Add hack to allow nginx to communicate with zimbra-kvm.

parent 7735ef7e
...@@ -33,11 +33,11 @@ if not os.path.exists(disk_path): ...@@ -33,11 +33,11 @@ if not os.path.exists(disk_path):
disk_path, '%(disk_size)sG']) disk_path, '%(disk_size)sG'])
# Generate NAT rules # Generate NAT rules
nat_rules = ",".join("hostfwd=tcp:%(vnc_ip)s:%%s-:%%s" %% (port, port) for port in [25, 80, 110, 143, 443, 465, 587, 993, 995, 7071]) nat_rules = 'hostfwd=tcp:%(vnc_ip)s:2222-:22,hostfwd=tcp:%(vnc_ip)s:2525-:25,' + ','.join("hostfwd=tcp:%(vnc_ip)s:%%s-:%%s" %% (port, port) for port in [80, 110, 143, 443, 465, 587, 993, 995, 7071])
kvm_argument_list = ['%(qemu_path)s', kvm_argument_list = ['%(qemu_path)s',
'-enable-kvm', '-net', 'nic,macaddr=%(mac_address)s', '-enable-kvm', '-net', 'nic,macaddr=%(mac_address)s',
'-net', 'user,hostfwd=tcp:%(vnc_ip)s:2222-:22,%%s' %% nat_rules, '-net', 'user,%%s' %% nat_rules,
'-smp', '%(smp_count)s', '-smp', '%(smp_count)s',
'-m', '%(ram_size)s', '-m', '%(ram_size)s',
'-drive', 'file=%(disk_path)s,if=%(disk_type)s', '-drive', 'file=%(disk_path)s,if=%(disk_type)s',
......
...@@ -8,6 +8,7 @@ parts = ...@@ -8,6 +8,7 @@ parts =
certificate-authority certificate-authority
request-web-frontend request-web-frontend
kvm-promise kvm-promise
tunnel-ipv6-reverse-proxy
tunnel-ipv6-kvm-https tunnel-ipv6-kvm-https
tunnel-ipv6-kvm-ssh tunnel-ipv6-kvm-ssh
tunnel-ipv6-kvm-zimbra-admin tunnel-ipv6-kvm-zimbra-admin
...@@ -226,7 +227,21 @@ slave = true ...@@ -226,7 +227,21 @@ slave = true
config = smtp-upstream-host smtp-upstream-port config = smtp-upstream-host smtp-upstream-port
config-smtp-upstream-host = $${tunnel-ipv6-kvm-smtp:ipv6} config-smtp-upstream-host = $${tunnel-ipv6-kvm-smtp:ipv6}
config-smtp-upstream-port = $${tunnel-ipv6-kvm-smtp:ipv6-port} config-smtp-upstream-port = $${tunnel-ipv6-kvm-smtp:ipv6-port}
return = listening-ipv4 return = listening-ipv4 listening-ipv6
# Qemu doesn't support IPv6 in user-mode network.
# Solution: tunnel ipv6 of smtp reverse proxy to local ipv4 so that guest
# inside of KVM can connect to it.
[tunnel-ipv6-reverse-proxy]
recipe = slapos.cookbook:ipv4toipv6
ipv6 = $${request-smtp-frontend:connection-listening-ipv6}
ipv6-port = 25
ipv4 = $${slap-network-information:local-ipv4}
ipv4-port = 25
shell-path = ${dash:location}/bin/dash
6tunnel-path = ${6tunnel:location}/bin/6tunnel
runner-path = $${directory:services}/6tunnel-https
[publish-kvm-connection-information] [publish-kvm-connection-information]
recipe = slapos.cookbook:publish recipe = slapos.cookbook:publish
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment