave_reference])) %}
{#- Add slave log directory to the slave log access dict #}
{% do slave_parameter_dict.__setitem__('error_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_error_log' % slave_reference])) %}
{%- do slave_log_dict.__setitem__(slave_reference, slave_log_folder) %}
{% do slave_instance.__setitem__('access_log_cache_direct', slave_parameter_dict.get('access_log_cache_direct')) %}
{%- set slave_log_access_url = 'https://' + slave_reference.lower() + ':${'+ slave_password_section +':passwd}@[' + frontend_configuration.get('caddy-ipv6') + ']:' + frontend_configuration.get('caddy-https-port') + '/' + slave_reference.lower() + '/' %}
{% do slave_instance.__setitem__('error_log_cache_direct', slave_parameter_dict.get('error_log_cache_direct')) %}
{%- do slave_publish_dict.__setitem__('log-access', slave_log_access_url) %}
{% endif %}
{%- do slave_publish_dict.__setitem__('slave-reference', slave_reference) %}
{%- do slave_publish_dict.__setitem__('public-ipv4', public_ipv4) %}
{# Add slave log directory to the slave log access dict #}
{#- Set slave domain if none was defined #}
{% do slave_log_dict.__setitem__(slave_reference, slave_log_folder) %}
{%- if slave_instance.get('custom_domain', None) == None %}
{%- set domain_prefix = slave_instance.get('slave_reference').replace("-", "").replace("_", "").lower() %}
{% set slave_log_access_url = 'https://' + slave_reference.lower() + ':${'+ slave_password_section +':passwd}@[' + frontend_configuration.get('caddy-ipv6') + ']:' + frontend_configuration.get('caddy-https-port') + '/' + slave_reference.lower() + '/' %}
{%- do slave_instance.__setitem__('custom_domain', "%s.%s" % (domain_prefix, slapparameter_dict.get('domain'))) %}
{% do slave_publish_dict.__setitem__('log-access', slave_log_access_url) %}
{%- endif %}
{% do slave_publish_dict.__setitem__('slave-reference', slave_reference) %}
{%- if enable_cache and 'url' in slave_instance %}
{% do slave_publish_dict.__setitem__('public-ipv4', public_ipv4) %}
{%- if 'domain' in slave_instance %}
{%- if not slave_instance.get('custom_domain') %}
{# Set slave domain if none was defined #}
{%- do slave_instance.__setitem__('custom_domain', slave_instance.get('domain')) %}
{% if slave_instance.get('custom_domain', None) == None %}
{%- endif %}
{% set domain_prefix = slave_instance.get('slave_reference').replace("-", "").replace("_", "").lower() %}
{%- endif %}
{% do slave_instance.__setitem__('custom_domain', "%s.%s" % (domain_prefix, slapparameter_dict.get('domain'))) %}
{%- do slave_instance.__setitem__('backend_url', slave_instance.get('url')) %}
{% endif %}
{%- do slave_instance.__setitem__('https_backend_url', slave_instance.get('https-url', slave_instance.get('url'))) %}
{%- do slave_instance.__setitem__('url', cache_access) %}
{% if enable_cache and 'url' in slave_instance %}
{%- do slave_instance.__setitem__('https-url', ssl_cache_access) %}
{% if 'domain' in slave_instance %}
{%- do cached_server_dict.__setitem__(slave_reference, slave_configuration_section_name) %}
{% if not slave_instance.get('custom_domain') %}
{%- endif %}
{% do slave_instance.__setitem__('custom_domain', slave_instance.get('domain')) %}
{%- do slave_publish_dict.__setitem__('domain', slave_instance.get('custom_domain')) %}
{% endif %}
{%- do slave_publish_dict.__setitem__('url', "http://%s" % slave_instance.get('custom_domain')) %}
{% endif %}
{%- do slave_publish_dict.__setitem__('site_url', "http://%s" % slave_instance.get('custom_domain')) %}
{% do slave_instance.__setitem__('backend_url', slave_instance.get('url')) %}
{%- do slave_publish_dict.__setitem__('secure_access', 'https://%s' % slave_instance.get('custom_domain')) %}
{% do slave_instance.__setitem__('https_backend_url', slave_instance.get('https-url', slave_instance.get('url'))) %}
{% do slave_instance.__setitem__('url', cache_access) %}
{% do slave_instance.__setitem__('https-url', ssl_cache_access) %}
{% do cached_server_dict.__setitem__(slave_reference, slave_configuration_section_name) %}
{% endif %}
{% do slave_publish_dict.__setitem__('domain', slave_instance.get('custom_domain')) %}
{% do slave_publish_dict.__setitem__('url', "http://%s" % slave_instance.get('custom_domain')) %}
{% do slave_publish_dict.__setitem__('site_url', "http://%s" % slave_instance.get('custom_domain')) %}
{% do slave_publish_dict.__setitem__('secure_access', 'https://%s' % slave_instance.get('custom_domain')) %}
[slave-log-directory-dict]
[slave-log-directory-dict]
{{slave_reference}} = {{ slave_log_folder }}
{{slave_reference}} = {{ slave_log_folder }}
{% if enable_cache %}
{%
-
if enable_cache %}
[slave-log-cache-direct-directory-dict]
[slave-log-cache-direct-directory-dict]
{{slave_reference}}_cache_direct = {{ slave_log_cache_direct_folder }}
{{slave_reference}}_cache_direct = {{ slave_log_cache_direct_folder }}
{% endif %}
{%
-
endif %}
[slave-password]
[slave-password]
{{ slave_reference }} = {{ '${' + slave_password_section + ':passwd}' }}
{{ slave_reference }} = {{ '${' + slave_password_section + ':passwd}' }}
{# Set slave logrotate entry #}
{#
-
Set slave logrotate entry #}
[{{slave_logrotate_section}}]
[{{slave_logrotate_section}}]
<= logrotate-entry-base
<= logrotate-entry-base
name = ${:_buildout_section_name_}
name = ${:_buildout_section_name_}
log = {{slave_parameter_dict.get('access_log')}} {{slave_parameter_dict.get('error_log')}}
log = {{slave_parameter_dict.get('access_log')}} {{slave_parameter_dict.get('error_log')}}
backup = {{ slave_log_folder }}
backup = {{ slave_log_folder }}
{% if enable_cache %}
{%- if enable_cache %}
[{{slave_logrotate_cache_direct_section}}]
[{{slave_logrotate_cache_direct_section}}]
<= logrotate-entry-base
<= logrotate-entry-base
name = ${:_buildout_section_name_}
name = ${:_buildout_section_name_}
log = {{slave_parameter_dict.get('access_log_cache_direct')}} {{slave_parameter_dict.get('error_log_cache_direct')}}
log = {{slave_parameter_dict.get('access_log_cache_direct')}} {{slave_parameter_dict.get('error_log_cache_direct')}}
backup = {{ slave_log_cache_direct_folder }}
backup = {{ slave_log_cache_direct_folder }}
{% endif %}
{%- endif %}
{#- integrate current logs inside #}
{# integrate current logs inside #}
[{{slave_ln_section}}]
[{{slave_ln_section}}]
recipe = plone.recipe.command
recipe = plone.recipe.command
stop-on-error = false
stop-on-error = false
command = ln -s {{slave_parameter_dict.get('error_log')}} {{ slave_log_folder }}/error.log && ln -s {{slave_parameter_dict.get('access_log')}} {{ slave_log_folder }}/access.log
command = ln -s {{slave_parameter_dict.get('error_log')}} {{ slave_log_folder }}/error.log && ln -s {{slave_parameter_dict.get('access_log')}} {{ slave_log_folder }}/access.log
{# Set password for slave #}
{#- Set password for slave #}
[{{slave_password_section}}]
[{{slave_password_section}}]
recipe = slapos.cookbook:generate.password
recipe = slapos.cookbook:generate.password
storage-path = {{caddy_configuration_directory}}/.{{slave_reference}}.passwd
storage-path = {{caddy_configuration_directory}}/.{{slave_reference}}.passwd
bytes = 8
bytes = 8
{# ################################################## #}
{#- ################################################## #}
{# Set Slave Certificates if needed #}
{#- Set Slave Certificates if needed #}
{# Set certificate key for custom configuration #}
{#- Set certificate key for custom configuration #}
{% set cert_name = slave_reference.replace('-','.') + '.pem' %}
{%- set cert_name = slave_reference.replace('-','.') + '.pem' %}
{% set certificate = '%s/%s' % (autocert, cert_name) %}
{%- set certificate = '%s/%s' % (autocert, cert_name) %}
{% do slave_parameter_dict.__setitem__('certificate', certificate )%}
{%- do slave_parameter_dict.__setitem__('certificate', certificate )%}
{#- Set ssl certificates for each slave #}
{# Set ssl certificates for each slave #}
{%- for cert_name in ('ssl_csr', 'ssl_proxy_ca_crt')%}
{% for cert_name in ('ssl_csr', 'ssl_proxy_ca_crt')%}
{%- if cert_name in slave_instance %}
{% if cert_name in slave_instance %}
{%- set cert_title = '%s-%s' % (slave_reference, cert_name.replace('ssl_', '')) %}
{% set cert_title = '%s-%s' % (slave_reference, cert_name.replace('ssl_', '')) %}
{%- set cert_file = '/'.join([custom_ssl_directory, cert_title.replace('-','.')]) %}
{% set cert_file = '/'.join([custom_ssl_directory, cert_title.replace('-','.')]) %}
{%- do part_list.append(cert_title) %}
{% do part_list.append(cert_title) %}
{%- do slave_parameter_dict.__setitem__(cert_name, cert_file) %}
{% do slave_parameter_dict.__setitem__(cert_name, cert_file) %}
{%- do slave_instance.__setitem__('path_to_' + cert_name, cert_file) %}
{% do slave_instance.__setitem__('path_to_' + cert_name, cert_file) %}
{#- Store certificates on fs #}
{# Store certificates on fs #}
[{{ cert_title }}]
[{{ cert_title }}]
< = jinja2-template-base
< = jinja2-template-base
template = {{ empty_template }}
template = {{ empty_template }}
rendered = {{ cert_file }}
rendered = {{ cert_file }}
extra-context =
extra-context =
key content {{ cert_title + '-config:value' }}
key content {{ cert_title + '-config:value' }}
# BBB: SlapOS Master non-zero knowledge BEGIN
{#- BBB: SlapOS Master non-zero knowledge BEGIN #}
# Store certificate in config
{#- Store certificate in config #}
[{{ cert_title + '-config' }}]
[{{ cert_title + '-config' }}]
value = {{ dumps(slave_instance.get(cert_name)) }}
value = {{ dumps(slave_instance.get(cert_name)) }}
{% endif %}
{%- endif %}
{% endfor %}
{%- endfor %}
{#- Set Up Certs #}
{#- Set Up Certs #}
{% if 'ssl_key' in slave_instance and 'ssl_crt' in slave_instance %}
{%
-
if 'ssl_key' in slave_instance and 'ssl_crt' in slave_instance %}
{% set cert_title = '%s-crt' % (slave_reference) %}
{%
-
set cert_title = '%s-crt' % (slave_reference) %}
{% set cert_file = '/'.join([bbb_ssl_directory, cert_title.replace('-','.')]) %}
{%
-
set cert_file = '/'.join([bbb_ssl_directory, cert_title.replace('-','.')]) %}
{% do kedifa_updater_mapping.append((key_download_url, certificate, cert_file)) %}
{%
-
do kedifa_updater_mapping.append((key_download_url, certificate, cert_file)) %}
{% do part_list.append(cert_title) %}
{%
-
do part_list.append(cert_title) %}
{% do slave_parameter_dict.__setitem__("ssl_crt", cert_file) %}
{%
-
do slave_parameter_dict.__setitem__("ssl_crt", cert_file) %}
[{{cert_title}}]
[{{cert_title}}]
< = jinja2-template-base
< = jinja2-template-base
...
@@ -220,13 +208,14 @@ rendered = {{ cert_file }}
...
@@ -220,13 +208,14 @@ rendered = {{ cert_file }}
cert-content = {{ dumps(slave_instance.get('ssl_crt') + '\n' + slave_instance.get('ssl_ca_crt', '') + '\n' + slave_instance.get('ssl_key')) }}
cert-content = {{ dumps(slave_instance.get('ssl_crt') + '\n' + slave_instance.get('ssl_ca_crt', '') + '\n' + slave_instance.get('ssl_key')) }}
extra-context =
extra-context =
key content :cert-content
key content :cert-content
{% else %}
{%- else %}
{% do kedifa_updater_mapping.append((key_download_url, certificate, master_certificate)) %}
{%- do kedifa_updater_mapping.append((key_download_url, certificate, master_certificate)) %}
{% endif %}
{%- endif %}
# BBB: SlapOS Master non-zero knowledge END
{#- BBB: SlapOS Master non-zero knowledge END #}
{#- ########################################## #}
{#- Set Slave Configuration #}
{# ########################################## #}
{# Set Slave Configuration #}
[{{ slave_configuration_section_name }}]
[{{ slave_configuration_section_name }}]
certificate = {{ certificate }}
certificate = {{ certificate }}
https_port = {{ dumps('' ~ https_port) }}
https_port = {{ dumps('' ~ https_port) }}
...
@@ -235,11 +224,11 @@ local_ipv4 = {{ dumps('' ~ local_ipv4) }}
...
@@ -235,11 +224,11 @@ local_ipv4 = {{ dumps('' ~ local_ipv4) }}
cached_port = {{ dumps('' ~ cached_port) }}
cached_port = {{ dumps('' ~ cached_port) }}
ssl_cached_port = {{ ('' ~ ssl_cached_port) }}
ssl_cached_port = {{ ('' ~ ssl_cached_port) }}
request_timeout = {{ ('' ~ request_timeout) }}
request_timeout = {{ ('' ~ request_timeout) }}
{%
for key, value in slave_instance.iteritems() %}
{%
-
for key, value in slave_instance.iteritems() %}
{%
if value is not none %}
{%
-
if value is not none %}
{{ key }} = {{ dumps('' ~ value) }}
{{ key }} = {{ dumps('' ~ value) }}
{%
endif %}
{%
-
endif %}
{%
endfor %}
{%
-
endfor %}
[{{ slave_section_title }}]
[{{ slave_section_title }}]
< = jinja2-template-base
< = jinja2-template-base
...
@@ -254,10 +243,10 @@ filename = {{ '%s.conf' % slave_reference }}
...
@@ -254,10 +243,10 @@ filename = {{ '%s.conf' % slave_reference }}
{{ '\n' }}
{{ '\n' }}
{% set monitor_ipv6_test = slave_instance.get('monitor-ipv6-test', '') %}
{%
-
set monitor_ipv6_test = slave_instance.get('monitor-ipv6-test', '') %}
{% if monitor_ipv6_test %}
{%
-
if monitor_ipv6_test %}
{% set monitor_ipv6_section_title = 'check-%s-ipv6-packet-list-test' % slave_instance.get('slave_reference') %}
{%
-
set monitor_ipv6_section_title = 'check-%s-ipv6-packet-list-test' % slave_instance.get('slave_reference') %}
{% do part_list.append(monitor_ipv6_section_title) %}
{%
-
do part_list.append(monitor_ipv6_section_title) %}
[{{ monitor_ipv6_section_title }}]
[{{ monitor_ipv6_section_title }}]
<= monitor-promise-base
<= monitor-promise-base
module = check_icmp_packet_lost
module = check_icmp_packet_lost
...
@@ -265,12 +254,11 @@ name = {{ monitor_ipv6_section_title }}.py
...
@@ -265,12 +254,11 @@ name = {{ monitor_ipv6_section_title }}.py
config-address = {{ dumps(monitor_ipv6_test) }}
config-address = {{ dumps(monitor_ipv6_test) }}
# promise frequency in minutes (2 times/day)
# promise frequency in minutes (2 times/day)
config-frequency = 720
config-frequency = 720
{% endif %}
{%- endif %}
{%- set monitor_ipv4_test = slave_instance.get('monitor-ipv4-test', '') %}
{% set monitor_ipv4_test = slave_instance.get('monitor-ipv4-test', '') %}
{%- if monitor_ipv4_test %}
{% if monitor_ipv4_test %}
{%- set monitor_ipv4_section_title = 'check-%s-ipv4-packet-list-test' % slave_instance.get('slave_reference') %}
{% set monitor_ipv4_section_title = 'check-%s-ipv4-packet-list-test' % slave_instance.get('slave_reference') %}
{%- do part_list.append(monitor_ipv4_section_title) %}
{% do part_list.append(monitor_ipv4_section_title) %}
[{{ monitor_ipv4_section_title }}]
[{{ monitor_ipv4_section_title }}]
<= monitor-promise-base
<= monitor-promise-base
module = check_icmp_packet_lost
module = check_icmp_packet_lost
...
@@ -279,46 +267,41 @@ config-address = {{ dumps(monitor_ipv4_test) }}
...
@@ -279,46 +267,41 @@ config-address = {{ dumps(monitor_ipv4_test) }}
config-ipv4 = true
config-ipv4 = true
# promise frequency in minutes (2 times/day)
# promise frequency in minutes (2 times/day)
config-frequency = 720
config-frequency = 720
{% endif %}
{%- endif %}
{# ############################### #}
{#
-
############################### #}
{# Publish Slave Information #}
{#
-
Publish Slave Information #}
{% if not extra_slave_instance_list %}
{%
-
if not extra_slave_instance_list %}
{% set publish_section_title = 'publish-%s-connection-information' % slave_instance.get('slave_reference') %}
{%
-
set publish_section_title = 'publish-%s-connection-information' % slave_instance.get('slave_reference') %}
{% do part_list.append(publish_section_title) %}
{%
-
do part_list.append(publish_section_title) %}
[{{ publish_section_title }}]
[{{ publish_section_title }}]
recipe = slapos.cookbook:publish
recipe = slapos.cookbook:publish
{% for key, value in slave_publish_dict.iteritems() %}
{%
-
for key, value in slave_publish_dict.iteritems() %}
{{ key }} = {{ value }}
{{ key }} = {{ value }}
{% endfor %}
{%- endfor %}
{% else %}
{%- else %}
{% do slave_instance_information_list.append(slave_publish_dict) %}
{%- do slave_instance_information_list.append(slave_publish_dict) %}
{% endif %}
{%- endif %}
{%- endfor %} {# Slave iteration ends for slave_instance in slave_instance_list #}
{# End of the main for loop#}
{% endfor %}
[slave-log-directories]
[slave-log-directories]
<= slave-log-directory-dict
<= slave-log-directory-dict
recipe = slapos.cookbook:mkdirectory
recipe = slapos.cookbook:mkdirectory
{% do part_list.append('slave-log-directories') %}
{%
-
do part_list.append('slave-log-directories') %}
[slave-log-cache-direct-directories]
[slave-log-cache-direct-directories]
<= slave-log-cache-direct-directory-dict
<= slave-log-cache-direct-directory-dict
recipe = slapos.cookbook:mkdirectory
recipe = slapos.cookbook:mkdirectory
{% do part_list.append('slave-log-cache-direct-directories') %}
{%- do part_list.append('slave-log-cache-direct-directories') %}
{%- do part_list.append('caddy-log-access') %}
{% do part_list.append('caddy-log-access') %}
{#- ############################################## #}
{#- ## Prepare virtualhost for slaves using cache #}
{%- for slave_reference, slave_configuration_section_name in cached_server_dict.iteritems() %}
{%- set cached_slave_configuration_section_title = '%s-cached-virtualhost' % slave_reference %}
{%- do part_list.append(cached_slave_configuration_section_title) %}
###############################################
### Prepare virtualhost for slaves using cache
{% for slave_reference, slave_configuration_section_name in cached_server_dict.iteritems() %}
{% set cached_slave_configuration_section_title = '%s-cached-virtualhost' % slave_reference %}
{% do part_list.append(cached_slave_configuration_section_title) %}
[{{ cached_slave_configuration_section_title }}]
[{{ cached_slave_configuration_section_title }}]
< = jinja2-template-base
< = jinja2-template-base
template = {{ template_cached_slave_configuration }}
template = {{ template_cached_slave_configuration }}
...
@@ -328,8 +311,7 @@ extensions = jinja2.ext.do
...
@@ -328,8 +311,7 @@ extensions = jinja2.ext.do
extra-context =
extra-context =
section slave_parameter {{ slave_configuration_section_name }}
section slave_parameter {{ slave_configuration_section_name }}
{{ '\n' }}
{{ '\n' }}
{% endfor %}
{%- endfor %}
{#- Define IPv6 to IPV4 tunneling #}
{#- Define IPv6 to IPV4 tunneling #}
[tunnel-6to4-base]
[tunnel-6to4-base]
recipe = slapos.cookbook:wrapper
recipe = slapos.cookbook:wrapper
...
@@ -359,7 +341,8 @@ ipv6-port = {{ cached_port }}
...
@@ -359,7 +341,8 @@ ipv6-port = {{ cached_port }}
ipv4-port = {{ ssl_cached_port }}
ipv4-port = {{ ssl_cached_port }}
ipv6-port = {{ ssl_cached_port }}
ipv6-port = {{ ssl_cached_port }}
{# Define log access #}
{#- Define log access #}
[caddy-log-access-parameters]
[caddy-log-access-parameters]
caddy_log_directory = {{ dumps(caddy_log_directory) }}
caddy_log_directory = {{ dumps(caddy_log_directory) }}
caddy_configuration_directory = {{ dumps(caddy_configuration_directory) }}
caddy_configuration_directory = {{ dumps(caddy_configuration_directory) }}
...
@@ -382,15 +365,15 @@ extra-context =
...
@@ -382,15 +365,15 @@ extra-context =
section parameter_dict caddy-log-access-parameters
section parameter_dict caddy-log-access-parameters
{# Publish information for the instance #}
{#
-
Publish information for the instance #}
[publish-caddy-information]
[publish-caddy-information]
recipe = slapos.cookbook:publish.serialised
recipe = slapos.cookbook:publish.serialised
public-ipv4 = {{ public_ipv4 }}
public-ipv4 = {{ public_ipv4 }}
private-ipv4 = {{ local_ipv4 }}
private-ipv4 = {{ local_ipv4 }}
{% if extra_slave_instance_list %}
{%
-
if extra_slave_instance_list %}
{# sort_keys are important in order to avoid shuffling parameters on each run #}
{#
-
sort_keys are important in order to avoid shuffling parameters on each run #}
slave-instance-information-list = {{ json_module.dumps(slave_instance_information_list, sort_keys=True) }}
slave-instance-information-list = {{ json_module.dumps(slave_instance_information_list, sort_keys=True) }}
{% endif %}
{%
-
endif %}
monitor-base-url = {{ monitor_base_url }}
monitor-base-url = {{ monitor_base_url }}
csr_id-url = https://[${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port}/csr_id.txt
csr_id-url = https://[${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port}/csr_id.txt
csr_id-certificate = ${get-csr_id-certificate:certificate}
csr_id-certificate = ${get-csr_id-certificate:certificate}
...
@@ -418,9 +401,9 @@ update-command = ${:command}
...
@@ -418,9 +401,9 @@ update-command = ${:command}
recipe = slapos.recipe.template:jinja2
recipe = slapos.recipe.template:jinja2
file = {{ kedifa_updater_mapping_file }}
file = {{ kedifa_updater_mapping_file }}
template = inline:
template = inline:
{% for mapping in kedifa_updater_mapping %}
{%
-
for mapping in kedifa_updater_mapping %}
{{ mapping[0] }} {{ mapping[1] }} {{ mapping[2] }}
{{ mapping[0] }} {{ mapping[1] }} {{ mapping[2] }}
{% endfor %}
{%
-
endfor %}
rendered = ${:file}
rendered = ${:file}
...
@@ -440,12 +423,12 @@ extends =
...
@@ -440,12 +423,12 @@ extends =
parts +=
parts +=
kedifa-updater
kedifa-updater
kedifa-updater-run
kedifa-updater-run
{% for part in part_list %}
{%
-
for part in part_list %}
{{ ' %s' % part }}
{{ ' %s' % part }}
{% endfor %}
{%
-
endfor %}
{% if 'caddy-log-access' not in part_list %}
{%
-
if 'caddy-log-access' not in part_list %}
caddy-log-access-empty
caddy-log-access-empty
{% endif %}
{%
-
endif %}
publish-caddy-information
publish-caddy-information
tunnel-6to4-base-http_port
tunnel-6to4-base-http_port
tunnel-6to4-base-https_port
tunnel-6to4-base-https_port
...
@@ -531,4 +514,4 @@ recipe = collective.recipe.shelloutput
...
@@ -531,4 +514,4 @@ recipe = collective.recipe.shelloutput
commands =
commands =
certificate = cat ${certificate-csr_id:certificate}
certificate = cat ${certificate-csr_id:certificate}
{%
endif %
}
{%
- endif %} {# if software_type == slap_software_type #
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment