diff --git a/software/apache-frontend/apache-yakari.cfg.in b/software/apache-frontend/apache-yakari.cfg.in
index 166e1ddee49ebc978465966e26bdea3cb54d6cb5..004ffe00e8505c3694fa6c647618b8b48c5caa66 100644
--- a/software/apache-frontend/apache-yakari.cfg.in
+++ b/software/apache-frontend/apache-yakari.cfg.in
@@ -17,10 +17,18 @@ context =
{% set slave_parameter_dict = generic_instance_parameter_dict.copy() -%}
# Set slave domain if none was defined
{% if slave_instance.get('domain', None) == None -%}
-{% do slave_instance.__setitem__('domain', "%s.%s" % (slave_instance.get('slave_reference').replace("-", "").lower(), domain)) -%}
+# Backward compatibility
+{% if slave_instance.get('custom_domain', None) != None -%}
+{% do slave_instance.__setitem__('domain', slave_instance.get('custom_domain') )-%}
+{% else -%}
+{% do slave_instance.__setitem__('domain', "%s.%s" % (slave_instance.get('slave_reference').replace("-", "").lower(), domain)) -%}
+{% endif -%}
{% endif -%}
-{% if 'enable_cache' in slave_instance -%}
+# Set personal log, two per slave
+{% set access_log = '/'.join([apache_log_directory, '%s_access_log' % slave_reference]) -%}
+{% set error_log = '/'.join([apache_log_directory, '%s_error_log' % slave_reference]) -%}
# The slave use cache
+{% if 'enable_cache' in slave_instance -%}
{% do cached_server_dict.__setitem__(slave_instance.get('domain'), slave_instance.get('url')) -%}
{% endif -%}
{% do slave_instance.__setitem__('url', cache_access) -%}
@@ -36,6 +44,8 @@ extra-context =
raw domain {{ domain }}
raw https_port {{ https_port }}
raw http_port {{ http_port }}
+ raw access_log {{ access_log }}
+ raw error_log {{ error_log }}
{{ '\n' }}
# Set apache configuration for slave
@@ -43,6 +53,16 @@ extra-context =
{% for key, value in slave_instance.iteritems() -%}
{{ key }} = {{ dumps(value) }}
{% endfor %}
+
+# Publish slave information
+{% set publish_section_title = 'publish-%s-connection-information' % slave_instance.get('slave_reference') -%}
+{% do part_list.append(publish_section_title) -%}
+[{{ publish_section_title }}]
+recipe = slapos.cookbook:publish
+slave-reference = {{ slave_instance.get('slave_reference') }}
+reference = {{ slave_instance.get('slave_reference') }}
+public-ipv4 = {{ public_ipv4 }}
+domain = {{ slave_instance.get('domain') }}
{% endfor -%}
diff --git a/software/apache-frontend/common.cfg b/software/apache-frontend/common.cfg
index 002710949a0434bad7fb8c8e4a5ba70148750c5c..bb93e33b43089a85547795b6a535136892a2254f 100644
--- a/software/apache-frontend/common.cfg
+++ b/software/apache-frontend/common.cfg
@@ -115,6 +115,11 @@ recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/000.conf.in
mode = 640
+[template-default-slave-virtualhost]
+recipe = slapos.recipe.build:download
+url = ${:_profile_base_location_}/default-virtualhost.conf.in
+mode = 640
+
[template-empty]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/empty.in
diff --git a/software/apache-frontend/default-virtualhost.conf.in b/software/apache-frontend/default-virtualhost.conf.in
new file mode 100644
index 0000000000000000000000000000000000000000..54ce2729c941ffa78c3a6ee495d95a13b2f04e85
--- /dev/null
+++ b/software/apache-frontend/default-virtualhost.conf.in
@@ -0,0 +1,63 @@
+<VirtualHost *:{{ http_port }}>
+ ServerName {{ slave_parameter.get('domain', '') }}
+ ServerAlias {{ slave_parameter.get('domain', '') }}
+ SSLEngine on
+ SSLProxyEngine on
+ # Rewrite part
+ ProxyVia On
+ ProxyPreserveHost On
+ ProxyTimeout 600
+ RewriteEngine On
+
+ # One Slave two logs
+ ErrorLog "{{ error_log }}"
+ LogLevel warn
+ LogFormat "%h %l %{REMOTE_USER}i %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D" combined
+ CustomLog "{{ access_log }}" combined
+
+{% if slave_parameter.get('type', '') == 'zope' -%}
+ # First, we check if we have a zope backend server
+ # If so, let's use Virtual Host Daemon rewrite
+ # We suppose that Apache listens to 80 (even indirectly thanks to things like iptables)
+ RewriteRule ^/(.*)$ {{ slave_parameter.get('url', '') }}/VirtualHostBase/http/{{ slave_parameter.get('domain', '') }}:80/{{ slave_parameter.get('path', '') }}/VirtualHostRoot/$1 [L,P]
+{% else -%}
+ RewriteRule ^/(.*)$ {{ slave_parameter.get('url', '') }}/$1 [L,P]
+{% endif -%}
+ # If nothing exist : put a nice error
+# ErrorDocument 404 /notfound.html
+
+</VirtualHost>
+
+<VirtualHost *:{{ https_port }}>
+ ServerName {{ slave_parameter.get('domain', '') }}
+ ServerAlias {{ slave_parameter.get('domain', '') }}
+ SSLProxyEngine on
+ # Rewrite part
+ ProxyVia On
+ ProxyPreserveHost On
+ ProxyTimeout 600
+ RewriteEngine On
+
+ # One Slave two logs
+ ErrorLog "{{ error_log }}"
+ LogLevel warn
+ LogFormat "%h %l %{REMOTE_USER}i %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D" combined
+ CustomLog "{{ access_log }}" combined
+
+ # Remove "Secure" from cookies, as backend may be https
+ Header edit Set-Cookie "(?i)^(.+);secure$" "$1"
+
+{% if 'https-only' in slave_parameter -%}
+ # Not using HTTPS? Ask that guy over there.
+ # Dummy redirection to https. Note: will work only if https listens
+ # on standard port (443).
+ RewriteRule ^/(.*)$ https://%{DOMAIN}%{REQUEST_URI}
+{% elif slave_parameter.get('type', '') == 'zope' -%}
+ # First, we check if we have a zope backend server
+ # If so, let's use Virtual Host Daemon rewrite
+ # We suppose that Apache listens to 443 (even indirectly thanks to things like iptables)
+ RewriteRule ^/(.*)$ {{ slave_parameter.get('url', '') }}/VirtualHostBase/https/{{ slave_parameter.get('domain', '') }}:443/{{ slave_parameter.get('path', '') }}/VirtualHostRoot/$1 [L,P]
+{% else -%}
+ RewriteRule ^/(.*)$ {{ slave_parameter.get('url', '') }}/$1 [L,P]
+{% endif -%}
+</VirtualHost>
diff --git a/software/apache-frontend/instance.cfg b/software/apache-frontend/instance.cfg
index 2761093a371fc0be92ce727cb995d6b4be641c9a..7c990fdae394165a41fca1ba1b33772387d360b4 100644
--- a/software/apache-frontend/instance.cfg
+++ b/software/apache-frontend/instance.cfg
@@ -58,7 +58,9 @@ squid-cache = $${:srv}/squid_cache
[switch-softwaretype]
recipe = slapos.cookbook:softwaretype
-default = $${dynamic-template-slave-list:rendered}
+default = $${dynamic-default-template-slave-list:rendered}
+custom-personal = $${dynamic-custom-personal-template-slave-list:rendered}
+custom-group = $${dynamic-custom-group-template-slave-list:rendered}
[instance-parameter]
# Fetches parameters defined in SlapOS Master for this instance.
@@ -101,7 +103,7 @@ extra-context =
key http_port instance-parameter:configuration.plain_http_port
key https_port instance-parameter:configuration.port
-[dynamic-template-slave-list]
+[dynamic-custom-personal-template-slave-list]
< = jinja2-template-base
template = ${template-slave-list:target}
filename = instance-slave-list.cfg
@@ -120,7 +122,7 @@ extra-context =
raw template_slave_configuration ${template-slave-configuration:target}
raw template_rewrite_cached ${template-rewrite-cached:target}
-[dynamic-custom-template-slave-list]
+[dynamic-custom-group-template-slave-list]
< = jinja2-template-base
template = ${template-custom-slave-list:target}
filename = instance-slave-list.cfg
@@ -135,6 +137,27 @@ extra-context =
key rewrite_cached_configuration apache-configuration:cached-rewrite-file
key custom_ssl_directory apache-directory:vh-ssl
key template_slave_configuration dynamic-virtualhost-template-slave:rendered
+ key apache_log_directory apache-directory:slave-log
+ raw empty_template ${template-empty:target}
+ raw cache_access http://$${instance-parameter:ipv4-random}:$${apache-configuration:cache-port}
+ raw template_rewrite_cached ${template-rewrite-cached:target}
+
+[dynamic-default-template-slave-list]
+< = jinja2-template-base
+template = ${template-custom-slave-list:target}
+filename = instance-slave-list.cfg
+extensions = jinja2.ext.do
+extra-context =
+ key apache_configuration_directory apache-directory:slave-configuration
+ key domain instance-parameter:configuration.domain
+ key http_port instance-parameter:configuration.plain_http_port
+ key https_port instance-parameter:configuration.port
+ key public_ipv4 instance-parameter:configuration.public-ipv4
+ key slave_instance_list instance-parameter:slave-instance-list
+ key rewrite_cached_configuration apache-configuration:cached-rewrite-file
+ key custom_ssl_directory apache-directory:vh-ssl
+ key apache_log_directory apache-directory:slave-log
+ raw template_slave_configuration ${template-default-slave-virtualhost:target}
raw empty_template ${template-empty:target}
raw cache_access http://$${instance-parameter:ipv4-random}:$${apache-configuration:cache-port}
raw template_rewrite_cached ${template-rewrite-cached:target}