stack/monitor: change frontend url promise to use username/password
Showing
... | @@ -127,9 +127,9 @@ recipe = slapos.recipe.template:jinja2 | ... | @@ -127,9 +127,9 @@ recipe = slapos.recipe.template:jinja2 |
template = {{ monitor_conf_template }} | template = {{ monitor_conf_template }} | ||
rendered = ${directory:etc}/${:filename} | rendered = ${directory:etc}/${:filename} | ||
filename = monitor.conf | filename = monitor.conf | ||
context = section parameter_dict monitor-conf-parameters | context = section parameter_dict monitor-conf-parameters | ||
section promise_parameter_dict monitor-promise-conf | section promise_parameter_dict monitor-promise-conf | ||
section monitor_base_urls monitor-base-url-dict | section monitor_base_urls monitor-base-url-dict | ||
[start-monitor] | [start-monitor] | ||
recipe = slapos.cookbook:wrapper | recipe = slapos.cookbook:wrapper | ||
... | @@ -326,7 +326,7 @@ monitor-title = ${slap-configuration:instance-title} | ... | @@ -326,7 +326,7 @@ monitor-title = ${slap-configuration:instance-title} |
monitor-httpd-ipv6 = ${slap-configuration:ipv6-random} | monitor-httpd-ipv6 = ${slap-configuration:ipv6-random} | ||
monitor-httpd-port = 8196 | monitor-httpd-port = 8196 | ||
# XXX - Set monitor-base-url = ${monitor-httpd-conf-parameter:url} => https://[ipv6]:port | # XXX - Set monitor-base-url = ${monitor-httpd-conf-parameter:url} => https://[ipv6]:port | ||
monitor-base-url = ${monitor-frontend-promise:url} | monitor-base-url = ${monitor-frontend:connection-secure_access} | ||
#monitor-base-url = ${monitor-httpd-conf-parameter:url} | #monitor-base-url = ${monitor-httpd-conf-parameter:url} | ||
root-instance-title = ${slap-configuration:root-instance-title} | root-instance-title = ${slap-configuration:root-instance-title} | ||
monitor-url-list = | monitor-url-list = | ||
... | @@ -356,6 +356,19 @@ config-https-only = true | ... | @@ -356,6 +356,19 @@ config-https-only = true |
#software-type = custom-personal | #software-type = custom-personal | ||
return = domain secure_access | return = domain secure_access | ||
# Requests to the frontend URL should succeed with the correct | |||
# credentials. | |||
[check-monitor-password-promise] | |||
<= monitor-promise-base | |||
module = check_url_available | |||
name = check-monitor-frontend-password.py | |||
url = ${monitor-frontend:connection-secure_access} | |||
config-url = ${:url} | |||
config-username = ${monitor-instance-parameter:username} | |||
config-password = ${monitor-instance-parameter:username} | |||
|
|||
# Requests to the frontend URL should fail when no credentials are | |||
# supplied. | |||
[monitor-frontend-promise] | [monitor-frontend-promise] | ||
<= monitor-promise-base | <= monitor-promise-base | ||
module = check_url_available | module = check_url_available | ||
... | @@ -402,6 +415,8 @@ depends = | ... | @@ -402,6 +415,8 @@ depends = |
${start-monitor:wrapper-path} | ${start-monitor:wrapper-path} | ||
${ca-monitor-httpd-service:wrapper-path} | ${ca-monitor-httpd-service:wrapper-path} | ||
${monitor-httpd-promise:name} | ${monitor-httpd-promise:name} | ||
${monitor-frontend-promise:name} | |||
${check-monitor-password-promise:name} | |||
${monitor-bootstrap-promise:name} | ${monitor-bootstrap-promise:name} | ||
${monitor-symlink:recipe} | ${monitor-symlink:recipe} | ||
${promise-check-slapgrid:recipe} | ${promise-check-slapgrid:recipe} | ||
... | ... |