Commit 093840f5 authored by Thomas Gambier's avatar Thomas Gambier 🚴🏼

Update Release Candidate

parents d4416d1a e4d09d28
......@@ -17,7 +17,7 @@ depends =
[caddy]
# revision and repository can be used to control which caddy version is used
revision = db2741c6e0a1c06340391c5b9fa282b876a33361
revision = 0c3d90ed21a4df1b5e75ff4d5f908fd3018f902c
repository = github.com/mholt/caddy/caddy
recipe = plone.recipe.command
......
......@@ -523,7 +523,6 @@ Note that in some cases promises will fail:
* not possible to request frontend slave for monitoring (monitoring frontend promise)
* no slaves present (configuration promise and others)
* no cached slave present (configuration promise and others)
* no nginx style slave present (websocket, notebook) (configuration promise and others)
This is known issue and shall be tackled soon.
......
......@@ -8,7 +8,7 @@ Generally things to be done with ``caddy-frontend``:
* **Jérome Perrin**: *For event source, if I understand https://github.com/mholt/caddy/issues/1355 correctly, we could use caddy as a proxy in front of nginx-push-stream . If we have a "central shared" caddy instance, can it handle keeping connections opens for many clients ?*
* ``check-error-on-caddy-log`` like ``check-error-on-apache-log``
* move out ``test/utils.py`` and use it from shared python distribution
* reduce the time of configuration validation (in ``instance-apache-frontend.cfg.in`` sections ``[configtest]``, ``[caddy-configuration]``, ``[nginx-configuration]``), as it is not scalable on frontend with 2000+ slaves (takes few minutes instead of few, < 5, seconds), issue posted `upstream <https://github.com/mholt/caddy/issues/2220>`_
* reduce the time of configuration validation (in ``instance-apache-frontend.cfg.in`` sections ``[configtest]``, ``[caddy-configuration]``), as it is not scalable on frontend with 2000+ slaves (takes few minutes instead of few, < 5, seconds), issue posted `upstream <https://github.com/mholt/caddy/issues/2220>`_
* drop ``6tunnel`` and use ``bind`` in Caddy configuration, as soon as multiple binds will be possible, tracked in upstream `bind: support multiple values <https://github.com/mholt/caddy/pull/2128>`_ and `ipv6: does not bind on ipv4 and ipv6 for sites that resolve to both <https://github.com/mholt/caddy/issues/864>`_
* use caddy-frontend in `standalone style playbooks <https://lab.nexedi.com/nexedi/slapos.package/tree/master/playbook/roles/standalone-shared>`_
* in ``templates/apache-custom-slave-list.cfg.in`` avoid repetetive ``part_list.append`` and use macro like in ERP5 SR (cf `Vincent's comment <https://lab.nexedi.com/nexedi/slapos/merge_requests/373#note_64362>`_)
......
......@@ -22,15 +22,15 @@ md5sum = c801b7f9f11f0965677c22e6bbe9281b
[template-apache-frontend]
filename = instance-apache-frontend.cfg.in
md5sum = ab5312fb5454d5358b22b000cf6ed124
md5sum = bde0f62dfe2eeef8f10b4315535095cb
[template-apache-replicate]
filename = instance-apache-replicate.cfg.in
md5sum = 37edefdb9963daa67b01e5d55d97c17d
md5sum = d62aefe002ec13875924e4c219914795
[template-slave-list]
filename = templates/apache-custom-slave-list.cfg.in
md5sum = f9efdfe7a7e3a78f0b15f414b5469316
md5sum = 75439cb035393e68c73672b224bead54
[template-slave-configuration]
filename = templates/custom-virtualhost.conf.in
......@@ -54,7 +54,7 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b
[template-default-slave-virtualhost]
filename = templates/default-virtualhost.conf.in
md5sum = b882c408202cd2dd13f619210321a528
md5sum = 0c5ef7f26a142c3ab53e835d2caa698d
[template-cached-slave-virtualhost]
filename = templates/cached-virtualhost.conf.in
......@@ -84,18 +84,10 @@ md5sum = baf7b89cc9ab5506100b0c900808c1ea
filename = templates/trafficserver/logging.config.jinja2
md5sum = cd6bb9bd0734f17469b0ca88f8b1a531
[template-nginx-configuration]
filename = templates/nginx.cfg.in
md5sum = d4c6c585c8a7da12c16b4b8e5a1cd90a
[template-nginx-eventsource-slave-virtualhost]
filename = templates/nginx-eventsource-slave.conf.in
md5sum = 217a6c801b8330b0b825f7b8b4c77184
[template-nginx-notebook-slave-virtualhost]
filename = templates/nginx-notebook-slave.conf.in
md5sum = 982489258b9c2cafc9b52a94e7a8660f
[template-caddy-lazy-script-call]
filename = templates/apache-lazy-script-call.sh.in
md5sum = b9f73f6323f9fceea054c46c854d2862
......
......@@ -123,9 +123,6 @@ template_caddy_lazy_script_call = ${template-caddy-lazy-script-call:target}
template_default_slave_virtualhost = ${template-default-slave-virtualhost:target}
template_empty = ${template-empty:target}
template_log_access = ${template-log-access:target}
template_nging_configuration = ${template-nginx-configuration:output}
template_nginx_eventsource_slave_virtualhost = ${template-nginx-eventsource-slave-virtualhost:target}
template_nginx_notebook_slave_virtualhost = ${template-nginx-notebook-slave-virtualhost:target}
template_not_found_html = ${template-not-found-html:target}
template_slave_configuration = ${template-slave-configuration:target}
template_slave_list = ${template-slave-list:target}
......@@ -240,13 +237,6 @@ filename = storage.config.jinja2
url = ${:_profile_base_location_}/templates/trafficserver/${:filename}
filename = logging.config.jinja2
# NGINX Configuration
[template-nginx-configuration]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/templates/nginx.cfg.in
output = ${buildout:directory}/template-nginx.cfg.in
mode = 0644
[template-caddy-lazy-script-call]
<=download-template
filename = apache-lazy-script-call.sh.in
......@@ -259,14 +249,6 @@ filename = graceful-script.sh.in
<=download-template
filename = validate-script.sh.in
[template-nginx-eventsource-slave-virtualhost]
<=download-template
filename = nginx-eventsource-slave.conf.in
[template-nginx-notebook-slave-virtualhost]
<=download-template
filename = nginx-notebook-slave.conf.in
# Migrated from KVM recipe
[http-proxy]
# https://github.com/nodejitsu/node-http-proxy
......
......@@ -11,12 +11,10 @@ parts =
directory
configtest
logrotate-entry-caddy
logrotate-entry-nginx
caddy-frontend
switch-caddy-softwaretype
caucase-updater
frontend-caddy-graceful
frontend-nginx-graceful
not-found-html
port-redirection
promise-frontend-caddy-configuration
......@@ -28,13 +26,6 @@ parts =
promise-caddy-frontend-ssl-cached
promise-caddy-is-process-older-than-dependency-set
promise-nginx-frontend-v4-https
promise-nginx-frontend-v4-http
promise-nginx-frontend-v6-https
promise-nginx-frontend-v6-http
promise-nginx-configuration
promise-nginx-is-process-older-than-dependency-set
trafficserver-launcher
trafficserver-reload
trafficserver-configuration-directory
......@@ -47,9 +38,6 @@ parts =
trafficserver-promise-listen-port
trafficserver-promise-cache-availability
## Nginx
nginx-frontend
## Monitor for Caddy
monitor-base
monitor-ats-cache-stats-wrapper
......@@ -81,10 +69,7 @@ ca-dir = ${:srv}/ssl
bbb-ssl-dir = ${:srv}/bbb-ssl
# BBB: SlapOS Master non-zero knowledge END
varnginx = ${:var}/nginx
frontend_cluster = ${:var}/frontend_cluster
nginx_cluster = ${:var}/nginx_cluster
# csr_id publication
csr_id = ${:srv}/csr_id
......@@ -168,8 +153,6 @@ template-slave-configuration = {{ parameter_dict['template_slave_configuration']
template-default-slave-virtualhost = {{ parameter_dict['template_default_slave_virtualhost'] }}
template-cached-slave-virtualhost = {{ parameter_dict['template_cached_slave_virtualhost'] }}
caddy-location = {{ parameter_dict['caddy_location'] }}
template-nginx-eventsource-slave-virtualhost = {{ parameter_dict['template_nginx_eventsource_slave_virtualhost'] }}
template-nginx-notebook-slave-virtualhost = {{ parameter_dict['template_nginx_notebook_slave_virtualhost'] }}
[kedifa-login-config]
d = ${directory:ca-dir}
......@@ -237,7 +220,6 @@ extra-context =
key kedifa_caucase_ca_certificate kedifa-login-config:ca-certificate
key kedifa_login_certificate kedifa-login-config:certificate
key caddy_configuration_directory caddy-directory:slave-configuration
key nginx_configuration_directory caddy-directory:nginx-slave-configuration
key caddy_cached_configuration_directory caddy-directory:slave-with-cache-configuration
key slave_with_cache_configuration_directory caddy-directory:slave-with-cache-configuration
key kedifa_updater :kedifa-updater
......@@ -257,8 +239,6 @@ extra-context =
key csr_cas_ca_certificate kedifa-login-config:cas-ca-certificate
key http_port configuration:plain_http_port
key https_port configuration:port
key nginx_http_port configuration:plain_nginx_port
key nginx_https_port configuration:nginx_port
key public_ipv4 configuration:public-ipv4
key slave_instance_list :slave_instance_list
key extra_slave_instance_list :extra_slave_instance_list
......@@ -270,20 +250,15 @@ extra-context =
key local_ipv4 :local_ipv4
key local_ipv6 :local_ipv6
key global_ipv6 slap-network-information:global-ipv6
key varnginx directory:varnginx
key empty_template software-release-path:template-empty
key template_custom_slave_configuration software-release-path:template-slave-configuration
key template_default_slave_configuration software-release-path:template-default-slave-virtualhost
key template_cached_slave_configuration software-release-path:template-cached-slave-virtualhost
key template_eventsource_slave_configuration software-release-path:template-nginx-eventsource-slave-virtualhost
key template_notebook_slave_configuration software-release-path:template-nginx-notebook-slave-virtualhost
key software_type :software_type
key frontend_lazy_graceful_reload frontend-caddy-lazy-graceful:rendered
key frontend_graceful_reload caddy-configuration:frontend-graceful-command
key nginx_graceful_reload nginx-configuration:nginx-graceful-command
section frontend_configuration frontend-configuration
section caddy_configuration caddy-configuration
section nginx_configuration nginx-configuration
key monitor_base_url monitor-instance-parameter:monitor-base-url
key plugin_directory directory:plugin
key promise_directory directory:promises
......@@ -388,7 +363,6 @@ slave-with-cache-configuration = ${directory:etc}/caddy-slave-with-cache-conf.d/
cache = ${directory:var}/cache
mod-ssl = ${:cache}/httpd_mod_ssl
slave-log = ${directory:log}/httpd
nginx-slave-configuration = ${directory:etc}/nginx-slave-conf.d/
autocert = ${directory:srv}/autocert
master-autocert-dir = ${:autocert}/master-autocert
custom-ssl-directory = ${:slave-configuration}/ssl
......@@ -444,13 +418,6 @@ rotate-num = 30
# or access log, and that this will trigger postrotate script.
post = ${frontend-caddy-lazy-graceful:rendered} &
[logrotate-entry-nginx]
<= logrotate-entry-base
name = caddy-nginx
log = ${nginx-configuration:error_log} ${nginx-configuration:access_log}
rotate-num = 30
post = ${nginx-configuration:nginx-graceful-command}
#################
# Trafficserver
#################
......@@ -593,20 +560,6 @@ extra-context =
key sha256sum :sha256sum
key signature_file :signature_file
[frontend-nginx-graceful]
< = jinja2-template-base
template = {{ parameter_dict['template_graceful_script'] }}
rendered = ${directory:etc-run}/frontend-nginx-safe-graceful
mode = 0700
path_list = ${dynamic-nginx-frontend-template:rendered} ${caddy-directory:nginx-slave-configuration}/*.conf ${caddy-directory:master-autocert-dir}/*.key ${caddy-directory:master-autocert-dir}/*.crt ${caddy-directory:master-autocert-dir}/*.pem ${caddy-directory:autocert}/*.pem ${caddy-directory:custom-ssl-directory}/*.proxy_ca_crt ${directory:bbb-ssl-dir}/*.crt
sha256sum = {{ parameter_dict['sha256sum'] }}
signature_file = ${directory:run}/nginx_graceful_signature
extra-context =
key graceful_reload_command nginx-configuration:nginx-graceful-command
key path_list :path_list
key sha256sum :sha256sum
key signature_file :signature_file
[frontend-caddy-validate]
< = jinja2-template-base
template = {{ parameter_dict['template_validate_script'] }}
......@@ -620,19 +573,6 @@ extra-context =
key sha256sum :sha256sum
key signature_file :signature_file
[frontend-nginx-validate]
< = jinja2-template-base
template = {{ parameter_dict['template_validate_script'] }}
rendered = ${directory:bin}/frontend-nginx-validate
mode = 0700
sha256sum = {{ parameter_dict['sha256sum'] }}
signature_file = ${directory:run}/nginx_validate_signature
extra-context =
key wrapper nginx-wrapper:wrapper-path
key path_list frontend-nginx-graceful:path_list
key sha256sum :sha256sum
key signature_file :signature_file
[frontend-caddy-lazy-graceful]
< = jinja2-template-base
template = {{ parameter_dict['template_caddy_lazy_script_call'] }}
......@@ -759,104 +699,6 @@ module = check_url_available
name = re6st-connectivity.py
config-url = ${configuration:re6st-verification-url}
#######################
# Nginx
#
[nginx-wrapper]
recipe = slapos.cookbook:wrapper
environment =
CADDYPATH=${directory:nginx_cluster}
command-line = {{ parameter_dict['caddy'] }}
-conf ${dynamic-nginx-frontend-template:rendered}
-log ${nginx-configuration:error_log}
-log-roll-mb 0
{% if instance_parameter['configuration.global-disable-http2'].lower() in TRUE_VALUES %}
-http2=false
{% else %}
-http2=true
{% endif %}
-grace {{ instance_parameter['configuration.mpm-graceful-shutdown-timeout'] }}s
-disable-http-challenge
-disable-tls-alpn-challenge
wrapper-path = ${directory:bin}/nginx-wrapper
[nginx-frontend]
recipe = slapos.cookbook:wrapper
command-line = ${nginx-wrapper:wrapper-path} -pidfile ${nginx-configuration:pid-file}
wrapper-path = ${directory:service}/frontend_nginx
hash-files = ${buildout:directory}/software_release/buildout.cfg
[dynamic-nginx-frontend-template]
< = jinja2-template-base
template = {{ parameter_dict['template_nging_configuration'] }}
rendered = ${directory:etc}/nginx.cfg
mode = 0600
extra-context =
key port nginx-configuration:port
key local_ip nginx-configuration:local_ip
key plain_port nginx-configuration:plain_port
key slave_configuration_directory nginx-configuration:slave-configuration-directory
key error_log nginx-configuration:error_log
key access_log nginx-configuration:access_log
key not_found_file caddy-configuration:not-found-file
key master_certificate caddy-configuration:master-certificate
# BBB: SlapOS Master non-zero knowledge BEGIN
key apache_certificate apache-certificate:rendered
# BBB: SlapOS Master non-zero knowledge END
[nginx-configuration]
access_log = ${directory:log}/nginx-access.log
error_log = ${directory:log}/nginx-error.log
ip = ${slap-network-information:global-ipv6}
local_ip = ${slap-network-information:local-ipv4}
port = ${configuration:nginx_port}
plain_port = ${configuration:plain_nginx_port}
worker_processes = 4
worker_connections = 1024
slave-configuration-directory = ${caddy-directory:nginx-slave-configuration}
pid-file = ${directory:run}/nginx.pid
nginx-graceful-command = ${:nginx-configuration-verification} && kill -USR1 $(cat ${:pid-file})
nginx-configuration-verification = ${frontend-nginx-validate:rendered}
[promise-nginx-configuration]
<= promise-plugin-base
module = validate_frontend_configuration
name = nginx-configuration-promise.py
config-verification-script = ${nginx-configuration:nginx-configuration-verification}
[promise-nginx-frontend-v4-https]
<= promise-plugin-base
module = check_port_listening
name = nginx_frontend_ipv4_https.py
config-hostname = {{ instance_parameter['ipv4-random'] }}
config-port = ${configuration:nginx_port}
[promise-nginx-frontend-v4-http]
<= promise-plugin-base
module = check_port_listening
name = nginx_frontend_ipv4_http.py
config-hostname = {{ instance_parameter['ipv4-random'] }}
config-port = ${configuration:plain_nginx_port}
[promise-nginx-frontend-v6-https]
<= promise-plugin-base
module = check_port_listening
name = nginx_frontend_ipv6_https.py
config-hostname = {{ instance_parameter['ipv6-random'] }}
config-port = ${configuration:nginx_port}
[promise-nginx-frontend-v6-http]
<= promise-plugin-base
module = check_port_listening
name = nginx_frontend_ipv6_http.py
config-hostname = {{ instance_parameter['ipv6-random'] }}
config-port = ${configuration:plain_nginx_port}
[promise-nginx-is-process-older-than-dependency-set]
recipe = slapos.cookbook:wrapper
command-line = {{ parameter_dict['bin_directory'] }}/is-process-older-than-dependency-set ${nginx-configuration:pid-file}
wrapper-path = ${directory:promise}/promise-nginx-is-process-older-than-dependency-set
[port-redirection]
<= jinja2-template-base
template = inline:
......
......@@ -79,6 +79,12 @@ context =
{% set slave_error_list = [] %}
{% set slave_warning_list = [] %}
{% set slave_server_alias_unclashed = [] %}
{% set slave_type = slave.get('type') %}
{% if slave_type == 'eventsource' %}
{% do slave_error_list.append('type:eventsource is not implemented') %}
{% elif slave_type not in [None, '', 'default', 'zope', 'redirect', 'notebook', 'websocket'] %}
{% do slave_error_list.append('type:%s is not supported' % (slave_type,)) %}
{% endif %}
{# BBB: apache_custom_https AND apache_custom_http #}
{% set custom_domain = slave.get('custom_domain') %}
{% if custom_domain and custom_domain in used_host_list %}
......
......@@ -46,7 +46,7 @@
"nginx-domain": {
"description": "Base Domain for create subdomains (ie.: example2.com) for websocket, notebook and eventsource.",
"pattern": "^([a-zA-Z0-9]([a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9])?\\.)+[a-zA-Z]{2,6}$",
"title": "Nginx Domain",
"title": "[NOT IMPLEMENTED] Nginx Domain",
"type": "string"
},
"public-ipv4": {
......
......@@ -107,6 +107,22 @@
"title": "type:zope Backend Path",
"type": "string"
},
"websocket-path-list": {
"default": "",
"description": "Space separated list of path to the websocket application. If not set the whole slave will be websocket, if set then / will be HTTP, and /<websocket-path> will be WSS. In order to have ' ' in the space use '%20'",
"title": "type:websocket Websocket Application Path List",
"type": "string"
},
"websocket-transparent": {
"default": "true",
"description": "If set to false, websocket slave will be without Caddy's transparent proxy mode. Depending on the application the setting shall be false or true. Defaults to true for transparent proxying.",
"enum": [
"false",
"true"
],
"title": "type:websocket Transparent proxy",
"type": "string"
},
"prefer-gzip-encoding-to-backend": {
"default": "false",
"description": "If set to true, frontend will rewrite Accept-Encoding request header to simply 'gzip' for all variants of Accept-Encoding containing 'gzip', in order to maximize cache hits for resources cached with Vary: Accept-Encoding when enable_cache is used",
......@@ -148,12 +164,13 @@
},
"type": {
"default": "",
"description": "Type of slave. If redirect, the slave will redirect to the given url. If zope, the rewrite rules will be compatible with Virtual Host Monster. Implemented are default, zope and redirect, not implemneted are notebook and eventsource.",
"description": "Type of slave. If redirect, the slave will redirect to the given url. If zope, the rewrite rules will be compatible with Virtual Host Monster. Implemented are default, zope, redirect, notebook and websocket, not implemneted is eventsource.",
"enum": [
"",
"zope",
"redirect",
"notebook",
"websocket",
"eventsource"
],
"title": "Backend Type",
......
......@@ -9,7 +9,7 @@
},
"type": {
"default": "",
"description": "Type of slave. If redirect, the slave will redirect to the given url. If zope, the rewrite rules will be compatible with Virtual Host Monster. Implemented are default, zope and redirect, not implemneted are notebook and eventsource.",
"description": "Type of slave. If redirect, the slave will redirect to the given url. If zope, the rewrite rules will be compatible with Virtual Host Monster. Implemented are default, zope, redirect, notebook and websocket, not implemneted is eventsource.",
"enum": [
"",
"zope"
......
......@@ -9,7 +9,6 @@
{% set cache_access = "http://%s:%s" % (local_ipv4, cache_port) %}
{% set ssl_cache_access = "http://%s:%s/HTTPS" % (local_ipv4, cache_port) %}
{% set TRUE_VALUES = ['y', 'yes', '1', 'true'] %}
{% set NGINX_TYPE_LIST = ['eventsource', 'notebook'] %}
{% set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': local_ipv4, 'http_port': http_port, 'https_port': https_port} %}
{% set slave_log_dict = {} %}
{% if extra_slave_instance_list %}
......@@ -98,12 +97,8 @@ output = {{ plugin_directory }}/${:name}
{# Set slave domain if none was defined #}
{% if slave_instance.get('custom_domain', None) == None %}
{% set domain_prefix = slave_instance.get('slave_reference').replace("-", "").replace("_", "").lower() %}
{% if slave_type in NGINX_TYPE_LIST %}
{% do slave_instance.__setitem__('custom_domain', "%s.%s" % (domain_prefix, slapparameter_dict.get('nginx-domain', slapparameter_dict.get('domain')))) %}
{% else %}
{% do slave_instance.__setitem__('custom_domain', "%s.%s" % (domain_prefix, slapparameter_dict.get('domain'))) %}
{% endif %}
{% endif %}
{% set enable_cache = (('' ~ slave_instance.get('enable_cache', '')).lower() in TRUE_VALUES and slave_type != 'redirect') %}
{% if enable_cache and 'url' in slave_instance %}
......@@ -223,8 +218,6 @@ certificate = {{ certificate }}
https_port = {{ dumps('' ~ https_port) }}
http_port = {{ dumps('' ~ http_port) }}
local_ipv4 = {{ dumps('' ~ local_ipv4) }}
nginx_http_port = {{ dumps('' ~ nginx_http_port) }}
nginx_https_port = {{ dumps('' ~ nginx_https_port) }}
cached_port = {{ dumps('' ~ cached_port) }}
ssl_cached_port = {{ ('' ~ ssl_cached_port) }}
{# BBB: apache_custom_https and apache_custom_http #}
......@@ -251,26 +244,20 @@ caddy_custom_https = {{ dumps(caddy_custom_https) }}
[{{ slave_section_title }}]
< = jinja2-template-base
{% if slave_type in NGINX_TYPE_LIST %}
rendered = {{ nginx_configuration_directory }}/${:filename}
{% else %}
rendered = {{ caddy_configuration_directory }}/${:filename}
{% endif %}
{% if caddy_custom_http or caddy_custom_https %}
template = {{ template_custom_slave_configuration }}
{% elif slave_type == 'eventsource' %}
template = {{ template_eventsource_slave_configuration }}
{% elif slave_type == 'notebook' %}
template = {{ template_notebook_slave_configuration }}
extra-context =
section slave_parameter {{ slave_configuration_section_name }}
{% else %}
template = {{ template_default_slave_configuration }}
extra-context =
section slave_parameter {{ slave_configuration_section_name }}
import urllib_module urllib
{% endif %}
filename = {{ '%s.conf' % slave_reference }}
extra-context =
section slave_parameter {{ slave_configuration_section_name }}
{{ '\n' }}
......@@ -407,16 +394,6 @@ ipv6-port = {{ cached_port }}
ipv4-port = {{ ssl_cached_port }}
ipv6-port = {{ ssl_cached_port }}
[tunnel-6to4-base-nginx_http_port]
<= tunnel-6to4-base
ipv4-port = {{ nginx_http_port }}
ipv6-port = {{ nginx_http_port }}
[tunnel-6to4-base-nginx_https_port]
<= tunnel-6to4-base
ipv4-port = {{ nginx_https_port }}
ipv6-port = {{ nginx_https_port }}
{# Define log access #}
[caddy-log-access-parameters]
caddy_log_directory = {{ dumps(caddy_log_directory) }}
......@@ -458,7 +435,7 @@ command-line = {{ kedifa_updater }}
--server-ca-certificate {{ kedifa_caucase_ca_certificate }}
--identity {{ kedifa_login_certificate }}
--master-certificate {{ master_certificate }}
--on-update "{{ frontend_graceful_reload }} ; {{ nginx_graceful_reload }}"
--on-update "{{ frontend_graceful_reload }}"
${kedifa-updater-mapping:file}
{{ kedifa_updater_state_file }}
......@@ -498,8 +475,6 @@ parts +=
tunnel-6to4-base-https_port
tunnel-6to4-base-cached_port
tunnel-6to4-base-ssl_cached_port
tunnel-6to4-base-nginx_http_port
tunnel-6to4-base-nginx_https_port
expose-csr_id
cache-access = {{ cache_access }}
......
......@@ -16,7 +16,6 @@
{%- if slave_parameter.get('custom_domain') not in host_list %}
{%- do host_list.append(slave_parameter.get('custom_domain')) %}
{%- endif %}
{%- set backend_url = slave_parameter.get('https-url', slave_parameter.get('url', '')).rstrip('/') %}
{%- set http_host_list = [] %}
{%- set https_host_list = [] %}
{%- for host in host_list %}
......@@ -24,12 +23,35 @@
{%- do https_host_list.append('https://%s:%s' % (host, slave_parameter['https_port'] )) %}
{%- endfor %} {#- for host in host_list #}
{%- set default_path = slave_parameter.get('default-path', '').strip('/') | urlencode %}
{%- set websocket_path_list = [] %}
{%- for websocket_path in slave_parameter.get('websocket-path-list', '').split() %}
{%- set websocket_path = websocket_path.strip('/') %}
{#- Unquote the path, so %20 and similar can be represented correctly #}
{%- set websocket_path = urllib_module.unquote(websocket_path.strip()) %}
{%- if websocket_path %}
{%- do websocket_path_list.append(websocket_path) %}
{%- endif %}
{%- endfor %}
{%- set websocket_transparent = slave_parameter.get('websocket-transparent', 'true').lower() in TRUE_VALUES %}
{%- if slave_type in ['notebook', 'websocket'] %}
{# websocket style needs http 1.1 max #}
{%- set enable_h2 = False %}
{%- endif %}
{%- for tls in [True, False] %}
{%- if tls %}
{%- set backend_url = slave_parameter.get('https-url', slave_parameter.get('url', '')).rstrip('/') %}
# SSL enabled hosts
{{ https_host_list|join(', ') }} {
{%- else %}
{%- set backend_url = slave_parameter.get('url', '').rstrip('/') %}
# SSL-disabled hosts
{{ http_host_list|join(', ') }} {
{%- endif %}
bind {{ slave_parameter['local_ipv4'] }}
# Compress the output
gzip
{%- if tls %}
tls {{ slave_parameter['certificate'] }} {{ slave_parameter['certificate'] }} {
{%- if enable_h2 %}
# Allow HTTP2
......@@ -39,6 +61,7 @@
alpn http/1.1
{%- endif %} {#- if enable_h2 #}
} {# tls #}
{%- endif %} {#- if tls #}
log / {{ slave_parameter.get('access_log') }} "{remote} - {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" {
rotate_size 0
}
......@@ -59,15 +82,20 @@
if {>Accept-Encoding} not_match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
to {1}
}
{% else %}
{% elif slave_type not in ['notebook', 'websocket'] %}
rewrite {
regexp (.*)
to {1}
}
{% endif %}
{% endif %} {# elif slave_type != 'notebook' #}
{%- endif %} {#- if not (slave_type == 'zope' and backend_url) #}
{%- if slave_type == 'zope' and backend_url %}
{%- if not tls and https_only %}
# Enforced redirection to SSL-enabled host
redir 302 {
/ https://{host}{rewrite_uri}
}
{%- elif slave_type == 'zope' and backend_url %}
# Zope configuration
{%- for (proxy_name, proxy_comment) in proxy_append_list %}
# {{ proxy_comment }}
......@@ -114,17 +142,29 @@
rewrite {
regexp (.*)
if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
{%- if tls %}
to /prefer-gzip/VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-https-port', '443') | int }}%2F{{ slave_parameter.get('path', '').strip('/') }}%2FVirtualHostRoot/{1}
{%- else %}
to /prefer-gzip/VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-http-port', '80') | int }}%2F{{ slave_parameter.get('path', '').strip('/') }}%2FVirtualHostRoot/{1}
{%- endif %}
}
rewrite {
regexp (.*)
if {>Accept-Encoding} not_match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
{%- if tls %}
to /VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-https-port', '443') | int }}%2F{{ slave_parameter.get('path', '').strip('/') }}%2FVirtualHostRoot/{1}
{%- else %}
to /VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-http-port', '80') | int }}%2F{{ slave_parameter.get('path', '').strip('/') }}%2FVirtualHostRoot/{1}
{%- endif %}
}
{%- else %}
rewrite {
regexp (.*)
{%- if tls %}
to /VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-https-port', '443') | int }}%2F{{ slave_parameter.get('path', '').strip('/') }}%2FVirtualHostRoot/{1}
{%- else %}
to /VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-http-port', '80') | int }}%2F{{ slave_parameter.get('path', '').strip('/') }}%2FVirtualHostRoot/{1}
{%- endif %}
} {# rewrite #}
{%- endif %} {#- if prefer_gzip #}
{%- elif slave_type == 'redirect' and backend_url %} {#- if slave_type == 'zope' and backend_url #}
......@@ -132,159 +172,59 @@
redir 302 {
/ {{ backend_url }}{rewrite_uri}
} {# redir #}
{%- else %} {#- if slave_type == 'zope' and backend_url #}
# Default configuration
{%- if default_path %}
redir 301 {
if {path} is /
/ {scheme}://{host}/{{ default_path }}
} {# redir #}
{%- endif %} {#- if default_path #}
{%- if backend_url %}
{%- for (proxy_name, proxy_comment) in proxy_append_list %}
# {{ proxy_comment }}
proxy /{{ proxy_name }} {{ backend_url }} {
{%- elif slave_type == 'notebook' %}
proxy / {{ backend_url }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
{%- if proxy_name == 'prefer-gzip' %}
without /prefer-gzip
header_upstream Accept-Encoding gzip
{%- endif %} {#- if proxy_name == 'prefer-gzip' #}
# As backend is trusting REMOTE_USER header unset it always
header_upstream -REMOTE_USER
{%- for disabled_cookie in disabled_cookie_list %}
# Remove cookie {{ disabled_cookie }} from client Cookies
header_upstream Cookie "(.*)(^{{ disabled_cookie }}=[^;]*; |; {{ disabled_cookie }}=[^;]*|^{{ disabled_cookie }}=[^;]*$)(.*)" "$1 $3"
{%- endfor %} {#- for disabled_cookie in disabled_cookie_list #}
{%- if disable_via_header %}
header_downstream -Via
{%- endif %} {#- if disable_via_header #}
{%- if disable_no_cache_header %}
header_upstream -Cache-Control
header_upstream -Pragma
{%- endif %} {#- if disable_no_cache_header #}
transparent
timeout 600s
{%- if ssl_proxy_verify %}
{%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %}
ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }}
{%- endif %} {#- if 'path_to_ssl_proxy_ca_crt' in slave_parameter #}
{%- else %} {#- if ssl_proxy_verify #}
insecure_skip_verify
{%- endif %} {#- if ssl_proxy_verify #}
} {# proxy #}
{%- endfor %} {#- for (proxy_name, proxy_comment) in proxy_append_list #}
{%- endif %} {#- if backend_url #}
{%- endif %} {#- if slave_type == 'zope' and backend_url #}
} {# https_host_list|join(', ') #}
# SSL-disabled hosts
{{ http_host_list|join(', ') }} {
bind {{ slave_parameter['local_ipv4'] }}
# Compress the output
gzip
log / {{ slave_parameter.get('access_log') }} "{remote} - {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" {
rotate_size 0
}
errors {{ slave_parameter.get('error_log') }} {
rotate_size 0
}
{%- if not (slave_type == 'zope' and backend_url) %}
{%- if prefer_gzip %}
rewrite {
regexp (.*)
if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
to /prefer-gzip{1}
}
rewrite {
regexp (.*)
if {>Accept-Encoding} not_match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
to {1}
}
{% else %}
rewrite {
regexp (.*)
to {1}
regexp "/(api/kernels/[^/]+/(channels|iopub|shell|stdin)|terminals/websocket)/?"
to /proxy/{1}
}
{% endif %}
{%- endif %} {#- if not (slave_type == 'zope' and backend_url) #}
{%- if https_only %}
# Enforced redirection to SSL-enabled host
redir 302 {
/ https://{host}{rewrite_uri}
proxy /proxy/ {{ backend_url }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
header_upstream X-Real-IP {remote}
header_upstream Host {host}
websocket
without /proxy/
insecure_skip_verify
}
{%- elif slave_type == 'redirect' and slave_parameter.get('url', '') %} {#- if https_only #}
# Redirect configuration
redir 302 {
/ {{ slave_parameter.get('url', '') }}{rewrite_uri}
} {# redir #}
{%- elif slave_type == 'zope' and backend_url %} {#- if https_only #}
# Zope configuration
{%- for (proxy_name, proxy_comment) in proxy_append_list %}
# {{ proxy_comment }}
proxy /{{ proxy_name }} {{ backend_url }} {
{%- elif slave_type == 'websocket' %}
{%- if websocket_path_list %}
proxy / {{ backend_url }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
{%- if proxy_name == 'prefer-gzip' %}
without /prefer-gzip
header_upstream Accept-Encoding gzip
{%- endif %} {#- if proxy_name == 'prefer-gzip' #}
# As backend is trusting REMOTE_USER header unset it always
header_upstream -REMOTE_USER
{%- for disabled_cookie in disabled_cookie_list %}
# Remove cookie {{ disabled_cookie }} from client Cookies
header_upstream Cookie "(.*)(^{{ disabled_cookie }}=[^;]*; |; {{ disabled_cookie }}=[^;]*|^{{ disabled_cookie }}=[^;]*$)(.*)" "$1 $3"
{%- endfor %} {#- for disabled_cookie in disabled_cookie_list #}
{%- if disable_via_header %}
header_downstream -Via
{%- endif %} {#- if disable_via_header #}
{%- if disable_no_cache_header %}
header_upstream -Cache-Control
header_upstream -Pragma
{%- endif %} {#- if disable_no_cache_header #}
{%- if websocket_transparent %}
transparent
timeout 600s
{%- if ssl_proxy_verify %}
{%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %}
ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }}
{%- endif %} {#- if 'path_to_ssl_proxy_ca_crt' in slave_parameter #}
{%- else %} {#- if ssl_proxy_verify #}
{%- endif %}
insecure_skip_verify
{%- endif %} {#- if ssl_proxy_verify #}
} {# proxy #}
{%- endfor %} {#- for (proxy_name, proxy_comment) in proxy_append_list #}
{%- if default_path %}
redir 301 {
if {path} is /
/ {scheme}://{host}/{{ default_path }}
} {# redir #}
{%- endif %} {#- if default_path #}
{%- if prefer_gzip %}
rewrite {
regexp (.*)
if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
to /prefer-gzip/VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-http-port', '80') | int }}%2F{{ slave_parameter.get('path', '').strip('/') }}%2FVirtualHostRoot/{1}
}
rewrite {
regexp (.*)
if {>Accept-Encoding} not_match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
to /VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-http-port', '80') | int }}%2F{{ slave_parameter.get('path', '').strip('/') }}%2FVirtualHostRoot/{1}
{%- for websocket_path in websocket_path_list %}
proxy /{{ websocket_path }} {{ backend_url }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
websocket
{%- if websocket_transparent %}
transparent
{%- endif %}
insecure_skip_verify
}
{%- endfor %}
{%- else %}
rewrite {
regexp (.*)
to /VirtualHostBase/{scheme}%2F%2F{hostonly}:{{ slave_parameter.get('virtualhostroot-http-port', '80') | int }}%2F{{ slave_parameter.get('path', '').strip('/') }}%2FVirtualHostRoot/{1}
} {# rewrite #}
{% endif %} {#- if prefer_gzip #}
{%- else %} {#- if https_only #}
proxy / {{ backend_url }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
websocket
{%- if websocket_transparent %}
transparent
{%- endif %}
insecure_skip_verify
}
{%- endif %}
{%- else %} {#- if slave_type == 'zope' and backend_url #}
# Default configuration
{%- if default_path %}
redir 301 {
......@@ -292,10 +232,11 @@
/ {scheme}://{host}/{{ default_path }}
} {# redir #}
{%- endif %} {#- if default_path #}
{%- if slave_parameter.get('url', '') %}
{%- if backend_url %}
{%- for (proxy_name, proxy_comment) in proxy_append_list %}
# {{ proxy_comment }}
proxy /{{ proxy_name }} {{ slave_parameter.get('url', '') }} {
proxy /{{ proxy_name }} {{ backend_url }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
{%- if proxy_name == 'prefer-gzip' %}
......@@ -328,6 +269,7 @@
{%- endif %} {#- if ssl_proxy_verify #}
} {# proxy #}
{%- endfor %} {#- for (proxy_name, proxy_comment) in proxy_append_list #}
{%- endif %} {#- if slave_parameter.get('url', '') #}
{%- endif %} {#- if https_only #}
} {# http_host_list|join(', ') #}
{%- endif %} {#- if backend_url #}
{%- endif %} {#- if slave_type == 'zope' and backend_url #}
} {# https_host_list|join(', ') #}
{%- endfor %} {#- for tls in [True, False] #}
{%- set url = slave_parameter.get('url') %}
{%- set https_url = slave_parameter.get('https-url', url) %}
{%- if url.startswith("http://") or url.startswith("https://") %}
{%- set upstream = url.split("/")[2] %}
{%- set https_upstream = https_url.split("/")[2] %}
# SSL-enabled
https://{{ slave_parameter.get('custom_domain') }}:{{ slave_parameter['nginx_https_port'] }} {
bind {{ slave_parameter['local_ipv4'] }}
# Compress the output
gzip
log / {{ slave_parameter.get('access_log') }} "{remote} - {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" {
rotate_size 0
}
errors {{ slave_parameter.get('error_log') }} {
rotate_size 0
}
tls {{ slave_parameter['certificate'] }} {{ slave_parameter['certificate'] }} {
alpn http/1.1
}
proxy / {{ https_upstream }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
transparent
insecure_skip_verify
}
rewrite {
regexp "/(api/kernels/[^/]+/(channels|iopub|shell|stdin)|terminals/websocket)/?"
to /proxy/{1}
}
proxy /proxy/ {{ https_upstream }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
header_upstream X-Real-IP {remote}
header_upstream Host {host}
websocket
without /proxy/
insecure_skip_verify
}
}
# SSL-disabled
http://{{ slave_parameter.get('custom_domain') }}:{{ slave_parameter['nginx_http_port'] }} {
bind {{ slave_parameter['local_ipv4'] }}
# Compress the output
gzip
log / {{ slave_parameter.get('access_log') }} "{remote} - {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" {
rotate_size 0
}
errors {{ slave_parameter.get('error_log') }} {
rotate_size 0
}
proxy / {{ upstream }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
transparent
insecure_skip_verify
}
rewrite {
regexp "/(api/kernels/[^/]+/(channels|iopub|shell|stdin)|terminals/websocket)/?"
to /proxy/{1}
}
proxy /proxy/ {{ upstream }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
header_upstream X-Real-IP {remote}
header_upstream Host {host}
websocket
without /proxy/
insecure_skip_verify
}
}
{%- endif %}
# TODO-Caddy worker_processes $${nginx-configuration:worker_processes};
# TODO-Caddy events {
# TODO-Caddy worker_connections $${nginx-configuration:worker_connections};
# TODO-Caddy # multi_accept on;
# TODO-Caddy }
# TODO-Caddy http {
##
# Basic Settings
##
# TODO-Caddy sendfile on;
# TODO-Caddy tcp_nopush on;
# TODO-Caddy tcp_nodelay on;
# TODO-Caddy keepalive_timeout 65;
# TODO-Caddy types_hash_max_size 2048;
# TODO-Caddy server_tokens off;
# TODO-Caddy log_format custom '$remote_addr - $remote_user $time_local $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_time';
# TODO-Caddy access_log $${nginx-configuration:access_log} custom;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
# TODO-Caddy default_type application/octet-stream;
# TODO-Caddy ssl_certificate $${ca-frontend:cert-file};
# TODO-Caddy ssl_certificate_key $${ca-frontend:key-file};
##
# Gzip Settings
##
# TODO-Caddy gzip on;
# TODO-Caddy gzip_disable "msie6";
# TODO-Caddy gzip_vary on;
# TODO-Caddy gzip_proxied any;
# TODO-Caddy gzip_comp_level 6;
# TODO-Caddy gzip_buffers 16 8k;
# TODO-Caddy gzip_http_version 1.1;
# TODO-Caddy gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
##
# Push stream Settings
##
# TODO-Caddy push_stream_shared_memory_size 32m;
# TODO-Caddy fastcgi_temp_path $${directory:varnginx} 1 2;
# TODO-Caddy uwsgi_temp_path $${directory:varnginx} 1 2;
# TODO-Caddy scgi_temp_path $${directory:varnginx} 1 2;
# TODO-Caddy client_body_temp_path $${directory:varnginx} 1 2;
# TODO-Caddy proxy_temp_path $${directory:varnginx} 1 2;
# TODO-Caddy }
import {{ slave_configuration_directory }}/*.conf
# Catch-all and 404 for not configured instances
:{{ port }} {
tls {{ master_certificate }} {{ master_certificate }}
bind {{ local_ip }}
# Serve an error 204 (No Content) for favicon.ico
status 204 /favicon.ico
status 404 /
log / {{ access_log }} "{remote} - {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" {
rotate_size 0
}
errors {{ error_log }} {
rotate_size 0
* {{ not_found_file }}
}
}
:{{ plain_port }} {
bind {{ local_ip }}
# Serve an error 204 (No Content) for favicon.ico
status 204 /favicon.ico
status 404 /
log / {{ access_log }} "{remote} - {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" {
rotate_size 0
}
errors {{ error_log }} {
rotate_size 0
* {{ not_found_file }}
}
}
......@@ -61,8 +61,6 @@ SLAPOS_TEST_IPV6 = os.environ['SLAPOS_TEST_IPV6']
# ports chosen to not collide with test systems
HTTP_PORT = '11080'
HTTPS_PORT = '11443'
NGINX_HTTP_PORT = '12080'
NGINX_HTTPS_PORT = '12443'
MONITOR_HTTPD_PORT = '13000'
MONITOR_F1_HTTPD_PORT = '13001'
MONITOR_F2_HTTPD_PORT = '13002'
......@@ -338,7 +336,6 @@ class TestDataMixin(object):
'monitor/monitor-collect.pid',
# may appear or not
'var/run/caddy_graceful_signature.tmp',
'var/run/nginx_graceful_signature.tmp',
])
def test_supervisor_state(self):
......@@ -533,8 +530,6 @@ class TestMasterRequest(HttpFrontendTestCase, TestDataMixin):
return {
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
......@@ -568,8 +563,6 @@ class TestMasterRequestDomain(HttpFrontendTestCase, TestDataMixin):
'domain': 'example.com',
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
......@@ -773,7 +766,6 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase):
[
'*.customdomain.example.com',
'*.example.com',
'*.nginx.example.com',
'*.alias1.example.com',
])
......@@ -954,14 +946,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
def getInstanceParameterDict(cls):
return {
'domain': 'example.com',
'nginx-domain': 'nginx.example.com',
'public-ipv4': SLAPOS_TEST_IPV4,
'-frontend-authorized-slave-string':
'_apache_custom_http_s-accepted _caddy_custom_http_s-accepted',
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
......@@ -1101,6 +1090,26 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'url': cls.backend_url,
'type': 'notebook',
},
'type-websocket': {
'url': cls.backend_url,
'type': 'websocket',
},
'type-websocket-websocket-path-list': {
'url': cls.backend_url,
'type': 'websocket',
'websocket-path-list': '////ws//// /with%20space/',
},
'type-websocket-websocket-transparent-false': {
'url': cls.backend_url,
'type': 'websocket',
'websocket-transparent': 'false',
},
'type-websocket-websocket-path-list-websocket-transparent-false': {
'url': cls.backend_url,
'type': 'websocket',
'websocket-path-list': '////ws//// /with%20space/',
'websocket-transparent': 'false',
},
'type-eventsource': {
'url': cls.backend_url,
'type': 'eventsource',
......@@ -1218,15 +1227,16 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
expected_parameter_dict = {
'monitor-base-url': None,
'domain': 'example.com',
'accepted-slave-amount': '45',
'rejected-slave-amount': '3',
'slave-amount': '48',
'accepted-slave-amount': '48',
'rejected-slave-amount': '4',
'slave-amount': '52',
'kedifa-caucase-url': 'http://[%s]:%s' % (
SLAPOS_TEST_IPV6, CAUCASE_PORT),
'rejected-slave-dict': {
"_apache_custom_http_s-rejected": ["slave not authorized"],
"_caddy_custom_http_s": ["slave not authorized"],
"_caddy_custom_http_s-rejected": ["slave not authorized"],
"_type-eventsource": ["type:eventsource is not implemented"]
}
}
......@@ -1252,11 +1262,6 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
open(os.path.join(partition_path, 'bin', 'caddy-wrapper'), 'r').read()
)
self.assertTrue(
'-grace 2s' in
open(os.path.join(partition_path, 'bin', 'nginx-wrapper'), 'r').read()
)
def test_monitor_conf(self):
monitor_conf_list = glob.glob(
os.path.join(
......@@ -2034,11 +2039,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
self.assertKedifaKeysWithPop(parameter_dict)
self.assertEqual(
{
'domain': '%s.nginx.example.com' % (hostname,),
'domain': '%s.example.com' % (hostname,),
'replication_number': '1',
'url': 'http://%s.nginx.example.com' % (hostname, ),
'site_url': 'http://%s.nginx.example.com' % (hostname, ),
'secure_access': 'https://%s.nginx.example.com' % (hostname, ),
'url': 'http://%s.example.com' % (hostname, ),
'site_url': 'http://%s.example.com' % (hostname, ),
'secure_access': 'https://%s.example.com' % (hostname, ),
'public-ipv4': SLAPOS_TEST_IPV4,
},
parameter_dict
......@@ -2047,7 +2052,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'],
'test-path',
NGINX_HTTPS_PORT)
HTTPS_PORT)
self.assertEqual(
self.certificate_pem,
......@@ -2058,18 +2063,210 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'],
'test/terminals/websocket/test',
NGINX_HTTPS_PORT)
HTTPS_PORT)
self.assertEqual(
self.certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/terminals/websocket')
self.assertFalse(
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
@skip('Feature postponed')
def test_type_websocket(self):
# Pure websocket configurable frontend
raise NotImplementedError
parameter_dict = self.assertSlaveBase(
'type-websocket')
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
headers={'Connection': 'Upgrade'})
self.assertEqual(
self.certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(
result,
'Path',
'/test-path'
)
try:
j = result.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertEqual(
'Upgrade',
j['Incoming Headers']['connection']
)
self.assertTrue('x-real-ip' in j['Incoming Headers'])
self.assertFalse(
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
def test_type_websocket_websocket_transparent_false(self):
parameter_dict = self.assertSlaveBase(
'type-websocket-websocket-transparent-false')
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
headers={'Connection': 'Upgrade'})
self.assertEqual(
self.certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(
result,
'Path',
'/test-path'
)
try:
j = result.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertEqual(
'Upgrade',
j['Incoming Headers']['connection']
)
self.assertFalse('x-real-ip' in j['Incoming Headers'])
self.assertFalse(
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
def test_type_websocket_websocket_path_list(self):
parameter_dict = self.assertSlaveBase(
'type-websocket-websocket-path-list')
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
headers={'Connection': 'Upgrade'})
self.assertEqual(
self.certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(
result,
'Path',
'/test-path'
)
self.assertFalse(
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
try:
j = result.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertFalse('connection' in j['Incoming Headers'].keys())
self.assertTrue('x-real-ip' in j['Incoming Headers'])
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'ws/test-path',
headers={'Connection': 'Upgrade'})
self.assertEqualResultJson(
result,
'Path',
'/ws/test-path'
)
self.assertFalse(
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
try:
j = result.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertEqual(
'Upgrade',
j['Incoming Headers']['connection']
)
self.assertTrue('x-real-ip' in j['Incoming Headers'])
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'],
'with%20space/test-path', headers={'Connection': 'Upgrade'})
self.assertEqualResultJson(
result,
'Path',
'/with%20space/test-path'
)
self.assertFalse(
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
try:
j = result.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertEqual(
'Upgrade',
j['Incoming Headers']['connection']
)
self.assertTrue('x-real-ip' in j['Incoming Headers'])
def test_type_websocket_websocket_path_list_websocket_transparent_false(
self):
parameter_dict = self.assertSlaveBase(
'type-websocket-websocket-path-list-websocket-transparent-false')
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
headers={'Connection': 'Upgrade'})
self.assertEqual(
self.certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(
result,
'Path',
'/test-path'
)
self.assertFalse(
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
try:
j = result.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertFalse('connection' in j['Incoming Headers'].keys())
self.assertFalse('x-real-ip' in j['Incoming Headers'])
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'ws/test-path',
headers={'Connection': 'Upgrade'})
self.assertEqualResultJson(
result,
'Path',
'/ws/test-path'
)
self.assertFalse(
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
try:
j = result.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertEqual(
'Upgrade',
j['Incoming Headers']['connection']
)
self.assertFalse('x-real-ip' in j['Incoming Headers'])
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'],
'with%20space/test-path', headers={'Connection': 'Upgrade'})
self.assertEqualResultJson(
result,
'Path',
'/with%20space/test-path'
)
self.assertFalse(
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
try:
j = result.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertEqual(
'Upgrade',
j['Incoming Headers']['connection']
)
self.assertFalse('x-real-ip' in j['Incoming Headers'])
@skip('Feature postponed')
def test_type_eventsource(self):
......@@ -2094,7 +2291,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'pub',
NGINX_HTTPS_PORT)
# NGINX_HTTPS_PORT
)
self.assertEqual(
self.certificate_pem,
......@@ -3121,15 +3319,12 @@ class TestReplicateSlave(SlaveHttpFrontendTestCase, TestDataMixin):
def getInstanceParameterDict(cls):
return {
'domain': 'example.com',
'nginx-domain': 'nginx.example.com',
'public-ipv4': SLAPOS_TEST_IPV4,
'-frontend-quantity': 2,
'-sla-2-computer_guid': 'slapos.test',
'-frontend-2-state': 'stopped',
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'-frontend-config-2-monitor-httpd-port': MONITOR_F2_HTTPD_PORT,
......@@ -3193,13 +3388,10 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase,
def getInstanceParameterDict(cls):
return {
'domain': 'example.com',
'nginx-domain': 'nginx.example.com',
'public-ipv4': SLAPOS_TEST_IPV4,
'enable-http2-by-default': 'false',
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
......@@ -3286,12 +3478,9 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase,
def getInstanceParameterDict(cls):
return {
'domain': 'example.com',
'nginx-domain': 'nginx.example.com',
'public-ipv4': SLAPOS_TEST_IPV4,
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
......@@ -3379,8 +3568,6 @@ class TestRe6stVerificationUrlDefaultSlave(SlaveHttpFrontendTestCase,
return {
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
......@@ -3434,8 +3621,6 @@ class TestRe6stVerificationUrlSlave(SlaveHttpFrontendTestCase,
return {
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
're6st-verification-url': 'some-re6st-verification-url',
......@@ -3489,12 +3674,9 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase,
def getInstanceParameterDict(cls):
return {
'domain': 'example.com',
'nginx-domain': 'nginx.example.com',
'public-ipv4': SLAPOS_TEST_IPV4,
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
......@@ -3592,8 +3774,6 @@ class TestDefaultMonitorHttpdPort(SlaveHttpFrontendTestCase, TestDataMixin):
'-frontend-1-state': 'stopped',
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
}
......@@ -3639,13 +3819,10 @@ class TestQuicEnabled(SlaveHttpFrontendTestCase, TestDataMixin):
def getInstanceParameterDict(cls):
return {
'domain': 'example.com',
'nginx-domain': 'nginx.example.com',
'public-ipv4': SLAPOS_TEST_IPV4,
'enable-quic': 'true',
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'mpm-graceful-shutdown-timeout': 2,
......@@ -3737,12 +3914,9 @@ class TestSlaveBadParameters(SlaveHttpFrontendTestCase, TestDataMixin):
def getInstanceParameterDict(cls):
return {
'domain': 'example.com',
'nginx-domain': 'nginx.example.com',
'public-ipv4': SLAPOS_TEST_IPV4,
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'mpm-graceful-shutdown-timeout': 2,
......@@ -4132,12 +4306,9 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin):
def getInstanceParameterDict(cls):
return {
'domain': 'example.com',
'nginx-domain': 'nginx.example.com',
'public-ipv4': SLAPOS_TEST_IPV4,
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'mpm-graceful-shutdown-timeout': 2,
......@@ -4391,14 +4562,11 @@ class TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster(
def getInstanceParameterDict(cls):
return {
'domain': 'example.com',
'nginx-domain': 'nginx.example.com',
'public-ipv4': SLAPOS_TEST_IPV4,
'apache-certificate': cls.certificate_pem,
'apache-key': cls.key_pem,
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
......@@ -4489,7 +4657,6 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
[
'*.customdomain.example.com',
'*.example.com',
'*.nginx.example.com',
])
cls.ca = CertificateAuthority(
......@@ -4512,14 +4679,11 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
def getInstanceParameterDict(cls):
return {
'domain': 'example.com',
'nginx-domain': 'nginx.example.com',
'public-ipv4': SLAPOS_TEST_IPV4,
'apache-certificate': cls.certificate_pem,
'apache-key': cls.key_pem,
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
......@@ -4855,11 +5019,11 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
self.assertKedifaKeysWithPop(parameter_dict)
self.assertEqual(
{
'domain': '%s.nginx.example.com' % (hostname,),
'domain': '%s.example.com' % (hostname,),
'replication_number': '1',
'url': 'http://%s.nginx.example.com' % (hostname, ),
'site_url': 'http://%s.nginx.example.com' % (hostname, ),
'secure_access': 'https://%s.nginx.example.com' % (hostname, ),
'url': 'http://%s.example.com' % (hostname, ),
'site_url': 'http://%s.example.com' % (hostname, ),
'secure_access': 'https://%s.example.com' % (hostname, ),
'public-ipv4': SLAPOS_TEST_IPV4
},
parameter_dict
......@@ -4867,7 +5031,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
NGINX_HTTPS_PORT)
HTTPS_PORT)
self.assertEqual(
self.certificate_pem,
......@@ -4883,11 +5047,11 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
hostname = reference.translate(None, '_-')
self.assertEqual(
{
'domain': '%s.nginx.example.com' % (hostname,),
'domain': '%s.example.com' % (hostname,),
'replication_number': '1',
'url': 'http://%s.nginx.example.com' % (hostname, ),
'site_url': 'http://%s.nginx.example.com' % (hostname, ),
'secure_access': 'https://%s.nginx.example.com' % (hostname, ),
'url': 'http://%s.example.com' % (hostname, ),
'site_url': 'http://%s.example.com' % (hostname, ),
'secure_access': 'https://%s.example.com' % (hostname, ),
'public-ipv4': SLAPOS_TEST_IPV4
},
parameter_dict
......@@ -4895,7 +5059,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
NGINX_HTTPS_PORT)
HTTPS_PORT)
self.assertEqual(
self.certificate_pem,
......@@ -4924,7 +5088,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
NGINX_HTTPS_PORT)
HTTPS_PORT)
self.assertEqual(
certificate_pem,
......@@ -4940,11 +5104,11 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
self.assertKedifaKeysWithPop(parameter_dict)
self.assertEqual(
{
'domain': '%s.nginx.example.com' % (hostname,),
'domain': '%s.example.com' % (hostname,),
'replication_number': '1',
'url': 'http://%s.nginx.example.com' % (hostname, ),
'site_url': 'http://%s.nginx.example.com' % (hostname, ),
'secure_access': 'https://%s.nginx.example.com' % (hostname, ),
'url': 'http://%s.example.com' % (hostname, ),
'site_url': 'http://%s.example.com' % (hostname, ),
'secure_access': 'https://%s.example.com' % (hostname, ),
'public-ipv4': SLAPOS_TEST_IPV4,
'warning-list': [
'ssl_key is obsolete, please use key-upload-url',
......@@ -4956,7 +5120,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
NGINX_HTTPS_PORT)
HTTPS_PORT)
self.assertEqual(
self.slave_certificate_pem,
......@@ -4972,11 +5136,11 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
hostname = reference.translate(None, '_-')
self.assertEqual(
{
'domain': '%s.nginx.example.com' % (hostname,),
'domain': '%s.example.com' % (hostname,),
'replication_number': '1',
'url': 'http://%s.nginx.example.com' % (hostname, ),
'site_url': 'http://%s.nginx.example.com' % (hostname, ),
'secure_access': 'https://%s.nginx.example.com' % (hostname, ),
'url': 'http://%s.example.com' % (hostname, ),
'site_url': 'http://%s.example.com' % (hostname, ),
'secure_access': 'https://%s.example.com' % (hostname, ),
'public-ipv4': SLAPOS_TEST_IPV4,
'warning-list': [
'ssl_key is obsolete, please use key-upload-url',
......@@ -4988,7 +5152,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
NGINX_HTTPS_PORT)
HTTPS_PORT)
self.assertEqual(
self.slave_certificate_pem,
......@@ -5017,7 +5181,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
NGINX_HTTPS_PORT)
HTTPS_PORT)
self.assertEqual(
certificate_pem,
......@@ -5258,12 +5422,9 @@ class TestSlaveSlapOSMasterCertificateCompatibilityUpdate(
instance_parameter_dict = {
'domain': 'example.com',
'nginx-domain': 'nginx.example.com',
'public-ipv4': SLAPOS_TEST_IPV4,
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT,
'plain_nginx_port': NGINX_HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
......@@ -5343,7 +5504,6 @@ class TestSlaveSlapOSMasterCertificateCompatibilityUpdate(
[
'*.customdomain.example.com',
'*.example.com',
'*.nginx.example.com',
'*.alias1.example.com',
])
......
......@@ -15,10 +15,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: ERROR
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: ERROR
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch STOPPED
T-2:6tunnel-11443-{hash}-on-watch STOPPED
T-2:6tunnel-12080-{hash}-on-watch STOPPED
T-2:6tunnel-12443-{hash}-on-watch STOPPED
T-2:6tunnel-26011-{hash}-on-watch STOPPED
T-2:6tunnel-26012-{hash}-on-watch STOPPED
T-2:bootstrap-monitor STOPPED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch STOPPED
T-2:crond-{hash}-on-watch STOPPED
T-2:expose-csr_id-{hash}-on-watch STOPPED
T-2:frontend-caddy-safe-graceful STOPPED
T-2:frontend-nginx-safe-graceful STOPPED
T-2:frontend_caddy-{hash}-on-watch STOPPED
T-2:frontend_nginx-{hash}-on-watch STOPPED
T-2:kedifa-login-certificate-caucase-updater-on-watch STOPPED
T-2:kedifa-updater-{hash}-on-watch STOPPED
T-2:monitor-httpd-{hash}-on-watch STOPPED
......
......@@ -7,7 +7,5 @@ T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_site_1_access_log
T-2/var/log/httpd/_site_1_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -15,10 +15,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -11,7 +11,5 @@ T-2/var/log/httpd/_enable-http2-false_error_log
T-2/var/log/httpd/_enable-http2-true_access_log
T-2/var/log/httpd/_enable-http2-true_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -19,10 +19,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -11,7 +11,5 @@ T-2/var/log/httpd/_enable-http2-false_error_log
T-2/var/log/httpd/_enable-http2-true_access_log
T-2/var/log/httpd/_enable-http2-true_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -19,10 +19,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -11,7 +11,5 @@ T-2/var/log/httpd/_enable-http2-false_error_log
T-2/var/log/httpd/_enable-http2-true_access_log
T-2/var/log/httpd/_enable-http2-true_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -19,10 +19,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -11,7 +11,5 @@ T-2/var/log/httpd/_enable-http2-false_error_log
T-2/var/log/httpd/_enable-http2-true_access_log
T-2/var/log/httpd/_enable-http2-true_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -19,10 +19,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -7,7 +7,5 @@ T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_empty_access_log
T-2/var/log/httpd/_empty_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -15,10 +15,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -4,7 +4,5 @@ T-1/var/log/expose-csr_id.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -6,7 +6,3 @@ T-2/var/run/caddy_validate_signature
T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -13,10 +13,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch EXITED
......
......@@ -4,7 +4,5 @@ T-1/var/log/expose-csr_id.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -6,7 +6,3 @@ T-2/var/run/caddy_validate_signature
T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -13,10 +13,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch EXITED
......
......@@ -7,7 +7,5 @@ T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_url_access_log
T-2/var/log/httpd/_url_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -15,10 +15,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -7,7 +7,5 @@ T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_default_access_log
T-2/var/log/httpd/_default_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -15,10 +15,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -7,7 +7,5 @@ T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_default_access_log
T-2/var/log/httpd/_default_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -15,10 +15,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: ERROR
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -7,7 +7,5 @@ T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_replicate_access_log
T-2/var/log/httpd/_replicate_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -15,11 +15,6 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
T-3/etc/plugin/buildout-T-3-status.py: OK
......@@ -35,10 +30,5 @@ T-3/etc/plugin/check-free-disk-space.py: OK
T-3/etc/plugin/frontend-caddy-configuration-promise.py: ERROR
T-3/etc/plugin/monitor-bootstrap-status.py: OK
T-3/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-3/etc/plugin/nginx-configuration-promise.py: ERROR
T-3/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-3/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-3/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-3/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-3/etc/plugin/re6st-connectivity.py: OK
T-3/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,7 +2,5 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
T-3/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-3/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-3/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......@@ -30,8 +26,6 @@ T-2:trafficserver-{hash}-on-watch RUNNING
T-2:trafficserver-reload EXITED
T-3:6tunnel-11080-{hash}-on-watch STOPPED
T-3:6tunnel-11443-{hash}-on-watch STOPPED
T-3:6tunnel-12080-{hash}-on-watch STOPPED
T-3:6tunnel-12443-{hash}-on-watch STOPPED
T-3:6tunnel-26011-{hash}-on-watch STOPPED
T-3:6tunnel-26012-{hash}-on-watch STOPPED
T-3:bootstrap-monitor STOPPED
......@@ -39,9 +33,7 @@ T-3:certificate_authority-{hash}-on-watch STOPPED
T-3:crond-{hash}-on-watch STOPPED
T-3:expose-csr_id-{hash}-on-watch STOPPED
T-3:frontend-caddy-safe-graceful STOPPED
T-3:frontend-nginx-safe-graceful STOPPED
T-3:frontend_caddy-{hash}-on-watch STOPPED
T-3:frontend_nginx-{hash}-on-watch STOPPED
T-3:kedifa-login-certificate-caucase-updater-on-watch STOPPED
T-3:kedifa-updater-{hash}-on-watch STOPPED
T-3:monitor-httpd-{hash}-on-watch STOPPED
......
......@@ -72,6 +72,14 @@ T-2/var/log/httpd/_type-notebook_access_log
T-2/var/log/httpd/_type-notebook_error_log
T-2/var/log/httpd/_type-redirect_access_log
T-2/var/log/httpd/_type-redirect_error_log
T-2/var/log/httpd/_type-websocket-websocket-path-list-websocket-transparent-false_access_log
T-2/var/log/httpd/_type-websocket-websocket-path-list-websocket-transparent-false_error_log
T-2/var/log/httpd/_type-websocket-websocket-path-list_access_log
T-2/var/log/httpd/_type-websocket-websocket-path-list_error_log
T-2/var/log/httpd/_type-websocket-websocket-transparent-false_access_log
T-2/var/log/httpd/_type-websocket-websocket-transparent-false_error_log
T-2/var/log/httpd/_type-websocket_access_log
T-2/var/log/httpd/_type-websocket_error_log
T-2/var/log/httpd/_type-zope-default-path_access_log
T-2/var/log/httpd/_type-zope-default-path_error_log
T-2/var/log/httpd/_type-zope-path_access_log
......@@ -93,7 +101,5 @@ T-2/var/log/httpd/_type-zope_error_log
T-2/var/log/httpd/_url_https-url_access_log
T-2/var/log/httpd/_url_https-url_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -76,12 +76,18 @@ T-2/etc/plugin/check-_ssl_ca_crt_garbage-error-log-last-day.py: OK
T-2/etc/plugin/check-_ssl_ca_crt_garbage-error-log-last-hour.py: OK
T-2/etc/plugin/check-_ssl_ca_crt_only-error-log-last-day.py: OK
T-2/etc/plugin/check-_ssl_ca_crt_only-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-eventsource-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-eventsource-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-notebook-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-notebook-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-redirect-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-redirect-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-websocket-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-websocket-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-websocket-websocket-path-list-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-websocket-websocket-path-list-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-websocket-websocket-path-list-websocket-transparent-false-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-websocket-websocket-path-list-websocket-transparent-false-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-websocket-websocket-transparent-false-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-websocket-websocket-transparent-false-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-zope-default-path-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-zope-default-path-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-zope-error-log-last-day.py: OK
......@@ -106,10 +112,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -21,7 +21,5 @@ T-2/var/log/httpd/_virtualhostroot-http-port-unsafe_error_log
T-2/var/log/httpd/_virtualhostroot-https-port-unsafe_access_log
T-2/var/log/httpd/_virtualhostroot-https-port-unsafe_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -32,10 +32,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -72,6 +72,14 @@ T-2/var/log/httpd/_type-notebook_access_log
T-2/var/log/httpd/_type-notebook_error_log
T-2/var/log/httpd/_type-redirect_access_log
T-2/var/log/httpd/_type-redirect_error_log
T-2/var/log/httpd/_type-websocket-websocket-path-list-websocket-transparent-false_access_log
T-2/var/log/httpd/_type-websocket-websocket-path-list-websocket-transparent-false_error_log
T-2/var/log/httpd/_type-websocket-websocket-path-list_access_log
T-2/var/log/httpd/_type-websocket-websocket-path-list_error_log
T-2/var/log/httpd/_type-websocket-websocket-transparent-false_access_log
T-2/var/log/httpd/_type-websocket-websocket-transparent-false_error_log
T-2/var/log/httpd/_type-websocket_access_log
T-2/var/log/httpd/_type-websocket_error_log
T-2/var/log/httpd/_type-zope-default-path_access_log
T-2/var/log/httpd/_type-zope-default-path_error_log
T-2/var/log/httpd/_type-zope-path_access_log
......@@ -93,7 +101,5 @@ T-2/var/log/httpd/_type-zope_error_log
T-2/var/log/httpd/_url_https-url_access_log
T-2/var/log/httpd/_url_https-url_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -76,12 +76,18 @@ T-2/etc/plugin/check-_ssl_ca_crt_garbage-error-log-last-day.py: OK
T-2/etc/plugin/check-_ssl_ca_crt_garbage-error-log-last-hour.py: OK
T-2/etc/plugin/check-_ssl_ca_crt_only-error-log-last-day.py: OK
T-2/etc/plugin/check-_ssl_ca_crt_only-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-eventsource-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-eventsource-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-notebook-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-notebook-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-redirect-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-redirect-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-websocket-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-websocket-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-websocket-websocket-path-list-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-websocket-websocket-path-list-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-websocket-websocket-path-list-websocket-transparent-false-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-websocket-websocket-path-list-websocket-transparent-false-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-websocket-websocket-transparent-false-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-websocket-websocket-transparent-false-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-zope-default-path-error-log-last-day.py: OK
T-2/etc/plugin/check-_type-zope-default-path-error-log-last-hour.py: OK
T-2/etc/plugin/check-_type-zope-error-log-last-day.py: OK
......@@ -106,10 +112,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -29,7 +29,5 @@ T-2/var/log/httpd/_type-notebook-ssl_from_slave_error_log
T-2/var/log/httpd/_type-notebook-ssl_from_slave_kedifa_overrides_access_log
T-2/var/log/httpd/_type-notebook-ssl_from_slave_kedifa_overrides_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -37,10 +37,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -7,7 +7,5 @@ T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_access_log
T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -15,10 +15,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -7,7 +7,5 @@ T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_ssl_from_master_access_log
T-2/var/log/httpd/_ssl_from_master_error_log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/nginx-access.log
T-2/var/log/nginx-error.log
T-2/var/log/trafficserver/manager.log
T-2/var/log/trafficserver/traffic.out
\ No newline at end of file
......@@ -7,7 +7,3 @@ T-2/var/run/caddy_validate_signature.status
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/monitor/monitor-bootstrap.pid
\ No newline at end of file
T-2/var/run/nginx.pid
T-2/var/run/nginx_graceful_signature
T-2/var/run/nginx_validate_signature
T-2/var/run/nginx_validate_signature.status
\ No newline at end of file
......@@ -15,10 +15,5 @@ T-2/etc/plugin/check-free-disk-space.py: OK
T-2/etc/plugin/frontend-caddy-configuration-promise.py: OK
T-2/etc/plugin/monitor-bootstrap-status.py: OK
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py: OK
T-2/etc/plugin/nginx-configuration-promise.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv4_https.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_http.py: OK
T-2/etc/plugin/nginx_frontend_ipv6_https.py: OK
T-2/etc/plugin/re6st-connectivity.py: OK
T-2/etc/plugin/trafficserver-port-listening.py: OK
\ No newline at end of file
......@@ -2,4 +2,3 @@ T-0/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
T-1/etc/promise/caucased: OK
T-2/etc/promise/caddy-frontend-is-running-actual-software-release: OK
T-2/etc/promise/promise-monitor-httpd-is-process-older-than-dependency-set: OK
\ No newline at end of file
T-2/etc/promise/promise-nginx-is-process-older-than-dependency-set: OK
\ No newline at end of file
......@@ -10,8 +10,6 @@ T-1:kedifa-{hash}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-2:6tunnel-11080-{hash}-on-watch RUNNING
T-2:6tunnel-11443-{hash}-on-watch RUNNING
T-2:6tunnel-12080-{hash}-on-watch RUNNING
T-2:6tunnel-12443-{hash}-on-watch RUNNING
T-2:6tunnel-26011-{hash}-on-watch RUNNING
T-2:6tunnel-26012-{hash}-on-watch RUNNING
T-2:bootstrap-monitor EXITED
......@@ -19,9 +17,7 @@ T-2:certificate_authority-{hash}-on-watch RUNNING
T-2:crond-{hash}-on-watch RUNNING
T-2:expose-csr_id-{hash}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend-nginx-safe-graceful EXITED
T-2:frontend_caddy-{hash}-on-watch RUNNING
T-2:frontend_nginx-{hash}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash}-on-watch RUNNING
T-2:monitor-httpd-{hash}-on-watch RUNNING
......
......@@ -30,8 +30,10 @@ import json
import glob
import urlparse
import logging
import socket
import time
import psutil
import requests
from utils import SlapOSInstanceTestCase
......@@ -95,6 +97,92 @@ class TestDefaultParameters(ERP5TestCase, TestPublishedURLIsReachableMixin):
__partition_reference__ = 'defp'
class TestApacheBalancerPorts(ERP5TestCase):
"""Instanciate with two zope families, this should create for each family:
- a balancer entry point with corresponding haproxy
- a balancer entry point for test runner
"""
__partition_reference__ = 'ap'
@classmethod
def getInstanceParameterDict(cls):
return {
'_':
json.dumps({
"zope-partition-dict": {
"family1": {
"instance-count": 3,
"family": "family1"
},
"family2": {
"instance-count": 5,
"family": "family2"
},
},
})
}
def checkValidHTTPSURL(self, url):
parsed = urlparse.urlparse(url)
self.assertEqual(parsed.scheme, 'https')
self.assertTrue(parsed.hostname)
self.assertTrue(parsed.port)
def test_published_family_parameters(self):
# when we request two families, we have two published family-{family_name} URLs
param_dict = self.getRootPartitionConnectionParameterDict()
for family_name in ('family1', 'family2'):
self.checkValidHTTPSURL(
param_dict['family-{family_name}'.format(family_name=family_name)])
self.checkValidHTTPSURL(
param_dict['family-{family_name}-v6'.format(family_name=family_name)])
def test_published_test_runner_url(self):
# each family's also a list of test test runner URLs, by default 3 per family
param_dict = self.getRootPartitionConnectionParameterDict()
for family_name in ('family1', 'family2'):
family_test_runner_url_list = param_dict[
'{family_name}-test-runner-url-list'.format(family_name=family_name)]
self.assertEqual(3, len(family_test_runner_url_list))
for url in family_test_runner_url_list:
self.checkValidHTTPSURL(url)
def test_zope_listen(self):
# we requested 3 zope in family1 and 5 zopes in family2, we should have 8 zope running.
all_process_info = self.getSupervisorRPCServer(
).supervisor.getAllProcessInfo()
self.assertEqual(
3 + 5,
len([p for p in all_process_info if p['name'].startswith('zope-')]))
def test_apache_listen(self):
# We have 2 families, apache should listen to a total of 3 ports per family
# normal access on ipv4 and ipv6 and test runner access on ipv4 only
all_process_info = self.getSupervisorRPCServer(
).supervisor.getAllProcessInfo()
process_info, = [p for p in all_process_info if p['name'] == 'apache']
apache_process = psutil.Process(process_info['pid'])
self.assertEqual(
sorted([socket.AF_INET] * 4 + [socket.AF_INET6] * 2),
sorted([
c.family
for c in apache_process.connections()
if c.status == 'LISTEN'
]))
def test_haproxy_listen(self):
# There is one haproxy per family
all_process_info = self.getSupervisorRPCServer(
).supervisor.getAllProcessInfo()
process_info, = [
p for p in all_process_info if p['name'].startswith('haproxy-')
]
haproxy_process = psutil.Process(process_info['pid'])
self.assertEqual([socket.AF_INET, socket.AF_INET], [
c.family for c in haproxy_process.connections() if c.status == 'LISTEN'
])
class TestDisableTestRunner(ERP5TestCase, TestPublishedURLIsReachableMixin):
"""Test ERP5 can be instanciated without test runner.
"""
......@@ -114,3 +202,17 @@ class TestDisableTestRunner(ERP5TestCase, TestPublishedURLIsReachableMixin):
self.assertTrue(bin_programs) # just to check the glob was correct.
self.assertNotIn('runUnitTest', bin_programs)
self.assertNotIn('runTestSuite', bin_programs)
def test_no_apache_testrunner_port(self):
# Apache only listen on two ports, there is no apache ports allocated for test runner
all_process_info = self.getSupervisorRPCServer(
).supervisor.getAllProcessInfo()
process_info, = [p for p in all_process_info if p['name'] == 'apache']
apache_process = psutil.Process(process_info['pid'])
self.assertEqual(
sorted([socket.AF_INET, socket.AF_INET6]),
sorted([
c.family
for c in apache_process.connections()
if c.status == 'LISTEN'
]))
......@@ -25,6 +25,7 @@ error-log = ${directory:log}/mariadb_error.log
slow-query-log = ${directory:log}/mariadb_slowquery.log
extra-dict = {{ dumps(slapparameter_dict.get('mysql', {})) }}
init-file = ${init-script:rendered}
engine = {{ slapparameter_dict.get('engine', '') }}
[my-cnf]
recipe = slapos.recipe.template:jinja2
......@@ -104,7 +105,7 @@ cluster = {{ dumps(slapparameter_dict['cluster']) }}
masters = ${publish:masters}
database-adapter = {{ storage_type }}
wait-database = -1
engine = {{ slapparameter_dict.get('engine', '') }}
engine = ${my-cnf-parameters:engine}
dedup = {{ dumps(bool(slapparameter_dict.get('data-deduplication'))) }}
disable-drop-partitions = {{ dumps(bool(slapparameter_dict.get('disable-drop-partitions'))) }}
......
{% macro assert(x) %}{{ ("",)[not x] }}{% endmacro -%}
{% set socket = parameter_dict['socket'] -%}
{% set extra_dict = parameter_dict['extra-dict'] -%}
{% set engine = parameter_dict['engine'] -%}
{% set plugins = [] -%}
{% if not engine or engine == 'InnoDB' -%}
{% do extra_dict.setdefault('innodb_file_per_table', '1') -%}
{% endif -%}
{% if not engine or engine == 'RocksDB' -%}
{% do plugins.append('ha_rocksdb') -%}
{% endif -%}
{% if not engine or engine == 'TokuDB' -%}
{% do plugins.append('ha_tokudb') -%}
{% endif -%}
[mysqld]
skip_networking
socket = {{ socket }}
......@@ -14,8 +28,9 @@ slow_query_log_file = {{ parameter_dict['slow-query-log'] }}
init_file = {{ parameter_dict['init-file'] }}
log_warnings = 1
disable-log-bin
plugin-load = ha_tokudb;ha_rocksdb
{%- if plugins %}
plugin-load = {{ ';'.join(plugins) }}
{%- endif %}
## The following settings come from ERP5 configuration.
......@@ -32,7 +47,6 @@ innodb_locks_unsafe_for_binlog = 1
{{x}}sync_frm = 0
# Extra parameters.
{%- do extra_dict.setdefault('innodb_file_per_table', '1') %}
{%- for k, v in extra_dict.iteritems() %}
{%- do assert('-' not in k) %}
{{ k }} = {{ v }}
......
......@@ -110,15 +110,15 @@ md5sum = 1fee10f02c2fa2a581e21878ca0fd704
[instance-neo]
<= download-base-neo
md5sum = a9e5cad9cdb5fd3f1ae7b1d534f967ae
md5sum = d4e30d74316e6931da4a1e305f9bbc68
[template-neo-my-cnf]
<= download-base-neo
url = ${:_profile_base_location_}/my.cnf.in
md5sum = 87d18c7021e4d43756813a83c9da5e97
md5sum = 9f6f8f2b5f4cb0d97d50ffc1d3837e2f
[versions]
BTrees = 4.4.1
BTrees = 4.5.1
ZODB = 4.4.5
coverage = 4.5.1
ecdsa = 0.13
......
......@@ -109,19 +109,10 @@ filename = registry-run.in
md5sum = 0bf4f2c03e06b55c6c6cc55fa33e65d6
[versions]
re6stnet = 0.501
ecdsa = 0.13
gitdb = 0.6.4
plone.recipe.command = 1.1
pycrypto = 2.6.1
pycurl = 7.43.0
re6stnet = 0.519
slapos.recipe.template = 4.3
smmap = 0.9.0
dnspython = 1.15.0
erp5.util = 0.4.51
passlib = 1.7.1
# Required by:
# re6stnet===0-413.gbec6b3c.dirty
# re6stnet==0.519
miniupnpc = 1.9
......@@ -90,7 +90,7 @@ md5sum = 3a6c7dec898abc7d1506957154ef566e
[template-balancer]
filename = instance-balancer.cfg.in
md5sum = a2f795e5ed9537951ee70114111930b0
md5sum = 3034ccaa76dbb94f4fe07150a4681843
[template-haproxy-cfg]
filename = haproxy.cfg.in
......
......@@ -55,13 +55,15 @@ mode = 644
{% endif -%}
{% set zope_effective_address = zope_address -%}
{% do zope_family_address_list.append((zope_effective_address, maxconn, webdav)) -%}
{% endfor -%}
{# # Generate entries with rewrite rule for test runnners #}
{% set test_runner_address_list = slapparameter_dict.get(parameter_id ~ '-test-runner-address-list', []) %}
{% if test_runner_address_list -%}
{% set test_runner_backend_mapping = {} %}
{% set test_runner_apache_url_list = [] %}
{% set test_runner_external_port = next_port() %}
{% for i, (test_runner_internal_ip, test_runner_internal_port) in
enumerate(slapparameter_dict.get(parameter_id ~ '-test-runner-address-list', [])) %}
{% for i, (test_runner_internal_ip, test_runner_internal_port) in enumerate(test_runner_address_list) %}
{% do test_runner_backend_mapping.__setitem__(
'unit_test_' ~ i,
'http://' ~ test_runner_internal_ip ~ ':' ~ test_runner_internal_port ) %}
......@@ -72,8 +74,7 @@ mode = 644
(ipv4, test_runner_external_port),
( ssl_authentication, test_runner_backend_mapping ) ) -%}
{% do test_runner_url_dict.__setitem__(family_name, test_runner_apache_url_list) -%}
{% endfor -%}
{% endif -%}
{% endfor -%}
{# Make rendering fail artificially if any family has no known backend.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment