GitLab

Menu

Projects Groups Snippets

Help
Sign in / Register

slapos
Project information
- Project information
- Activity
- Labels
- Members
Repository
- Repository
- Files
- Commits
- Branches
- Tags
- Contributors
- Graph
- Compare
Merge requests 125
- Merge requests 125
CI/CD
- CI/CD
- Pipelines
- Jobs
- Schedules
Deployments
- Deployments
- Environments
- Releases
Analytics
- Analytics
- Value stream
- CI/CD
- Repository
Snippets
- Snippets
Activity
Graph
Jobs
Commits

Collapse sidebar

nexedi
slapos
Merge requests
!312

Merged

Created Apr 04, 2018 by Łukasz Nowak @lukeMaintainer55 of 55 tasks completed55/55 tasks

Caddy frontend

Overview 63
Commits 32
Changes 125

Caddy frontend like Apache frontend.

Test Result: Completed 20180628-5CD45531

Important: Just before merge the software/erp5testnode/testsuite/caddy-frontend/software.cfg has to adapted to proper branch.

Tasks:

bugs:
- changes in bin/caddy-wrapper are NOT taken into account during graceful reload!! Fixed by commit "caddy-frontend: Simplify Caddy wrappers"
master:
- https://u:p@IPV4/server-status
  - something similar can be achieved with expvars and pprof Caddy http directives
- working master partition
- public-ipv4
- ~~ip-read-limit~~ --> was needed by mod_antiloris, not needed
- ~~mpm-server-limit~~
- ~~mpm-max-clients~~
- ~~mpm-start-servers~~
- ~~mpm-thread-per-child~~
- mpm-graceful-shutdown-timeout
- enable-http2-by-default
- re6st-verification-url
- apache-key
- apache-certificate
- domain
- nginx-domain
slaves:
- Header edit Set-Cookie "(?i)^(.+);secure$" "$1" --> REMOVE!!
  - in case if backend will do Set-Cookie: secured=value;secure the system shall rewrite it on HTTP channel to Set-Cookie: secured=value, but leave as is on HTTPS channel
- type:default
- type:zope
  - beware of multiple slashes issue https://github.com/mholt/caddy/issues/1298
- type:notebook
- type:redirect
url
https-url
custom_domain
server-alias
path
default-path
ssl_crt
ssl_key
https-only
monitor-ipv6-test
monitor-ipv4-test
re6st-optimal-test
enable-http2
virtualhostroot-http-port
virtualhostroot-https-port
ssl-proxy-verify
varia
- expose Caddy on IPv6, see: https://github.com/mholt/caddy/issues/864
  - possibly 6tunnel can be handy in this case
- allow to access log files with user/password protection
  - Beware: basic auth in caddyfile differs: https://github.com/mholt/caddy/issues/1142 and https://github.com/mholt/caddy/issues/1526
  - cover it with test
  - log and error to global file
- control Caddy's logrotate in explicit way -- using logrotate package or internal Caddy log rotiation
- monitoring and promises:
- Support to raw https/http (where user can enter the configuration himself) (slave)
  - apache_custom_http
  - apache_custom_https
- Have Traffic Server on it. (Replicant)
  - enable_cache
  - disable-no-cache-request
  - disable-via-header
- Has to have the same "apache replication" structure
  - -frontend-authorized-slave-string
  - -frontend-quantity
- have tests written against apache-frontend and caddy-frontend (same code mostly!), running on Nexedi's continous integration
typos:
- test_slave_apache_custom_http_s_accpeted
- getInstanceParmeterDict
- review all!

Post-MR todos are in TODO

Assignee

Assign to

Reviewer

Request review from

Time tracking

Source branch: caddy-frontend

GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7