XXX follow up cleanup of instance slave list

fd1856a9 · Łukasz Nowak · f01b2aa4 · fd1856a9 · fd1856a9 · fd1856a9
Commit fd1856a9 authored Jan 17, 2024 by Łukasz Nowak
3 changed files
--- a/software/rapid-cdn/buildout.hash.cfg
+++ b/software/rapid-cdn/buildout.hash.cfg
@@ -22,7 +22,7 @@ md5sum = 5784bea3bd608913769ff9a8afcccb68

 [profile-frontend]
 filename = instance-frontend.cfg.in
-md5sum = d9083426d271c51edb0ddaf3b335b4f5
+md5sum = 6150e2f928ee95525960b287ebd1d528

 [profile-master]
 filename = instance-master.cfg.in
@@ -30,7 +30,7 @@ md5sum = 291f73c3782040d02fd56a46f61c201b

 [profile-slave-list]
 filename = instance-slave-list.cfg.in
-md5sum = 348d6bd55ff9d94b634089a6c074695d
+md5sum = 4243791e4ba4fc7012ad02ca2bb0986d

 [profile-master-publish-slave-information]
 filename = instance-master-publish-slave-information.cfg.in

--- a/software/rapid-cdn/instance-frontend.cfg.in
+++ b/software/rapid-cdn/instance-frontend.cfg.in
@@ -361,7 +361,6 @@ master-key-download-url = {{ dumps(instance_parameter_dict['configuration']['mas
 expose-csr-organization = {{ instance_parameter_dict['configuration']['cluster-identification'] }}
 expose-csr-organizational-unit = {{ instance_parameter_dict['instance-title'] }}
 url-ready-file = ${directory:var}/url-ready.txt
-http3-enable = {{ dumps(FRONTEND_HTTP3) }}
 global_ipv6 = ${slap-configuration:ipv6-random}
 empty-template = ${software-release-path:template-empty}
 template-expose-csr-nginx-conf = ${software-release-path:template-expose-csr-nginx-conf}
@@ -380,11 +379,12 @@ template-frontend-haproxy-configuration = ${software-release-path:template-front
 template-frontend-haproxy-crt-list = ${software-release-path:template-frontend-haproxy-crt-list}
 ## backend haproxy
 template-backend-haproxy-configuration = ${software-release-path:template-backend-haproxy-configuration}
+extra-slave-instance-list = {{ dumps(instance_parameter_dict['configuration']['extra_slave_instance_list']) }}
+domain = {{ dumps(instance_parameter_dict['configuration']['domain']) }}
+
+[dynamic-custom-personal-profile-slave-list-user-config]
 {%- for key, value in instance_parameter_dict['configuration']['user'].items() %}
-user-{{ key }} = {{ dumps(value) }}
-{%- endfor %}
-{%- for key, value in instance_parameter_dict['configuration']['user']['global'].items() %}
-global-{{ key }} = {{ dumps(value) }}
+{{ key }} = {{ dumps(value) }}
 {%- endfor %}

 [dynamic-custom-personal-profile-slave-list]
@@ -402,6 +402,7 @@ extra-context =
    key SLAVE_DEFAULTS :SLAVE_DEFAULTS {#- Those defaults are needed as the profile handles slave preparation #}
 ## Configuration passed by section
    section dynamic_profile_configuration dynamic-custom-personal-profile-slave-list-config
+    section dynamic_profile_user_configuration dynamic-custom-personal-profile-slave-list-user-config
    section frontend_directory frontend-directory
    section frontend_haproxy_configuration frontend-haproxy-configuration
    section backend_haproxy_configuration backend-haproxy-configuration

--- a/software/rapid-cdn/instance-slave-list.cfg.in
+++ b/software/rapid-cdn/instance-slave-list.cfg.in
@@ -9,10 +9,10 @@
 {%- set backend_haproxy_http_url = 'http://%s:%s' % (instance_parameter_dict['ipv4-random'], backend_haproxy_configuration['http-port']) %}
 {%- set backend_haproxy_https_url = 'http://%s:%s' % (instance_parameter_dict['ipv4-random'], backend_haproxy_configuration['https-port']) %}
 {%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] %}
-{%- set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': instance_parameter_dict['ipv4-random'], 'http_port': configuration['plain_http_port'], 'https_port': configuration['port']} %}
+{%- set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': instance_parameter_dict['ipv4-random'] } %}
 {%- set slave_log_dict = {} %}
 {%- set slave_instance_information_list = [] %}
-{%- set slave_instance_list = configuration['extra_slave_instance_list'] %}
+{%- set slave_instance_list = dynamic_profile_configuration['extra-slave-instance-list'] %}
 {%- if dynamic_profile_configuration['master-key-download-url'] %}
 {%-   do kedifa_updater_mapping.append((dynamic_profile_configuration['master-key-download-url'], frontend_haproxy_configuration['master-certificate'], apache_certificate)) %}
 {%- else %}
@@ -86,7 +86,7 @@ context =
 {%-   do slave_instance.__setitem__('path', slave_instance.get('path', SLAVE_DEFAULTS['path']).strip('/')) %}
 {#-   Manage ciphers #}
 {%-   set slave_cipher_list = [] %}
-{%-   for cipher in slave_instance.get('ciphers', dynamic_profile_configuration['global-ciphers']).strip().split() %}
+{%-   for cipher in slave_instance.get('ciphers', dynamic_profile_user_configuration['global']['ciphers']).strip().split() %}
 {%-     do slave_cipher_list.append(CIPHER_TRANSLATION_DICT.get(cipher, cipher)) %}
 {%-   endfor %}
 {%-   do slave_instance.__setitem__('ciphers', ':'.join(slave_cipher_list)) %}
@@ -149,14 +149,9 @@ context =
 {%-   do part_list.extend([slave_ln_section]) %}
 {%-   set slave_log_folder = '${logrotate-directory:logrotate-backup}/' + slave_reference + "-logs" %}
 {#-   Pass backend timeout values #}
-{%-   for key in ['backend-connect-timeout', 'backend-connect-retries', 'authenticate-to-backend'] %}
+{%-   for key in ['backend-connect-timeout', 'backend-connect-retries', 'authenticate-to-backend', 'request-timeout'] %}
 {%-     if slave_instance.get(key, '') == '' %}
-{%-       do slave_instance.__setitem__(key, configuration[key]) %}
-{%-     endif %}
-{%-   endfor %}
-{%-   for key in ['request-timeout'] %}
-{%-     if slave_instance.get(key, '') == '' %}
-{%-       do slave_instance.__setitem__(key, configuration.get(key, FRONTEND_DEFAULTS[key])) %}
+{%-       do slave_instance.__setitem__(key, dynamic_profile_user_configuration['global'][key]) %}
 {%-     endif %}
 {%-   endfor %}
 {%-   do slave_instance.__setitem__('strict-transport-security', int(slave_instance['strict-transport-security'])) %}
@@ -207,7 +202,7 @@ context =
 {#-   Set slave domain if none was defined #}
 {%-   if slave_instance.get('custom_domain', None) == None %}
 {%-     set domain_prefix = slave_instance.get('slave_reference').replace("-", "").replace("_", "").lower() %}
-{%-     do slave_instance.__setitem__('custom_domain', "%s.%s" % (domain_prefix, configuration['domain'])) %}
+{%-     do slave_instance.__setitem__('custom_domain', "%s.%s" % (domain_prefix, dynamic_profile_configuration['domain'])) %}
 {%-   endif %}
 {%-   do slave_publish_dict.__setitem__('domain', slave_instance.get('custom_domain')) %}
 {%-   do slave_publish_dict.__setitem__('url', "http://%s" % slave_instance.get('custom_domain')) %}
@@ -230,10 +225,7 @@ context =
    (
      '' ~ slave_instance.get(
        'enable-http2',
-        configuration['user']['global'].get(
-          'enable-http2',
-          FRONTEND_GLOBAL_DEFAULTS['enable-http2']
-        )
+        dynamic_profile_user_configuration['global']['enable-http2']
      )
    ).lower() in TRUE_VALUES) %}
 {%-     if slave_instance['enable-http2'] %}
@@ -242,10 +234,7 @@ context =
    (
      '' ~ slave_instance.get(
        'enable-http3',
-        configuration['user'].get(
-          'enable-http3',
-          FRONTEND_USER_DEFAULTS['enable-http3']
-        )
+        dynamic_profile_user_configuration['global']['enable-http3']
      )
    ).lower() in TRUE_VALUES) %}
 {%-     else %}
@@ -266,7 +255,7 @@ context =
 {%-   if not slave_instance['enable-http2'] %}
 {%-     do slave_instance.__setitem__('alpn', "alpn http/1.1,http/1.0") %}
 {%-   else %}
-{%-     if http3_enable and slave_instance['enable-http3'] %}
+{%-     if frontend_haproxy_configuration['http3-enable'] and slave_instance['enable-http3'] %}
 {%-       do slave_instance.__setitem__('alpn', "alpn h3,h2,http/1.1,http/1.0") %}
 {%-     else %}
 {%-       do slave_instance.__setitem__('alpn', "alpn h2,http/1.1,http/1.0") %}