Commit e8faa79f authored by Łukasz Nowak's avatar Łukasz Nowak

software/rapid-cdn: Make HTTP3 first class citizen

Expose and document HTTP3 related cluster switches.

Switch to Recurls with HTTP3 enabled curl for testing.
parent 00a9a581
Pipeline #27654 failed with stage
...@@ -25,6 +25,8 @@ These parameters are: ...@@ -25,6 +25,8 @@ These parameters are:
* ``-frontend-config-i-foo``: Frontend i will be requested with parameter foo, supported parameters are: * ``-frontend-config-i-foo``: Frontend i will be requested with parameter foo, supported parameters are:
* ``ram-cache-size`` * ``ram-cache-size``
* ``disk-cache-size`` * ``disk-cache-size``
* ``enable-http3``
* ``http3-port``
* ``-sla-i-foo`` : where "i" is the number of the concerned frontend (between 1 and "-frontend-quantity") and "foo" a sla parameter. * ``-sla-i-foo`` : where "i" is the number of the concerned frontend (between 1 and "-frontend-quantity") and "foo" a sla parameter.
For example:: For example::
...@@ -480,17 +482,3 @@ websocket ...@@ -480,17 +482,3 @@ websocket
~~~~~~~~~ ~~~~~~~~~
All frontends are websocket aware now, and ``type:websocket`` parameter became optional. It's required if support for ``websocket-path-list`` or ``websocket-transparent`` is required. All frontends are websocket aware now, and ``type:websocket`` parameter became optional. It's required if support for ``websocket-path-list`` or ``websocket-transparent`` is required.
Experimental QuicTLS
~~~~~~~~~~~~~~~~~~~~
`QuicTLS <https://github.com/quictls/openssl>`_ can be used instead of classic OpenSSL on given node by using parameter ``-frontend-i-experimental-haproxy-flavour`` and setting it to ``quic``. This allows to test out if there are any issues with QuicTLS are with normal usage.
Experimental QUIC
~~~~~~~~~~~~~~~~~
QUIC with HTTP3 is available as experimental feature. It has to be enabled on each node separately by using ``-frontend-i-experimental-haproxy-quic``. Then given node will reply with proper headers on HTTPS to advertise QUIC. Please note that ``-frontend-i-experimental-haproxy-flavour`` has to be set to ``quic`` on this node too.
Please note that due to limitations of iptables method used to expose low ports, the ``-frontend-i-experimental-quic-port`` is by default ``443``, which is used when advertisting the QUIC/HTTP3 port to the client.
Note that then all frontends will be served with QUIC advertised on such node, so it's important to run such experiments very carefully, for example on same zone/region with DNS.
...@@ -14,7 +14,7 @@ ...@@ -14,7 +14,7 @@
# not need these here). # not need these here).
[template] [template]
filename = instance.cfg.in filename = instance.cfg.in
md5sum = f249b268bd3e74f6f2dcdd437b1c9f71 md5sum = c478478882232200fbe4bf3e7d2a4ff0
[profile-common] [profile-common]
filename = instance-common.cfg.in filename = instance-common.cfg.in
...@@ -22,15 +22,15 @@ md5sum = 5784bea3bd608913769ff9a8afcccb68 ...@@ -22,15 +22,15 @@ md5sum = 5784bea3bd608913769ff9a8afcccb68
[profile-frontend] [profile-frontend]
filename = instance-frontend.cfg.in filename = instance-frontend.cfg.in
md5sum = bff99acfa07801bbc8cd71fe051eefa0 md5sum = 5c2f79d0773bd8594ccf1c34a7d27d53
[profile-master] [profile-master]
filename = instance-master.cfg.in filename = instance-master.cfg.in
md5sum = 2ac67006dede70c905b0d32b4a995b9a md5sum = 3006197ddce87bd92866b76b5ce8ce08
[profile-slave-list] [profile-slave-list]
filename = instance-slave-list.cfg.in filename = instance-slave-list.cfg.in
md5sum = 1e6f3c8eec64cb5c59b06c1a35502e6b md5sum = 5d0b7461ecde54f68fda7f4e5fc2c82f
[profile-master-publish-slave-information] [profile-master-publish-slave-information]
filename = instance-master-publish-slave-information.cfg.in filename = instance-master-publish-slave-information.cfg.in
...@@ -38,7 +38,7 @@ md5sum = cba4d995962f7fbeae3f61c9372c4181 ...@@ -38,7 +38,7 @@ md5sum = cba4d995962f7fbeae3f61c9372c4181
[template-frontend-haproxy-configuration] [template-frontend-haproxy-configuration]
_update_hash_filename_ = templates/frontend-haproxy.cfg.in _update_hash_filename_ = templates/frontend-haproxy.cfg.in
md5sum = 35cbd81225f7e70f4f001396ef0b9f10 md5sum = ceb36ef6bdf5f508b5303a1680057bc8
[template-frontend-haproxy-crt-list] [template-frontend-haproxy-crt-list]
_update_hash_filename_ = templates/frontend-haproxy-crt-list.in _update_hash_filename_ = templates/frontend-haproxy-crt-list.in
......
{% import "caucase" as caucase with context %} {% import "caucase" as caucase with context %}
{%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] -%} {%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] -%}
{%- set QUIC_PORT = instance_parameter_dict.get('configuration.frontend-quic-port', '443') %} {%- set HTTP3_PORT = instance_parameter_dict.get('configuration.http3-port', '443') %}
{%- if instance_parameter_dict.get('configuration.frontend-haproxy-flavour', 'basic') == 'quic' %} {%- if instance_parameter_dict.get('configuration.enable-http3', 'false').lower() in TRUE_VALUES %}
{%- set FRONTEND_HTTP3 = True %}
{%- else %}
{%- set FRONTEND_HTTP3 = False %}
{%- endif %}
{%- if FRONTEND_HTTP3 %}
{%- set FRONTEND_HAPROXY_EXECUTABLE = software_parameter_dict['haproxy_quic_executable'] %} {%- set FRONTEND_HAPROXY_EXECUTABLE = software_parameter_dict['haproxy_quic_executable'] %}
{%- if instance_parameter_dict.get('configuration.frontend-haproxy-quic', 'false').lower() in TRUE_VALUES %}
{%- set FRONTEND_HAPROXY_QUIC = True %}
{%- else %}
{%- set FRONTEND_HAPROXY_QUIC = False %}
{%- endif %}
{%- else %} {%- else %}
{%- set FRONTEND_HAPROXY_EXECUTABLE = software_parameter_dict['haproxy_executable'] %} {%- set FRONTEND_HAPROXY_EXECUTABLE = software_parameter_dict['haproxy_executable'] %}
{%- set FRONTEND_HAPROXY_QUIC = False %}
{%- endif %} {%- endif %}
{%- set BACKEND_HAPROXY_EXECUTABLE = software_parameter_dict['haproxy_executable'] %} {%- set BACKEND_HAPROXY_EXECUTABLE = software_parameter_dict['haproxy_executable'] %}
[buildout] [buildout]
...@@ -370,7 +369,7 @@ organization = {{ slapparameter_dict['cluster-identification'] }} ...@@ -370,7 +369,7 @@ organization = {{ slapparameter_dict['cluster-identification'] }}
organizational-unit = {{ instance_parameter_dict['configuration.frontend-name'] }} organizational-unit = {{ instance_parameter_dict['configuration.frontend-name'] }}
backend-client-caucase-url = {{ slapparameter_dict['backend-client-caucase-url'] }} backend-client-caucase-url = {{ slapparameter_dict['backend-client-caucase-url'] }}
url-ready-file = ${directory:var}/url-ready.txt url-ready-file = ${directory:var}/url-ready.txt
quic = {{ FRONTEND_HAPROXY_QUIC }} http3-enable = {{ FRONTEND_HTTP3 }}
extra-context = extra-context =
key backend_client_caucase_url :backend-client-caucase-url key backend_client_caucase_url :backend-client-caucase-url
import furl_module furl import furl_module furl
...@@ -384,7 +383,7 @@ extra-context = ...@@ -384,7 +383,7 @@ extra-context =
key empty_template software-release-path:template-empty key empty_template software-release-path:template-empty
key template_expose_csr_nginx_conf software-release-path:template-expose-csr-nginx-conf key template_expose_csr_nginx_conf software-release-path:template-expose-csr-nginx-conf
key software_type :software_type key software_type :software_type
key quic :quic key http3_enable :http3-enable
key frontend_lazy_graceful_reload frontend-haproxy-lazy-graceful:output key frontend_lazy_graceful_reload frontend-haproxy-lazy-graceful:output
key monitor_base_url monitor-instance-parameter:monitor-base-url key monitor_base_url monitor-instance-parameter:monitor-base-url
key node_id frontend-node-id:value key node_id frontend-node-id:value
...@@ -485,8 +484,8 @@ slave-introspection-graceful-command = ${slave-introspection-validate:output} && ...@@ -485,8 +484,8 @@ slave-introspection-graceful-command = ${slave-introspection-validate:output} &&
local_ipv4 = {{ dumps(instance_parameter_dict['ipv4-random']) }} local_ipv4 = {{ dumps(instance_parameter_dict['ipv4-random']) }}
version-hash = ${version-hash:value} version-hash = ${version-hash:value}
node-id = ${frontend-node-id:value} node-id = ${frontend-node-id:value}
quic = {{ FRONTEND_HAPROXY_QUIC }} http3-enable = {{ FRONTEND_HTTP3 }}
quic-port = {{ QUIC_PORT }} http3-port = {{ HTTP3_PORT }}
# BBB: SlapOS Master non-zero knowledge BEGIN # BBB: SlapOS Master non-zero knowledge BEGIN
[get-self-signed-fallback-access] [get-self-signed-fallback-access]
......
...@@ -34,6 +34,22 @@ ...@@ -34,6 +34,22 @@
"title": "Enable HTTP2 by Default", "title": "Enable HTTP2 by Default",
"type": "string" "type": "string"
}, },
"enable-http3": {
"default": "false",
"title": "Enable HTTP3",
"description": "Globally enable HTTP3 protocol. Can be precisely set on each node by -frontend-i-config-enable-http3",
"enum": [
"true",
"false"
],
"type": "string"
},
"http3-port": {
"default": 443,
"title": "Real advertised HTTP3 port",
"description": "As most common deloyment is using iptables for port redirection and in case of udp it is advertising to the process it's bind port instead of the really connected to, it's required to manually set this port for the whole cluster. Can be precisely set on each node by -frontend-i-config-http3-port",
"type": "integer"
},
"re6st-verification-url": { "re6st-verification-url": {
"description": "Url to verify if the internet and/or re6stnet is working.", "description": "Url to verify if the internet and/or re6stnet is working.",
"title": "Test Verification URL", "title": "Test Verification URL",
......
...@@ -55,6 +55,7 @@ ...@@ -55,6 +55,7 @@
'disable-via-header', 'disable-via-header',
'disabled-cookie-list', 'disabled-cookie-list',
'enable-http2', 'enable-http2',
'enable-http3',
'enable_cache', 'enable_cache',
'health-check', 'health-check',
'health-check-authenticate-to-failover-backend', 'health-check-authenticate-to-failover-backend',
...@@ -139,6 +140,10 @@ context = ...@@ -139,6 +140,10 @@ context =
# Here we request individually each frontend. # Here we request individually each frontend.
# The presence of sla parameters is checked and added if found # The presence of sla parameters is checked and added if found
{% set NODE_DEFAULT_KEY_VALUE = {
'enable-http3': 'false',
'http3-port': '443'
} %}
{% for i in range(1, frontend_quantity + 1) %} {% for i in range(1, frontend_quantity + 1) %}
{% set frontend_name = "%s-%s" % (NAME_BASE, i) %} {% set frontend_name = "%s-%s" % (NAME_BASE, i) %}
{% set request_section_title = 'request-%s' % frontend_name %} {% set request_section_title = 'request-%s' % frontend_name %}
...@@ -153,9 +158,20 @@ context = ...@@ -153,9 +158,20 @@ context =
{% do sla_dict.__setitem__(key[sla_key_length:], slapparameter_dict.pop(key)) %} {% do sla_dict.__setitem__(key[sla_key_length:], slapparameter_dict.pop(key)) %}
# We check for specific configuration regarding the frontend # We check for specific configuration regarding the frontend
{% elif key.startswith(config_key) %} {% elif key.startswith(config_key) %}
{% do config_dict.__setitem__(key[config_key_length:], slapparameter_dict.pop(key)) %} {% set node_config_key = key[config_key_length:] %}
{% if node_config_key in ('enable-http3', 'http3-port') %}
{% do config_dict.__setitem__(node_config_key, slapparameter_dict.pop(key) or slapparameter_dict.get(node_config_key) or NODE_DEFAULT_KEY_VALUE[node_config_key]) %}
{% else %}
{% do config_dict.__setitem__(node_config_key, slapparameter_dict.pop(key)) %}
{% endif %}
{% endif %} {% endif %}
{% endfor %} {% endfor %}
{% if 'http3-port' not in config_dict %}
{% do config_dict.__setitem__('http3-port', slapparameter_dict.get('http3-port') or NODE_DEFAULT_KEY_VALUE['http3-port']) %}
{% endif %}
{% if 'enable-http3' not in config_dict %}
{% do config_dict.__setitem__('enable-http3', slapparameter_dict.get('enable-http3') or NODE_DEFAULT_KEY_VALUE['enable-http3']) %}
{% endif %}
{% do config_dict.__setitem__('monitor-httpd-port', frontend_monitor_httpd_base_port + i) %} {% do config_dict.__setitem__('monitor-httpd-port', frontend_monitor_httpd_base_port + i) %}
{% do config_dict.__setitem__('backend-client-caucase-url', caucase_url) %} {% do config_dict.__setitem__('backend-client-caucase-url', caucase_url) %}
{% set state_key = "-frontend-%s-state" % i %} {% set state_key = "-frontend-%s-state" % i %}
...@@ -165,12 +181,6 @@ context = ...@@ -165,12 +181,6 @@ context =
{% do frontend_section_list.append(request_section_title) %} {% do frontend_section_list.append(request_section_title) %}
{% endif %} {% endif %}
{% do part_list.append(request_section_title) %} {% do part_list.append(request_section_title) %}
{% set frontend_haproxy_flavour_key = "-frontend-%s-experimental-haproxy-flavour" % i %}
{% do config_dict.__setitem__('frontend-haproxy-flavour', slapparameter_dict.get(frontend_haproxy_flavour_key) or 'basic') %}
{% set frontend_haproxy_quic_key = "-frontend-%s-experimental-haproxy-quic" % i %}
{% do config_dict.__setitem__('frontend-haproxy-quic', slapparameter_dict.get(frontend_haproxy_quic_key) or 'False') %}
{% set frontend_quic_port_key = "-frontend-%s-experimental-quic-port" % i %}
{% do config_dict.__setitem__('frontend-quic-port', slapparameter_dict.get(frontend_quic_port_key) or '443') %}
# Filling request dict for slave # Filling request dict for slave
{% set request_content_dict = { {% set request_content_dict = {
'config': config_dict, 'config': config_dict,
......
...@@ -94,6 +94,16 @@ ...@@ -94,6 +94,16 @@
"title": "Enable HTTP2 Protocol", "title": "Enable HTTP2 Protocol",
"type": "string" "type": "string"
}, },
"enable-http3": {
"default": "true",
"description": "Use HTTP3 Protocol for the site. It requires enable-http2 to be set. The end results depends on the cluster configuration.",
"enum": [
"true",
"false"
],
"title": "Enable HTTP3 Protocol",
"type": "string"
},
"https-url": { "https-url": {
"description": "HTTPS URL of the backend if it is different from url parameter", "description": "HTTPS URL of the backend if it is different from url parameter",
"pattern": "^(http|https|ftp)://", "pattern": "^(http|https|ftp)://",
......
...@@ -9,12 +9,6 @@ ...@@ -9,12 +9,6 @@
{%- set backend_haproxy_http_url = 'http://%s:%s' % (instance_parameter_dict['ipv4-random'], backend_haproxy_configuration['http-port']) %} {%- set backend_haproxy_http_url = 'http://%s:%s' % (instance_parameter_dict['ipv4-random'], backend_haproxy_configuration['http-port']) %}
{%- set backend_haproxy_https_url = 'http://%s:%s' % (instance_parameter_dict['ipv4-random'], backend_haproxy_configuration['https-port']) %} {%- set backend_haproxy_https_url = 'http://%s:%s' % (instance_parameter_dict['ipv4-random'], backend_haproxy_configuration['https-port']) %}
{%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] %} {%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] %}
{%- set ALPN_HTTP11 = "alpn http/1.1,http/1.0" %}
{%- if quic.lower() in TRUE_VALUES %}
{%- set ALPN_HTTP2PLUS = "alpn h3,h2,http/1.1,http/1.0" %}
{%- else %}
{%- set ALPN_HTTP2PLUS = "alpn h2,http/1.1,http/1.0" %}
{%- endif %}
{%- set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': instance_parameter_dict['ipv4-random'], 'http_port': configuration['plain_http_port'], 'https_port': configuration['port']} %} {%- set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': instance_parameter_dict['ipv4-random'], 'http_port': configuration['plain_http_port'], 'https_port': configuration['port']} %}
{%- set slave_log_dict = {} %} {%- set slave_log_dict = {} %}
{%- set slave_instance_information_list = [] %} {%- set slave_instance_information_list = [] %}
...@@ -88,7 +82,6 @@ context = ...@@ -88,7 +82,6 @@ context =
{%- do slave_instance.__setitem__(prefix, info_dict) %} {%- do slave_instance.__setitem__(prefix, info_dict) %}
{%- endfor %} {%- endfor %}
{%- do slave_instance.__setitem__('health-check-failover-ssl-proxy-verify', ('' ~ slave_instance.get('health-check-failover-ssl-proxy-verify', '')).lower() in TRUE_VALUES) %} {%- do slave_instance.__setitem__('health-check-failover-ssl-proxy-verify', ('' ~ slave_instance.get('health-check-failover-ssl-proxy-verify', '')).lower() in TRUE_VALUES) %}
{%- do slave_instance.__setitem__('enable-http2', ('' ~ slave_instance.get('enable-http2', configuration['enable-http2-by-default'])).lower() in TRUE_VALUES) %}
{%- for key in ['https-only', 'websocket-transparent'] %} {%- for key in ['https-only', 'websocket-transparent'] %}
{%- do slave_instance.__setitem__(key, ('' ~ slave_instance.get(key, 'true')).lower() in TRUE_VALUES) %} {%- do slave_instance.__setitem__(key, ('' ~ slave_instance.get(key, 'true')).lower() in TRUE_VALUES) %}
{%- endfor %} {%- endfor %}
...@@ -239,6 +232,18 @@ context = ...@@ -239,6 +232,18 @@ context =
{%- endif %} {%- endif %}
{%- do slave_instance.__setitem__('host_list', host_list) %} {%- do slave_instance.__setitem__('host_list', host_list) %}
{%- do slave_instance.__setitem__('type', slave_instance.get('type', '')) %} {%- do slave_instance.__setitem__('type', slave_instance.get('type', '')) %}
{%- if slave_instance['type'] in ['notebook', 'websocket'] %}
{#- For websocket like sites forcibly disable HTTP2 and HTTP3 #}
{%- do slave_instance.__setitem__('enable-http2', False) %}
{%- do slave_instance.__setitem__('enable-http3', False) %}
{%- else %}
{%- do slave_instance.__setitem__('enable-http2', ('' ~ slave_instance.get('enable-http2', configuration['enable-http2-by-default'])).lower() in TRUE_VALUES) %}
{%- if slave_instance['enable-http2'] %}
{%- do slave_instance.__setitem__('enable-http3', ('' ~ slave_instance.get('enable-http3', configuration['enable-http3'])).lower() in TRUE_VALUES) %}
{%- else %}
{%- do slave_instance.__setitem__('enable-http3', False) %}
{%- endif %}
{%- endif %}
{%- set websocket_path_list = [] %} {%- set websocket_path_list = [] %}
{%- for websocket_path in slave_instance.get('websocket-path-list', '').split() %} {%- for websocket_path in slave_instance.get('websocket-path-list', '').split() %}
{%- set websocket_path = websocket_path.strip('/') %} {%- set websocket_path = websocket_path.strip('/') %}
...@@ -250,11 +255,14 @@ context = ...@@ -250,11 +255,14 @@ context =
{%- endfor %} {%- endfor %}
{%- do slave_instance.__setitem__('websocket-path-list', websocket_path_list) %} {%- do slave_instance.__setitem__('websocket-path-list', websocket_path_list) %}
{#- Handle alpn negotiation -#} {#- Handle alpn negotiation -#}
{%- if slave_instance['type'] in ['notebook', 'websocket'] or not slave_instance['enable-http2'] %} {%- if not slave_instance['enable-http2'] %}
{# websocket style needs http 1.1 max, just like non-http2 frontends #} {%- do slave_instance.__setitem__('alpn', "alpn http/1.1,http/1.0") %}
{%- do slave_instance.__setitem__('alpn', ALPN_HTTP11) %}
{%- else %} {%- else %}
{%- do slave_instance.__setitem__('alpn', ALPN_HTTP2PLUS) %} {%- if http3_enable.lower() in TRUE_VALUES and slave_instance['enable-http3'] %}
{%- do slave_instance.__setitem__('alpn', "alpn h3,h2,http/1.1,http/1.0") %}
{%- else %}
{%- do slave_instance.__setitem__('alpn', "alpn h2,http/1.1,http/1.0") %}
{%- endif %}
{%- endif %} {%- endif %}
[slave-log-directory-dict] [slave-log-directory-dict]
......
...@@ -95,6 +95,8 @@ configuration.disk-cache-size = 8G ...@@ -95,6 +95,8 @@ configuration.disk-cache-size = 8G
configuration.ram-cache-size = 1G configuration.ram-cache-size = 1G
configuration.re6st-verification-url = http://[2001:67c:1254:4::1]/index.html configuration.re6st-verification-url = http://[2001:67c:1254:4::1]/index.html
configuration.enable-http2-by-default = true configuration.enable-http2-by-default = true
configuration.enable-http3 = false
configuration.http3-port = 443
configuration.ciphers = ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA AES256-SHA AES128-SHA ECDHE-RSA-DES-CBC3-SHA DES-CBC3-SHA configuration.ciphers = ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA AES256-SHA AES128-SHA ECDHE-RSA-DES-CBC3-SHA DES-CBC3-SHA
configuration.request-timeout = 600 configuration.request-timeout = 600
configuration.frontend-name = configuration.frontend-name =
......
{%- if configuration['quic'] == 'True' %} {%- if configuration['http3-enable'] == 'True' %}
{%- set QUIC = True %} {%- set HTTP3 = True %}
{%- else %} {%- else %}
{%- set QUIC = False %} {%- set HTTP3 = False %}
{%- endif %} {%- endif %}
global global
pidfile {{ configuration['pid-file'] }} pidfile {{ configuration['pid-file'] }}
...@@ -79,12 +79,9 @@ frontend http-frontend ...@@ -79,12 +79,9 @@ frontend http-frontend
frontend https-frontend frontend https-frontend
bind {{ configuration['local-ipv4'] }}:{{ configuration['https-port'] }} ssl crt-list {{ crt_list }} bind {{ configuration['local-ipv4'] }}:{{ configuration['https-port'] }} ssl crt-list {{ crt_list }}
bind {{ configuration['global-ipv6'] }}:{{ configuration['https-port'] }} ssl crt-list {{ crt_list }} bind {{ configuration['global-ipv6'] }}:{{ configuration['https-port'] }} ssl crt-list {{ crt_list }}
{%- if QUIC %} {%- if HTTP3 %}
bind quic4@{{ configuration['local-ipv4'] }}:{{ configuration['https-port'] }} ssl crt-list {{ crt_list }} alpn h3 bind quic4@{{ configuration['local-ipv4'] }}:{{ configuration['https-port'] }} ssl crt-list {{ crt_list }} alpn h3
bind quic6@{{ configuration['global-ipv6'] }}:{{ configuration['https-port'] }} ssl crt-list {{ crt_list }} alpn h3 bind quic6@{{ configuration['global-ipv6'] }}:{{ configuration['https-port'] }} ssl crt-list {{ crt_list }} alpn h3
http-response set-header alt-svc "h3=\":{{ configuration['quic-port'] }}\"; ma=3600"
{#- Ask Chromium to use QUIC #}
http-response set-header alternate-protocol {{ configuration['quic-port'] }}:quic
{%- endif %} {%- endif %}
{{ frontend_common() }} {{ frontend_common() }}
{%- for slave_instance in frontend_slave_list -%} {%- for slave_instance in frontend_slave_list -%}
...@@ -100,6 +97,11 @@ frontend https-frontend ...@@ -100,6 +97,11 @@ frontend https-frontend
{%- for (scheme, prefix) in SCHEME_PREFIX_MAPPING.items() %} {%- for (scheme, prefix) in SCHEME_PREFIX_MAPPING.items() %}
{%- set info_dict = slave_instance.get(prefix, slave_instance.get('backend-http-info')) %} {%- set info_dict = slave_instance.get(prefix, slave_instance.get('backend-http-info')) %}
backend {{ slave_instance['slave_reference'] }}-{{ scheme }} backend {{ slave_instance['slave_reference'] }}-{{ scheme }}
{%- if HTTP3 and slave_instance['enable-http3'] %}
http-after-response set-header alt-svc "h3=\":{{ configuration['http3-port'] }}\"; ma=3600"
{#- Ask Chromium to use HTTP3 #}
http-after-response set-header alternate-protocol {{ configuration['http3-port'] }}:quic
{%- endif %}
{%- if scheme == 'http' and slave_instance['https-only'] %} {%- if scheme == 'http' and slave_instance['https-only'] %}
{#- Support https-only if connected via http #} {#- Support https-only if connected via http #}
redirect scheme https code 302 redirect scheme https code 302
......
This diff is collapsed.
...@@ -103,11 +103,10 @@ ...@@ -103,11 +103,10 @@
"backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990", "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
"cluster-identification": "testing partition 0", "cluster-identification": "testing partition 0",
"domain": "example.com", "domain": "example.com",
"enable-http3": "false",
"extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_dummy-cached\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_enable-http2-default\"}, {\"enable-http2\": \"false\", \"slave_reference\": \"_enable-http2-false\"}, {\"enable-http2\": \"true\", \"slave_reference\": \"_enable-http2-true\"}]", "extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_dummy-cached\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_enable-http2-default\"}, {\"enable-http2\": \"false\", \"slave_reference\": \"_enable-http2-false\"}, {\"enable-http2\": \"true\", \"slave_reference\": \"_enable-http2-true\"}]",
"frontend-haproxy-flavour": "basic",
"frontend-haproxy-quic": "False",
"frontend-name": "caddy-frontend-1", "frontend-name": "caddy-frontend-1",
"frontend-quic-port": "443", "http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090", "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@", "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com", "monitor-cors-domains": "monitor.app.officejs.com",
......
...@@ -8,11 +8,118 @@ T-1/var/log/monitor-httpd-error.log ...@@ -8,11 +8,118 @@ T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr.log T-2/var/log/expose-csr.log
T-2/var/log/frontend-haproxy.log T-2/var/log/frontend-haproxy.log
T-2/var/log/httpd/_dummy-cached_access_log T-2/var/log/httpd/_Url_access_log
T-2/var/log/httpd/_dummy-cached_backend_log T-2/var/log/httpd/_Url_backend_log
T-2/var/log/httpd/_auth-to-backend-backend-ignore_access_log
T-2/var/log/httpd/_auth-to-backend-backend-ignore_backend_log
T-2/var/log/httpd/_auth-to-backend-not-configured_access_log
T-2/var/log/httpd/_auth-to-backend-not-configured_backend_log
T-2/var/log/httpd/_auth-to-backend_access_log
T-2/var/log/httpd/_auth-to-backend_backend_log
T-2/var/log/httpd/_bad-backend_access_log
T-2/var/log/httpd/_bad-backend_backend_log
T-2/var/log/httpd/_ciphers-translation-all_access_log
T-2/var/log/httpd/_ciphers_access_log
T-2/var/log/httpd/_custom_domain_access_log
T-2/var/log/httpd/_custom_domain_backend_log
T-2/var/log/httpd/_custom_domain_server_alias_access_log
T-2/var/log/httpd/_custom_domain_server_alias_backend_log
T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_access_log
T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_backend_log
T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_ssl_ca_crt_access_log
T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_ssl_ca_crt_backend_log
T-2/var/log/httpd/_disabled-cookie-list-simple_access_log
T-2/var/log/httpd/_disabled-cookie-list-simple_backend_log
T-2/var/log/httpd/_disabled-cookie-list_access_log
T-2/var/log/httpd/_disabled-cookie-list_backend_log
T-2/var/log/httpd/_empty_access_log
T-2/var/log/httpd/_enable-http2-default_access_log T-2/var/log/httpd/_enable-http2-default_access_log
T-2/var/log/httpd/_enable-http2-default_backend_log
T-2/var/log/httpd/_enable-http2-false_access_log T-2/var/log/httpd/_enable-http2-false_access_log
T-2/var/log/httpd/_enable-http2-false_backend_log
T-2/var/log/httpd/_enable-http2-true_access_log T-2/var/log/httpd/_enable-http2-true_access_log
T-2/var/log/httpd/_enable-http2-true_backend_log
T-2/var/log/httpd/_enable-http3-default-enable-http2-false_access_log
T-2/var/log/httpd/_enable-http3-default-enable-http2-false_backend_log
T-2/var/log/httpd/_enable-http3-default_access_log
T-2/var/log/httpd/_enable-http3-default_backend_log
T-2/var/log/httpd/_enable-http3-false_access_log
T-2/var/log/httpd/_enable-http3-false_backend_log
T-2/var/log/httpd/_enable-http3-true-enable-http2-false_access_log
T-2/var/log/httpd/_enable-http3-true-enable-http2-false_backend_log
T-2/var/log/httpd/_enable-http3-true_access_log
T-2/var/log/httpd/_enable-http3-true_backend_log
T-2/var/log/httpd/_enable_cache-disable-no-cache-request_access_log
T-2/var/log/httpd/_enable_cache-disable-no-cache-request_backend_log
T-2/var/log/httpd/_enable_cache-disable-via-header_access_log
T-2/var/log/httpd/_enable_cache-disable-via-header_backend_log
T-2/var/log/httpd/_enable_cache-https-only-false_access_log
T-2/var/log/httpd/_enable_cache-https-only-false_backend_log
T-2/var/log/httpd/_enable_cache_access_log
T-2/var/log/httpd/_enable_cache_backend_log
T-2/var/log/httpd/_enable_cache_custom_domain_access_log
T-2/var/log/httpd/_enable_cache_custom_domain_backend_log
T-2/var/log/httpd/_enable_cache_server_alias_access_log
T-2/var/log/httpd/_enable_cache_server_alias_backend_log
T-2/var/log/httpd/_https-only_access_log
T-2/var/log/httpd/_https-only_backend_log
T-2/var/log/httpd/_https-url-netloc-list_access_log
T-2/var/log/httpd/_https-url-netloc-list_backend_log
T-2/var/log/httpd/_prefer-gzip-encoding-to-backend-https-only_access_log
T-2/var/log/httpd/_prefer-gzip-encoding-to-backend-https-only_backend_log
T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_access_log
T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_backend_log
T-2/var/log/httpd/_server-alias-duplicated_access_log
T-2/var/log/httpd/_server-alias-duplicated_backend_log
T-2/var/log/httpd/_server-alias-empty_access_log
T-2/var/log/httpd/_server-alias-empty_backend_log
T-2/var/log/httpd/_server-alias-wildcard_access_log
T-2/var/log/httpd/_server-alias-wildcard_backend_log
T-2/var/log/httpd/_server-alias_access_log
T-2/var/log/httpd/_server-alias_backend_log
T-2/var/log/httpd/_server-alias_custom_domain-duplicated_access_log
T-2/var/log/httpd/_server-alias_custom_domain-duplicated_backend_log
T-2/var/log/httpd/_ssl-proxy-verify-unverified_access_log
T-2/var/log/httpd/_ssl-proxy-verify-unverified_backend_log
T-2/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log
T-2/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt-unverified_backend_log
T-2/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt_access_log
T-2/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt_backend_log
T-2/var/log/httpd/_ssl_ca_crt_does_not_match_access_log
T-2/var/log/httpd/_ssl_ca_crt_does_not_match_backend_log
T-2/var/log/httpd/_ssl_ca_crt_garbage_access_log
T-2/var/log/httpd/_ssl_ca_crt_garbage_backend_log
T-2/var/log/httpd/_ssl_ca_crt_only_access_log
T-2/var/log/httpd/_ssl_ca_crt_only_backend_log
T-2/var/log/httpd/_type-notebook_access_log
T-2/var/log/httpd/_type-notebook_backend_log
T-2/var/log/httpd/_type-redirect-custom_domain_access_log
T-2/var/log/httpd/_type-redirect_access_log
T-2/var/log/httpd/_type-websocket-websocket-path-list-websocket-transparent-false_access_log
T-2/var/log/httpd/_type-websocket-websocket-path-list-websocket-transparent-false_backend_log
T-2/var/log/httpd/_type-websocket-websocket-path-list_access_log
T-2/var/log/httpd/_type-websocket-websocket-path-list_backend_log
T-2/var/log/httpd/_type-websocket-websocket-transparent-false_access_log
T-2/var/log/httpd/_type-websocket-websocket-transparent-false_backend_log
T-2/var/log/httpd/_type-websocket_access_log
T-2/var/log/httpd/_type-websocket_backend_log
T-2/var/log/httpd/_type-zope-default-path_access_log
T-2/var/log/httpd/_type-zope-path_access_log
T-2/var/log/httpd/_type-zope-path_backend_log
T-2/var/log/httpd/_type-zope-prefer-gzip-encoding-to-backend-https-only_access_log
T-2/var/log/httpd/_type-zope-prefer-gzip-encoding-to-backend-https-only_backend_log
T-2/var/log/httpd/_type-zope-prefer-gzip-encoding-to-backend_access_log
T-2/var/log/httpd/_type-zope-prefer-gzip-encoding-to-backend_backend_log
T-2/var/log/httpd/_type-zope-virtualhostroot-http-port_access_log
T-2/var/log/httpd/_type-zope-virtualhostroot-http-port_backend_log
T-2/var/log/httpd/_type-zope-virtualhostroot-https-port_access_log
T-2/var/log/httpd/_type-zope-virtualhostroot-https-port_backend_log
T-2/var/log/httpd/_type-zope_access_log
T-2/var/log/httpd/_type-zope_backend_log
T-2/var/log/httpd/_url-netloc-list_access_log
T-2/var/log/httpd/_url-netloc-list_backend_log
T-2/var/log/httpd/_url_https-url_access_log
T-2/var/log/httpd/_url_https-url_backend_log
T-2/var/log/monitor-httpd-access.log T-2/var/log/monitor-httpd-access.log
T-2/var/log/monitor-httpd-error.log T-2/var/log/monitor-httpd-error.log
T-2/var/log/slave-introspection-access.log T-2/var/log/slave-introspection-access.log
......
SetEnvIf Origin "^http(s)?://(.+\.)?(monitor\.app\.officejs\.com)$" ORIGIN_DOMAIN=$0
Header always set Access-Control-Allow-Origin "%{ORIGIN_DOMAIN}e" env=ORIGIN_DOMAIN
Header always set Access-Control-Allow-Credentials "true" env=ORIGIN_DOMAIN
Header always set Access-Control-Allow-Methods "PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST" env=ORIGIN_DOMAIN
Header always set Access-Control-Allow-Headers "Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Authorization" env=ORIGIN_DOMAIN
...@@ -61,11 +61,10 @@ ...@@ -61,11 +61,10 @@
"_": { "_": {
"backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990", "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
"cluster-identification": "testing partition 0", "cluster-identification": "testing partition 0",
"enable-http3": "false",
"extra_slave_instance_list": "[]", "extra_slave_instance_list": "[]",
"frontend-haproxy-flavour": "basic",
"frontend-haproxy-quic": "False",
"frontend-name": "caddy-frontend-1", "frontend-name": "caddy-frontend-1",
"frontend-quic-port": "443", "http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090", "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@", "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com", "monitor-cors-domains": "monitor.app.officejs.com",
......
...@@ -59,11 +59,10 @@ ...@@ -59,11 +59,10 @@
"_": { "_": {
"backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990", "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
"cluster-identification": "testing partition 0", "cluster-identification": "testing partition 0",
"enable-http3": "false",
"extra_slave_instance_list": "[]", "extra_slave_instance_list": "[]",
"frontend-haproxy-flavour": "basic",
"frontend-haproxy-quic": "False",
"frontend-name": "caddy-frontend-1", "frontend-name": "caddy-frontend-1",
"frontend-quic-port": "443", "http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090", "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@", "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com", "monitor-cors-domains": "monitor.app.officejs.com",
......
...@@ -61,11 +61,10 @@ ...@@ -61,11 +61,10 @@
"backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990", "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
"cluster-identification": "testing partition 0", "cluster-identification": "testing partition 0",
"domain": "example.com", "domain": "example.com",
"enable-http3": "false",
"extra_slave_instance_list": "[]", "extra_slave_instance_list": "[]",
"frontend-haproxy-flavour": "basic",
"frontend-haproxy-quic": "False",
"frontend-name": "caddy-frontend-1", "frontend-name": "caddy-frontend-1",
"frontend-quic-port": "443", "http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090", "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@", "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com", "monitor-cors-domains": "monitor.app.officejs.com",
......
...@@ -75,11 +75,10 @@ ...@@ -75,11 +75,10 @@
"backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990", "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
"cluster-identification": "testing partition 0", "cluster-identification": "testing partition 0",
"domain": "example.com", "domain": "example.com",
"enable-http3": "false",
"extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_default\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]", "extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_default\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]",
"frontend-haproxy-flavour": "basic",
"frontend-haproxy-quic": "False",
"frontend-name": "caddy-frontend-1", "frontend-name": "caddy-frontend-1",
"frontend-quic-port": "443", "http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090", "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@", "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com", "monitor-cors-domains": "monitor.app.officejs.com",
......
...@@ -75,11 +75,10 @@ ...@@ -75,11 +75,10 @@
"backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990", "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
"cluster-identification": "testing partition 0", "cluster-identification": "testing partition 0",
"domain": "example.com", "domain": "example.com",
"enable-http3": "false",
"extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_default\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]", "extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_default\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]",
"frontend-haproxy-flavour": "basic",
"frontend-haproxy-quic": "False",
"frontend-name": "caddy-frontend-1", "frontend-name": "caddy-frontend-1",
"frontend-quic-port": "443", "http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090", "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@", "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com", "monitor-cors-domains": "monitor.app.officejs.com",
......
...@@ -79,11 +79,10 @@ ...@@ -79,11 +79,10 @@
"backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990", "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
"cluster-identification": "testing partition 0", "cluster-identification": "testing partition 0",
"domain": "example.com", "domain": "example.com",
"enable-http3": "false",
"extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_replicate\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]", "extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_replicate\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]",
"frontend-haproxy-flavour": "basic",
"frontend-haproxy-quic": "False",
"frontend-name": "caddy-frontend-1", "frontend-name": "caddy-frontend-1",
"frontend-quic-port": "443", "http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090", "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@", "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com", "monitor-cors-domains": "monitor.app.officejs.com",
...@@ -119,11 +118,10 @@ ...@@ -119,11 +118,10 @@
"backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990", "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
"cluster-identification": "testing partition 0", "cluster-identification": "testing partition 0",
"domain": "example.com", "domain": "example.com",
"enable-http3": "false",
"extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_replicate\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]", "extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_replicate\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]",
"frontend-haproxy-flavour": "basic",
"frontend-haproxy-quic": "False",
"frontend-name": "caddy-frontend-2", "frontend-name": "caddy-frontend-2",
"frontend-quic-port": "443", "http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090", "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@", "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com", "monitor-cors-domains": "monitor.app.officejs.com",
......
...@@ -37,6 +37,18 @@ T-2/var/log/httpd/_enable-http2-default_access_log ...@@ -37,6 +37,18 @@ T-2/var/log/httpd/_enable-http2-default_access_log
T-2/var/log/httpd/_enable-http2-default_backend_log T-2/var/log/httpd/_enable-http2-default_backend_log
T-2/var/log/httpd/_enable-http2-false_access_log T-2/var/log/httpd/_enable-http2-false_access_log
T-2/var/log/httpd/_enable-http2-false_backend_log T-2/var/log/httpd/_enable-http2-false_backend_log
T-2/var/log/httpd/_enable-http2-true_access_log
T-2/var/log/httpd/_enable-http2-true_backend_log
T-2/var/log/httpd/_enable-http3-default-enable-http2-false_access_log
T-2/var/log/httpd/_enable-http3-default-enable-http2-false_backend_log
T-2/var/log/httpd/_enable-http3-default_access_log
T-2/var/log/httpd/_enable-http3-default_backend_log
T-2/var/log/httpd/_enable-http3-false_access_log
T-2/var/log/httpd/_enable-http3-false_backend_log
T-2/var/log/httpd/_enable-http3-true-enable-http2-false_access_log
T-2/var/log/httpd/_enable-http3-true-enable-http2-false_backend_log
T-2/var/log/httpd/_enable-http3-true_access_log
T-2/var/log/httpd/_enable-http3-true_backend_log
T-2/var/log/httpd/_enable_cache-disable-no-cache-request_access_log T-2/var/log/httpd/_enable_cache-disable-no-cache-request_access_log
T-2/var/log/httpd/_enable_cache-disable-no-cache-request_backend_log T-2/var/log/httpd/_enable_cache-disable-no-cache-request_backend_log
T-2/var/log/httpd/_enable_cache-disable-via-header_access_log T-2/var/log/httpd/_enable_cache-disable-via-header_access_log
......
...@@ -91,11 +91,10 @@ ...@@ -91,11 +91,10 @@
"ciphers": "ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384", "ciphers": "ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384",
"cluster-identification": "testing partition 0", "cluster-identification": "testing partition 0",
"domain": "example.com", "domain": "example.com",
"enable-http3": "false",
"extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_default_ciphers\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"ciphers\": \"ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256\", \"enable_cache\": true, \"slave_reference\": \"_own_ciphers\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]", "extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_default_ciphers\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"ciphers\": \"ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256\", \"enable_cache\": true, \"slave_reference\": \"_own_ciphers\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]",
"frontend-haproxy-flavour": "basic",
"frontend-haproxy-quic": "False",
"frontend-name": "caddy-frontend-1", "frontend-name": "caddy-frontend-1",
"frontend-quic-port": "443", "http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090", "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@", "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com", "monitor-cors-domains": "monitor.app.officejs.com",
......
...@@ -280,11 +280,10 @@ ...@@ -280,11 +280,10 @@
"backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990", "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
"cluster-identification": "testing partition 0", "cluster-identification": "testing partition 0",
"domain": "example.com", "domain": "example.com",
"enable-http3": "false",
"extra_slave_instance_list": "[{\"health-check\": true, \"health-check-http-method\": \"CONNECT\", \"slave_reference\": \"_health-check-connect\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"health-check\": true, \"health-check-fall\": \"7\", \"health-check-http-method\": \"POST\", \"health-check-http-path\": \"/POST-path to be encoded\", \"health-check-http-version\": \"HTTP/1.0\", \"health-check-interval\": \"15\", \"health-check-rise\": \"3\", \"health-check-timeout\": \"7\", \"slave_reference\": \"_health-check-custom\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"health-check\": true, \"slave_reference\": \"_health-check-default\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_health-check-disabled\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"enable_cache\": true, \"health-check\": true, \"health-check-failover-https-url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/failover-https-url?a=b&c=\", \"health-check-failover-url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/failover-url?a=b&c=\", \"health-check-http-path\": \"/health-check-failover-url\", \"health-check-interval\": 1, \"health-check-timeout\": 1, \"https-only\": false, \"https-url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/https-url\", \"slave_reference\": \"_health-check-failover-url\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/url\"}, {\"health-check\": true, \"health-check-authenticate-to-failover-backend\": true, \"health-check-failover-https-url\": \"https://@@_ipv4_address@@:@@_server_https_auth_port@@/failover-https-url?a=b&c=\", \"health-check-failover-url\": \"https://@@_ipv4_address@@:@@_server_https_auth_port@@/failover-url?a=b&c=\", \"health-check-http-path\": \"/health-check-failover-url-auth-to-backend\", \"health-check-interval\": 1, \"health-check-timeout\": 1, \"https-only\": false, \"https-url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/https-url\", \"slave_reference\": \"_health-check-failover-url-auth-to-backend\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/url\"}, {\"health-check\": true, \"health-check-failover-https-url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/failover-https-url?a=b&c=\", \"health-check-failover-url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/failover-url?a=b&c=\", \"health-check-failover-url-netloc-list\": \"@@_ipv4_address@@:@@_server_netloc_a_http_port@@ @@_ipv4_address@@:@@_server_netloc_b_http_port@@\", \"health-check-http-path\": \"/health-check-failover-url\", \"health-check-interval\": 1, \"health-check-timeout\": 1, \"https-only\": false, \"https-url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/https-url\", \"slave_reference\": \"_health-check-failover-url-netloc-list\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/url\"}, {\"health-check\": true, \"health-check-failover-ssl-proxy-ca-crt\": \"@@test_server_ca.certificate_pem_double@@\", \"health-check-failover-ssl-proxy-verify\": true, \"health-check-failover-url\": \"https://@@_ipv4_address@@:@@_server_https_port@@/\", \"health-check-http-path\": \"/health-check-failover-url-ssl-proxy-verified\", \"health-check-interval\": 1, \"health-check-timeout\": 1, \"slave_reference\": \"_health-check-failover-url-ssl-proxy-verified\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"health-check\": true, \"health-check-failover-ssl-proxy-verify\": true, \"health-check-failover-url\": \"https://@@_ipv4_address@@:@@_server_https_port@@/\", \"health-check-http-path\": \"/health-check-failover-url-ssl-proxy-verify-missing\", \"health-check-interval\": 1, \"health-check-timeout\": 1, \"slave_reference\": \"_health-check-failover-url-ssl-proxy-verify-missing\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"health-check\": true, \"health-check-failover-ssl-proxy-ca-crt\": \"@@another_server_ca.certificate_pem_double@@\", \"health-check-failover-ssl-proxy-verify\": true, \"health-check-failover-url\": \"https://@@_ipv4_address@@:@@_server_https_port@@/\", \"health-check-http-path\": \"/health-check-failover-url-ssl-proxy-verify-unverified\", \"health-check-interval\": 1, \"health-check-timeout\": 1, \"slave_reference\": \"_health-check-failover-url-ssl-proxy-verify-unverified\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]", "extra_slave_instance_list": "[{\"health-check\": true, \"health-check-http-method\": \"CONNECT\", \"slave_reference\": \"_health-check-connect\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"health-check\": true, \"health-check-fall\": \"7\", \"health-check-http-method\": \"POST\", \"health-check-http-path\": \"/POST-path to be encoded\", \"health-check-http-version\": \"HTTP/1.0\", \"health-check-interval\": \"15\", \"health-check-rise\": \"3\", \"health-check-timeout\": \"7\", \"slave_reference\": \"_health-check-custom\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"health-check\": true, \"slave_reference\": \"_health-check-default\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_health-check-disabled\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"enable_cache\": true, \"health-check\": true, \"health-check-failover-https-url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/failover-https-url?a=b&c=\", \"health-check-failover-url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/failover-url?a=b&c=\", \"health-check-http-path\": \"/health-check-failover-url\", \"health-check-interval\": 1, \"health-check-timeout\": 1, \"https-only\": false, \"https-url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/https-url\", \"slave_reference\": \"_health-check-failover-url\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/url\"}, {\"health-check\": true, \"health-check-authenticate-to-failover-backend\": true, \"health-check-failover-https-url\": \"https://@@_ipv4_address@@:@@_server_https_auth_port@@/failover-https-url?a=b&c=\", \"health-check-failover-url\": \"https://@@_ipv4_address@@:@@_server_https_auth_port@@/failover-url?a=b&c=\", \"health-check-http-path\": \"/health-check-failover-url-auth-to-backend\", \"health-check-interval\": 1, \"health-check-timeout\": 1, \"https-only\": false, \"https-url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/https-url\", \"slave_reference\": \"_health-check-failover-url-auth-to-backend\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/url\"}, {\"health-check\": true, \"health-check-failover-https-url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/failover-https-url?a=b&c=\", \"health-check-failover-url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/failover-url?a=b&c=\", \"health-check-failover-url-netloc-list\": \"@@_ipv4_address@@:@@_server_netloc_a_http_port@@ @@_ipv4_address@@:@@_server_netloc_b_http_port@@\", \"health-check-http-path\": \"/health-check-failover-url\", \"health-check-interval\": 1, \"health-check-timeout\": 1, \"https-only\": false, \"https-url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/https-url\", \"slave_reference\": \"_health-check-failover-url-netloc-list\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/url\"}, {\"health-check\": true, \"health-check-failover-ssl-proxy-ca-crt\": \"@@test_server_ca.certificate_pem_double@@\", \"health-check-failover-ssl-proxy-verify\": true, \"health-check-failover-url\": \"https://@@_ipv4_address@@:@@_server_https_port@@/\", \"health-check-http-path\": \"/health-check-failover-url-ssl-proxy-verified\", \"health-check-interval\": 1, \"health-check-timeout\": 1, \"slave_reference\": \"_health-check-failover-url-ssl-proxy-verified\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"health-check\": true, \"health-check-failover-ssl-proxy-verify\": true, \"health-check-failover-url\": \"https://@@_ipv4_address@@:@@_server_https_port@@/\", \"health-check-http-path\": \"/health-check-failover-url-ssl-proxy-verify-missing\", \"health-check-interval\": 1, \"health-check-timeout\": 1, \"slave_reference\": \"_health-check-failover-url-ssl-proxy-verify-missing\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"health-check\": true, \"health-check-failover-ssl-proxy-ca-crt\": \"@@another_server_ca.certificate_pem_double@@\", \"health-check-failover-ssl-proxy-verify\": true, \"health-check-failover-url\": \"https://@@_ipv4_address@@:@@_server_https_port@@/\", \"health-check-http-path\": \"/health-check-failover-url-ssl-proxy-verify-unverified\", \"health-check-interval\": 1, \"health-check-timeout\": 1, \"slave_reference\": \"_health-check-failover-url-ssl-proxy-verify-unverified\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]",
"frontend-haproxy-flavour": "basic",
"frontend-haproxy-quic": "False",
"frontend-name": "caddy-frontend-1", "frontend-name": "caddy-frontend-1",
"frontend-quic-port": "443", "http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090", "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@", "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com", "monitor-cors-domains": "monitor.app.officejs.com",
......
...@@ -88,11 +88,10 @@ ...@@ -88,11 +88,10 @@
"backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990", "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
"cluster-identification": "testing partition 0", "cluster-identification": "testing partition 0",
"domain": "example.com", "domain": "example.com",
"enable-http3": "false",
"extra_slave_instance_list": "[{\"custom_domain\": \"*.alias1.example.com\", \"slave_reference\": \"_wildcard\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/wildcard\"}, {\"custom_domain\": \"zspecific.alias1.example.com\", \"slave_reference\": \"_zspecific\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/zspecific\"}]", "extra_slave_instance_list": "[{\"custom_domain\": \"*.alias1.example.com\", \"slave_reference\": \"_wildcard\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/wildcard\"}, {\"custom_domain\": \"zspecific.alias1.example.com\", \"slave_reference\": \"_zspecific\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/zspecific\"}]",
"frontend-haproxy-flavour": "basic",
"frontend-haproxy-quic": "False",
"frontend-name": "caddy-frontend-1", "frontend-name": "caddy-frontend-1",
"frontend-quic-port": "443", "http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090", "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@", "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com", "monitor-cors-domains": "monitor.app.officejs.com",
......
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-haproxy.log
T-2/var/log/httpd/_Url_access_log
T-2/var/log/httpd/_Url_backend_log
T-2/var/log/httpd/_auth-to-backend-backend-ignore_access_log
T-2/var/log/httpd/_auth-to-backend-backend-ignore_backend_log
T-2/var/log/httpd/_auth-to-backend-not-configured_access_log
T-2/var/log/httpd/_auth-to-backend-not-configured_backend_log
T-2/var/log/httpd/_auth-to-backend_access_log
T-2/var/log/httpd/_auth-to-backend_backend_log
T-2/var/log/httpd/_bad-backend_access_log
T-2/var/log/httpd/_bad-backend_backend_log
T-2/var/log/httpd/_ciphers-translation-all_access_log
T-2/var/log/httpd/_ciphers_access_log
T-2/var/log/httpd/_custom_domain_access_log
T-2/var/log/httpd/_custom_domain_backend_log
T-2/var/log/httpd/_custom_domain_server_alias_access_log
T-2/var/log/httpd/_custom_domain_server_alias_backend_log
T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_access_log
T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_backend_log
T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_ssl_ca_crt_access_log
T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_ssl_ca_crt_backend_log
T-2/var/log/httpd/_disabled-cookie-list-simple_access_log
T-2/var/log/httpd/_disabled-cookie-list-simple_backend_log
T-2/var/log/httpd/_disabled-cookie-list_access_log
T-2/var/log/httpd/_disabled-cookie-list_backend_log
T-2/var/log/httpd/_empty_access_log
T-2/var/log/httpd/_enable-http2-default_access_log
T-2/var/log/httpd/_enable-http2-default_backend_log
T-2/var/log/httpd/_enable-http2-false_access_log
T-2/var/log/httpd/_enable-http2-false_backend_log
T-2/var/log/httpd/_enable-http2-true_access_log
T-2/var/log/httpd/_enable-http2-true_backend_log
T-2/var/log/httpd/_enable-http3-default-enable-http2-false_access_log
T-2/var/log/httpd/_enable-http3-default-enable-http2-false_backend_log
T-2/var/log/httpd/_enable-http3-default_access_log
T-2/var/log/httpd/_enable-http3-default_backend_log
T-2/var/log/httpd/_enable-http3-false_access_log
T-2/var/log/httpd/_enable-http3-false_backend_log
T-2/var/log/httpd/_enable-http3-true-enable-http2-false_access_log
T-2/var/log/httpd/_enable-http3-true-enable-http2-false_backend_log
T-2/var/log/httpd/_enable-http3-true_access_log
T-2/var/log/httpd/_enable-http3-true_backend_log
T-2/var/log/httpd/_enable_cache-disable-no-cache-request_access_log
T-2/var/log/httpd/_enable_cache-disable-no-cache-request_backend_log
T-2/var/log/httpd/_enable_cache-disable-via-header_access_log
T-2/var/log/httpd/_enable_cache-disable-via-header_backend_log
T-2/var/log/httpd/_enable_cache-https-only-false_access_log
T-2/var/log/httpd/_enable_cache-https-only-false_backend_log
T-2/var/log/httpd/_enable_cache_access_log
T-2/var/log/httpd/_enable_cache_backend_log
T-2/var/log/httpd/_enable_cache_custom_domain_access_log
T-2/var/log/httpd/_enable_cache_custom_domain_backend_log
T-2/var/log/httpd/_enable_cache_server_alias_access_log
T-2/var/log/httpd/_enable_cache_server_alias_backend_log
T-2/var/log/httpd/_https-only_access_log
T-2/var/log/httpd/_https-only_backend_log
T-2/var/log/httpd/_https-url-netloc-list_access_log
T-2/var/log/httpd/_https-url-netloc-list_backend_log
T-2/var/log/httpd/_prefer-gzip-encoding-to-backend-https-only_access_log
T-2/var/log/httpd/_prefer-gzip-encoding-to-backend-https-only_backend_log
T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_access_log
T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_backend_log
T-2/var/log/httpd/_server-alias-duplicated_access_log
T-2/var/log/httpd/_server-alias-duplicated_backend_log
T-2/var/log/httpd/_server-alias-empty_access_log
T-2/var/log/httpd/_server-alias-empty_backend_log
T-2/var/log/httpd/_server-alias-wildcard_access_log
T-2/var/log/httpd/_server-alias-wildcard_backend_log
T-2/var/log/httpd/_server-alias_access_log
T-2/var/log/httpd/_server-alias_backend_log
T-2/var/log/httpd/_server-alias_custom_domain-duplicated_access_log
T-2/var/log/httpd/_server-alias_custom_domain-duplicated_backend_log
T-2/var/log/httpd/_ssl-proxy-verify-unverified_access_log
T-2/var/log/httpd/_ssl-proxy-verify-unverified_backend_log
T-2/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log
T-2/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt-unverified_backend_log
T-2/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt_access_log
T-2/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt_backend_log
T-2/var/log/httpd/_ssl_ca_crt_does_not_match_access_log
T-2/var/log/httpd/_ssl_ca_crt_does_not_match_backend_log
T-2/var/log/httpd/_ssl_ca_crt_garbage_access_log
T-2/var/log/httpd/_ssl_ca_crt_garbage_backend_log
T-2/var/log/httpd/_ssl_ca_crt_only_access_log
T-2/var/log/httpd/_ssl_ca_crt_only_backend_log
T-2/var/log/httpd/_type-notebook_access_log
T-2/var/log/httpd/_type-notebook_backend_log
T-2/var/log/httpd/_type-redirect-custom_domain_access_log
T-2/var/log/httpd/_type-redirect_access_log
T-2/var/log/httpd/_type-websocket-websocket-path-list-websocket-transparent-false_access_log
T-2/var/log/httpd/_type-websocket-websocket-path-list-websocket-transparent-false_backend_log
T-2/var/log/httpd/_type-websocket-websocket-path-list_access_log
T-2/var/log/httpd/_type-websocket-websocket-path-list_backend_log
T-2/var/log/httpd/_type-websocket-websocket-transparent-false_access_log
T-2/var/log/httpd/_type-websocket-websocket-transparent-false_backend_log
T-2/var/log/httpd/_type-websocket_access_log
T-2/var/log/httpd/_type-websocket_backend_log
T-2/var/log/httpd/_type-zope-default-path_access_log
T-2/var/log/httpd/_type-zope-path_access_log
T-2/var/log/httpd/_type-zope-path_backend_log
T-2/var/log/httpd/_type-zope-prefer-gzip-encoding-to-backend-https-only_access_log
T-2/var/log/httpd/_type-zope-prefer-gzip-encoding-to-backend-https-only_backend_log
T-2/var/log/httpd/_type-zope-prefer-gzip-encoding-to-backend_access_log
T-2/var/log/httpd/_type-zope-prefer-gzip-encoding-to-backend_backend_log
T-2/var/log/httpd/_type-zope-virtualhostroot-http-port_access_log
T-2/var/log/httpd/_type-zope-virtualhostroot-http-port_backend_log
T-2/var/log/httpd/_type-zope-virtualhostroot-https-port_access_log
T-2/var/log/httpd/_type-zope-virtualhostroot-https-port_backend_log
T-2/var/log/httpd/_type-zope_access_log
T-2/var/log/httpd/_type-zope_backend_log
T-2/var/log/httpd/_url-netloc-list_access_log
T-2/var/log/httpd/_url-netloc-list_backend_log
T-2/var/log/httpd/_url_https-url_access_log
T-2/var/log/httpd/_url_https-url_backend_log
T-2/var/log/monitor-httpd-access.log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/slave-introspection-access.log
T-2/var/log/slave-introspection-error.log
T-2/var/log/trafficserver/manager.log
SetEnvIf Origin "^http(s)?://(.+\.)?(monitor\.app\.officejs\.com)$" ORIGIN_DOMAIN=$0
Header always set Access-Control-Allow-Origin "%{ORIGIN_DOMAIN}e" env=ORIGIN_DOMAIN
Header always set Access-Control-Allow-Credentials "true" env=ORIGIN_DOMAIN
Header always set Access-Control-Allow-Methods "PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST" env=ORIGIN_DOMAIN
Header always set Access-Control-Allow-Headers "Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Authorization" env=ORIGIN_DOMAIN
[
{
"-frontend-1-experimental-haproxy-flavour": "quic",
"-frontend-1-experimental-haproxy-quic": "True",
"-frontend-1-experimental-quic-port": "11443",
"caucase_port": "15090",
"domain": "example.com",
"full_address_list": [],
"instance_title": "testing partition 0",
"ip_list": [
[
"T-0",
"@@_ipv4_address@@"
],
[
"T-0",
"@@_ipv6_address@@"
]
],
"kedifa_port": "15080",
"plain_http_port": "11080",
"port": "11443",
"request-timeout": "12",
"root_instance_title": "testing partition 0",
"slap_computer_id": "local",
"slap_computer_partition_id": "T-0",
"slap_software_release_url": "@@00getSoftwareURL@@",
"slap_software_type": "RootSoftwareInstance",
"slave_instance_list": [
{
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_url",
"slave_title": "_url",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"enable_cache": true,
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_enable_cache",
"slave_title": "_enable_cache",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
}
],
"timestamp": "@@TIMESTAMP@@"
},
{
"_": {
"caucase_port": "15090",
"cluster-identification": "testing partition 0",
"kedifa_port": "15080",
"monitor-cors-domains": "monitor.app.officejs.com",
"monitor-httpd-port": "8402",
"monitor-password": "@@monitor-password@@",
"monitor-username": "admin",
"slave-list": [
{
"enable_cache": true,
"slave_reference": "_enable_cache",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"slave_reference": "_url",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
}
]
},
"full_address_list": [],
"instance_title": "kedifa",
"ip_list": [
[
"T-1",
"@@_ipv4_address@@"
],
[
"T-1",
"@@_ipv6_address@@"
]
],
"root_instance_title": "testing partition 0",
"slap_computer_id": "local",
"slap_computer_partition_id": "T-1",
"slap_software_release_url": "@@00getSoftwareURL@@",
"slap_software_type": "kedifa",
"slave_instance_list": [],
"timestamp": "@@TIMESTAMP@@"
},
{
"_": {
"backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
"cluster-identification": "testing partition 0",
"domain": "example.com",
"extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_enable_cache\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_url\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]",
"frontend-haproxy-flavour": "quic",
"frontend-haproxy-quic": "True",
"frontend-name": "caddy-frontend-1",
"frontend-quic-port": "11443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com",
"monitor-httpd-port": 8411,
"monitor-password": "@@monitor-password@@",
"monitor-username": "admin",
"plain_http_port": "11080",
"port": "11443",
"request-timeout": "12",
"slave-kedifa-information": "{\"_enable_cache\": {\"kedifa-caucase-url\": \"http://[@@_ipv6_address@@]:15090\", \"key-download-url\": \"https://[@@_ipv6_address@@]:15080/@@enable_cache_key-generate-auth-url@@\", \"key-generate-auth-url\": \"https://[@@_ipv6_address@@]:15080/@@enable_cache_key-generate-auth-url@@/@@enable_cache_key-upload-url@@\", \"key-upload-url\": \"https://[@@_ipv6_address@@]:15080/@@enable_cache_key-generate-auth-url@@?auth=\"}, \"_url\": {\"kedifa-caucase-url\": \"http://[@@_ipv6_address@@]:15090\", \"key-download-url\": \"https://[@@_ipv6_address@@]:15080/@@url_key-generate-auth-url@@\", \"key-generate-auth-url\": \"https://[@@_ipv6_address@@]:15080/@@url_key-generate-auth-url@@/@@enable_cache_key-upload-url@@\", \"key-upload-url\": \"https://[@@_ipv6_address@@]:15080/@@url_key-generate-auth-url@@?auth=\"}}"
},
"full_address_list": [],
"instance_title": "caddy-frontend-1",
"ip_list": [
[
"T-2",
"@@_ipv4_address@@"
],
[
"T-2",
"@@_ipv6_address@@"
]
],
"root_instance_title": "testing partition 0",
"slap_computer_id": "local",
"slap_computer_partition_id": "T-2",
"slap_software_release_url": "@@00getSoftwareURL@@",
"slap_software_type": "single-custom-personal",
"slave_instance_list": [],
"timestamp": "@@TIMESTAMP@@"
}
]
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-haproxy.log
T-2/var/log/httpd/_enable_cache_access_log
T-2/var/log/httpd/_enable_cache_backend_log
T-2/var/log/httpd/_url_access_log
T-2/var/log/httpd/_url_backend_log
T-2/var/log/monitor-httpd-access.log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/slave-introspection-access.log
T-2/var/log/slave-introspection-error.log
T-2/var/log/trafficserver/manager.log
...@@ -239,11 +239,10 @@ ...@@ -239,11 +239,10 @@
"backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990", "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
"cluster-identification": "testing partition 0", "cluster-identification": "testing partition 0",
"domain": "example.com", "domain": "example.com",
"enable-http3": "false",
"extra_slave_instance_list": "[{\"custom_domain\": \"customdomainsslcrtsslkey.example.com\", \"slave_reference\": \"_custom_domain_ssl_crt_ssl_key\", \"ssl_crt\": \"@@customdomain_certificate_pem_double@@\", \"ssl_key\": \"@@customdomain_key_pem_double@@\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"custom_domain\": \"customdomainsslcrtsslkeysslcacrt.example.com\", \"slave_reference\": \"_custom_domain_ssl_crt_ssl_key_ssl_ca_crt\", \"ssl_ca_crt\": \"@@ca.certificate_pem_double@@\", \"ssl_crt\": \"@@customdomain_ca_certificate_pem_double@@\", \"ssl_key\": \"@@customdomain_ca_key_pem_double@@\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_ssl_ca_crt_does_not_match\", \"ssl_ca_crt\": \"@@ca.certificate_pem_double@@\", \"ssl_crt\": \"@@certificate_pem_double@@\", \"ssl_key\": \"@@key_pem_double@@\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_ssl_ca_crt_garbage\", \"ssl_ca_crt\": \"some garbage\", \"ssl_crt\": \"@@sslcacrtgarbage_ca_certificate_pem_double@@\", \"ssl_key\": \"@@sslcacrtgarbage_ca_key_pem_double@@\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"enable_cache\": true, \"slave_reference\": \"_ssl_from_master\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_ssl_from_master_kedifa_overrides\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_ssl_from_slave\", \"ssl_crt\": \"@@ssl_from_slave_certificate_pem_double@@\", \"ssl_key\": \"@@ssl_from_slave_key_pem_double@@\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_ssl_from_slave_kedifa_overrides\", \"ssl_crt\": \"@@ssl_from_slave_kedifa_overrides_certificate_pem_double@@\", \"ssl_key\": \"@@ssl_from_slave_kedifa_overrides_key_pem_double@@\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_type-notebook-ssl_from_master\", \"type\": \"notebook\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_type-notebook-ssl_from_master_kedifa_overrides\", \"type\": \"notebook\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_type-notebook-ssl_from_slave\", \"ssl_crt\": \"@@type_notebook_ssl_from_slave_certificate_pem_double@@\", \"ssl_key\": \"@@type_notebook_ssl_from_slave_key_pem_double@@\", \"type\": \"notebook\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_type-notebook-ssl_from_slave_kedifa_overrides\", \"ssl_crt\": \"@@type_notebook_ssl_from_slave_kedifa_overrides_certificate_pem_double@@\", \"ssl_key\": \"@@type_notebook_ssl_from_slave_kedifa_overrides_key_pem_double@@\", \"type\": \"notebook\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]", "extra_slave_instance_list": "[{\"custom_domain\": \"customdomainsslcrtsslkey.example.com\", \"slave_reference\": \"_custom_domain_ssl_crt_ssl_key\", \"ssl_crt\": \"@@customdomain_certificate_pem_double@@\", \"ssl_key\": \"@@customdomain_key_pem_double@@\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"custom_domain\": \"customdomainsslcrtsslkeysslcacrt.example.com\", \"slave_reference\": \"_custom_domain_ssl_crt_ssl_key_ssl_ca_crt\", \"ssl_ca_crt\": \"@@ca.certificate_pem_double@@\", \"ssl_crt\": \"@@customdomain_ca_certificate_pem_double@@\", \"ssl_key\": \"@@customdomain_ca_key_pem_double@@\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_ssl_ca_crt_does_not_match\", \"ssl_ca_crt\": \"@@ca.certificate_pem_double@@\", \"ssl_crt\": \"@@certificate_pem_double@@\", \"ssl_key\": \"@@key_pem_double@@\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_ssl_ca_crt_garbage\", \"ssl_ca_crt\": \"some garbage\", \"ssl_crt\": \"@@sslcacrtgarbage_ca_certificate_pem_double@@\", \"ssl_key\": \"@@sslcacrtgarbage_ca_key_pem_double@@\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"enable_cache\": true, \"slave_reference\": \"_ssl_from_master\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_ssl_from_master_kedifa_overrides\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_ssl_from_slave\", \"ssl_crt\": \"@@ssl_from_slave_certificate_pem_double@@\", \"ssl_key\": \"@@ssl_from_slave_key_pem_double@@\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_ssl_from_slave_kedifa_overrides\", \"ssl_crt\": \"@@ssl_from_slave_kedifa_overrides_certificate_pem_double@@\", \"ssl_key\": \"@@ssl_from_slave_kedifa_overrides_key_pem_double@@\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_type-notebook-ssl_from_master\", \"type\": \"notebook\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_type-notebook-ssl_from_master_kedifa_overrides\", \"type\": \"notebook\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_type-notebook-ssl_from_slave\", \"ssl_crt\": \"@@type_notebook_ssl_from_slave_certificate_pem_double@@\", \"ssl_key\": \"@@type_notebook_ssl_from_slave_key_pem_double@@\", \"type\": \"notebook\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}, {\"slave_reference\": \"_type-notebook-ssl_from_slave_kedifa_overrides\", \"ssl_crt\": \"@@type_notebook_ssl_from_slave_kedifa_overrides_certificate_pem_double@@\", \"ssl_key\": \"@@type_notebook_ssl_from_slave_kedifa_overrides_key_pem_double@@\", \"type\": \"notebook\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]",
"frontend-haproxy-flavour": "basic",
"frontend-haproxy-quic": "False",
"frontend-name": "caddy-frontend-1", "frontend-name": "caddy-frontend-1",
"frontend-quic-port": "443", "http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090", "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@", "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com", "monitor-cors-domains": "monitor.app.officejs.com",
......
...@@ -79,11 +79,10 @@ ...@@ -79,11 +79,10 @@
"backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990", "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
"cluster-identification": "testing partition 0", "cluster-identification": "testing partition 0",
"domain": "example.com", "domain": "example.com",
"enable-http3": "false",
"extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_ssl_from_master_kedifa_overrides_master_certificate\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]", "extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_ssl_from_master_kedifa_overrides_master_certificate\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]",
"frontend-haproxy-flavour": "basic",
"frontend-haproxy-quic": "False",
"frontend-name": "caddy-frontend-1", "frontend-name": "caddy-frontend-1",
"frontend-quic-port": "443", "http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090", "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@", "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com", "monitor-cors-domains": "monitor.app.officejs.com",
......
...@@ -79,11 +79,10 @@ ...@@ -79,11 +79,10 @@
"backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990", "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
"cluster-identification": "testing partition 0", "cluster-identification": "testing partition 0",
"domain": "example.com", "domain": "example.com",
"enable-http3": "false",
"extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_ssl_from_master\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]", "extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_ssl_from_master\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]",
"frontend-haproxy-flavour": "basic",
"frontend-haproxy-quic": "False",
"frontend-name": "caddy-frontend-1", "frontend-name": "caddy-frontend-1",
"frontend-quic-port": "443", "http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090", "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
"master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@", "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
"monitor-cors-domains": "monitor.app.officejs.com", "monitor-cors-domains": "monitor.app.officejs.com",
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment