caddy-frontend: Implement ssl_ca_crt

2c6aa92b · Łukasz Nowak · Łukasz Nowak · 80a311fc · 2c6aa92b · 2c6aa92b
Commit 2c6aa92b authored Nov 20, 2018 by Łukasz Nowak Committed by Łukasz Nowak Nov 20, 2018
4 changed files
--- a/software/caddy-frontend/TODO.rst
+++ b/software/caddy-frontend/TODO.rst
@@ -12,7 +12,6 @@ Generally things to be done with ``caddy-frontend``:
 * ``type:eventsource``:

   * **Jérome Perrin**: *For event source, if I understand https://github.com/mholt/caddy/issues/1355 correctly, we could use caddy as a proxy in front of nginx-push-stream . If we have a "central shared" caddy instance, can it handle keeping connections opens for many clients ?*
- * ``ssl_ca_crt``
 * ``ssl_proxy_ca_crt`` for ``ssl_proxy_verify``, this is related to bug `#1550 <https://github.com/mholt/caddy/issues/1550>`_, proposed solution `just adding your CA to the system's trust store`
 * ``check-error-on-caddy-log`` like ``check-error-on-apache-log``
 * cover test suite like resilient tests for KVM and prove it works the same way as Caddy

--- a/software/caddy-frontend/buildout.hash.cfg
+++ b/software/caddy-frontend/buildout.hash.cfg
@@ -30,7 +30,7 @@ md5sum = a0110d0ec69875946a16ac3a4b269eb8

 [template-slave-list]
 filename = templates/apache-custom-slave-list.cfg.in
-md5sum = a244336f20094c632076d30e4ace2254
+md5sum = d38a5b67b37732e234556fc09e17b1e9

 [template-slave-configuration]
 filename = templates/custom-virtualhost.conf.in
@@ -46,7 +46,7 @@ md5sum = 7c987ad75fcce6f5b925c7696ff41971

 [template-custom-slave-list]
 filename = templates/apache-custom-slave-list.cfg.in
-md5sum = a244336f20094c632076d30e4ace2254
+md5sum = d38a5b67b37732e234556fc09e17b1e9

 [caddy-backend-url-validator]
 filename = templates/caddy-backend-url-validator.in

--- a/software/caddy-frontend/instance-slave-caddy-input-schema.json
+++ b/software/caddy-frontend/instance-slave-caddy-input-schema.json
@@ -141,9 +141,9 @@
    },
    "ssl_ca_crt": {
      "default": "",
-      "description": "[NOT Implemented] Content of the CA certificate file",
+      "description": "Content of the CA certificate file",
      "textarea": true,
-      "title": "[NOT Implemented] SSL Certificate Authority's Certificate",
+      "title": "SSL Certificate Authority's Certificate",
      "type": "string"
    },
    "ssl_crt": {

--- a/software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
+++ b/software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
@@ -189,7 +189,7 @@ extra-context =
 < = jinja2-template-base
 template = {{ empty_template }}
 rendered = {{ cert_file }}
-cert-content = {{ dumps(slave_instance.get('ssl_crt')) }}
+cert-content = {{ dumps(slave_instance.get('ssl_crt') + slave_instance.get('ssl_ca_crt', '') }}
 extra-context =
    key content :cert-content
 {%     endif %}