0k
/
0k-charms
6
3
Fork 2
Code Issues 11 Pull Requests 8 Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
255 Commits
30 Branches
14 Tags
42 MiB
Tree: 3bf728e895
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3bf728e895'
${ noResults }
0k-charms/apache/test/vhost_cert_provider

328 lines
7.4 KiB
Raw Normal View History

new: [letsencrypt] not anymore a daemon.
6 years ago
new: [apache] automatic redirection from ``http`` to ``https``.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
6 years ago
new: [apache] default value for ``ssl``, is first cert-provider if any.
6 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
new: [apache] default value for ``ssl``, is first cert-provider if any.
6 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
6 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
6 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
6 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
6 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
6 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
6 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
6 years ago
new: [apache] automatic redirection from ``http`` to ``https``.
6 years ago
fix: [apache] avoid leaking stopped container when launching letsencrypt creation.
6 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
6 years ago
  1. #!/bin/bash
  3. exname=$(basename $0)
  5. prefix_cmd="
  6. . /etc/shlib
  8. include common
  9. include parse
  11. . ../lib/common
  13. depends compose
  15. "
  17. ##
  18. ## Mocks
  19. ##
  21. relation-get() {
  22. local key="$1"
  23. echo "$CFG" | shyaml get-value "$key" 2>/dev/null
  24. }
  25. export -f relation-get
  27. relation-set() {
  28. local key="$1" value="$2"
  29. echo "relation-set $key:" >&2
  30. echo "$value" | prefix " | " >&2
  31. }
  32. export -f relation-set
  34. cfg-get-value() {
  35. local key="$1"
  36. shyaml get-value "$key" 2>/dev/null
  37. }
  38. export -f cfg-get-value
  40. get_service_relations() {
  41. printf "%s\0" "${RELATIONS[@]}"
  42. }
  43. export -f get_service_relations
  45. merge_yaml_str() {
  46. local arg_hash="$(H "$@" | cut -c -16)"
  47. local i
  48. echo "Calling: merge_yaml_str" >&2
  49. ((i=0))
  50. for arg in "$@"; do
  51. echo " arg$((i++)):"
  52. echo "$arg" | prefix " | "
  53. done >&2
  54. echo " H> $arg_hash" >&2
  55. while read-0 h res; do
  56. if [[ "$arg_hash" == "$h" ]]; then
  57. echo "Mock hash matched, returning:" >&2
  58. echo "$res" | prefix " | " >&2
  59. echo "$res"
  60. return 0
  61. fi
  62. done < <(e "$MERGE_YAML_STR" | shyaml key-values-0)
  63. printf "<merge_yaml_str("
  64. printf "'%s', " "$@"
  65. printf ")>"
  66. }
  67. export -f merge_yaml_str
  69. compose() {
  70. printf "Calling: compose "
  71. printf "%s " "$*"
  72. echo
  73. }
  74. export -f compose
  76. yaml_key_val_str() {
  77. printf "%s: %s" "$1" "$2"
  78. }
  79. export -f yaml_key_val_str
  82. yaml_get_interpret() {
  83. shyaml get-value
  84. }
  85. export -f yaml_get_interpret
  87. file_put() {
  88. echo "file_put $1"
  89. cat - | prefix " | "
  90. }
  91. export -f file_put
  93. docker() {
  94. echo "docker" "$@"
  95. echo stdin:
  96. cat - | prefix " | "
  97. }
  98. export -f docker
  100. config-add() {
  101. echo "config-add"
  102. echo "$1" | prefix " | "
  103. }
  104. export -f config-add
  106. mkdir() {
  107. echo "called: $FUNCNAME $@" >&2
  108. }
  109. export -f mkdir
  111. setfacl() {
  112. echo "called: $FUNCNAME $@" >&2
  113. }
  114. export -f setfacl
  116. chgrp() {
  117. echo "called: $FUNCNAME $@" >&2
  118. }
  119. export -f chgrp
  121. chmod() {
  122. echo "called: $FUNCNAME $@" >&2
  123. }
  124. export -f chmod
  127. cached_cmd_on_base_image() {
  128. echo "called: $FUNCNAME $@" >&2
  129. echo "stdout:" >&2
  130. echo "<GID>" | prefix " | " >&2
  131. echo "<GID>"
  132. }
  133. export -f cached_cmd_on_base_image
  136. ##
  137. ## cert-provider
  138. ##
  141. try "
  142. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  143. export CONFIGSTORE='\$CONFIGSTORE'
  144. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  145. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  146. RELATIONS=()
  147. apache_vhost_create publish_dir '
  148. domain: www.example.com
  149. ssl:
  150. foo: |
  151. a
  152. b
  153. '
  154. " "unknown cert key"
  155. is errlvl 1
  156. is err reg 'Error: .*cert-provider.*'
  159. try "
  160. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  161. export CONFIGSTORE='\$CONFIGSTORE'
  162. export DATASTORE='\$DATASTORE'
  163. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  164. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  165. CFG='
  166. domain: www.example.com
  167. ssl:
  168. foo: 12
  169. '
  170. ADDITION='
  171. apache-custom-rules:
  172. - |
  173. ## Auto-redirection from http to https
  174. RewriteEngine On
  175. RewriteCond %{HTTPS} off
  176. RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]'
  177. MERGE_YAML_STR=\"
  178. 3e417c2db15450f3: |
  179. \$(echo \"\$CFG\" | prefix ' ')
  180. \$(echo \"\$ADDITION\" | prefix ' ')
  181. \"
  182. RELATIONS=(cert-provider foo a True)
  183. apache_vhost_create publish_dir \"\$CFG\"
  184. " "known cert key"
  185. is errlvl 0
  186. is err part "\
  187. relation-set apache-custom-rules:
  188. | - |
  189. | ## Auto-redirection from http to https
  190. | RewriteEngine On
  191. | RewriteCond %{HTTPS} off
  192. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  193. |"
  194. is out reg 'Calling: compose .*foo: options: <merge_yaml_str\(.a., .12., )>.*run --rm --service-ports foo.*'
  195. is out part 'config-add
  196. | services:
  197. | $MASTER_TARGET_SERVICE_NAME:
  198. | volumes:
  199. | - $DATASTORE/foo/etc/letsencrypt:/etc/letsencrypt:ro'
  200. is out part '
  201. | ## Auto-redirection from http to https
  202. | RewriteEngine On
  203. | RewriteCond %{HTTPS} off
  204. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  205. '
  209. try "
  210. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  211. export CONFIGSTORE='\$CONFIGSTORE'
  212. export DATASTORE='\$DATASTORE'
  213. export SERVICE_NAME='\$SERVICE_NAME'
  214. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  215. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  216. RELATIONS=(cert-provider foo a True)
  217. CFG='
  218. domain: www.example.com
  219. server-aliases:
  220. ssl:
  221. foo: 12
  222. '
  223. ADDITION='
  224. apache-custom-rules:
  225. - |
  226. ## Auto-redirection from http to https
  227. RewriteEngine On
  228. RewriteCond %{HTTPS} off
  229. RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]'
  230. MERGE_YAML_STR=\"
  231. d186e0ae74640f6d: |
  232. \$(echo \"\$CFG\" | prefix ' ')
  233. \$(echo \"\$ADDITION\" | prefix ' ')
  234. \"
  235. apache_vhost_create publish_dir \"\$CFG\"
  236. " "known cert key - empty server-aliases"
  237. is errlvl 0
  238. is err part "\
  239. relation-set apache-custom-rules:
  240. | - |
  241. | ## Auto-redirection from http to https
  242. | RewriteEngine On
  243. | RewriteCond %{HTTPS} off
  244. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  245. |"
  246. is out reg 'Calling: compose .*foo: options: <merge_yaml_str\(.a., .12., )>.*run --rm --service-ports foo crt create www.example.com\s*
  247. ' RTRIM
  248. is out part 'config-add
  249. | services:
  250. | $MASTER_TARGET_SERVICE_NAME:
  251. | volumes:
  252. | - $DATASTORE/foo/etc/letsencrypt:/etc/letsencrypt:ro'
  253. is out part 'file_put $SERVICE_CONFIGSTORE/etc/apache2/sites-enabled/www.example.com.conf
  254. | <VirtualHost *:80>
  255. |
  256. | ServerAdmin contact@www.example.com
  257. | ServerName www.example.com
  258. |
  259. | ServerSignature Off' RTRIM
  260. is out part '
  261. | ## Auto-redirection from http to https
  262. | RewriteEngine On
  263. | RewriteCond %{HTTPS} off
  264. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  265. '
  268. try "
  269. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  270. export CONFIGSTORE='\$CONFIGSTORE'
  271. export DATASTORE='\$DATASTORE'
  272. export SERVICE_NAME='\$SERVICE_NAME'
  273. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  274. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  275. RELATIONS=(cert-provider foo a True)
  276. CFG='
  277. domain: www.example.com
  278. server-aliases:
  279. - example.fr
  280. - example.de
  281. ssl:
  282. foo: 12
  283. '
  284. ADDITION='
  285. apache-custom-rules:
  286. - |
  287. ## Auto-redirection from http to https
  288. RewriteEngine On
  289. RewriteCond %{HTTPS} off
  290. RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]'
  291. MERGE_YAML_STR=\"
  292. fcab3acadc661133: |
  293. \$(echo \"\$CFG\" | prefix ' ')
  294. \$(echo \"\$ADDITION\" | prefix ' ')
  295. \"
  296. apache_vhost_create publish_dir \"\$CFG\"
  298. " "known cert key - multiple server-aliases"
  299. is errlvl 0
  300. is err part "\
  301. relation-set apache-custom-rules:
  302. | - |
  303. | ## Auto-redirection from http to https
  304. | RewriteEngine On
  305. | RewriteCond %{HTTPS} off
  306. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  307. |"
  308. is out reg 'Calling: compose .*foo: options: <merge_yaml_str\(.a., .12., )>.*run --rm --service-ports foo crt create www.example.com example.fr example.de\s+
  309. '
  310. is out part 'config-add
  311. | services:
  312. | $MASTER_TARGET_SERVICE_NAME:
  313. | volumes:
  314. | - $DATASTORE/foo/etc/letsencrypt:/etc/letsencrypt:ro'
  315. is out part 'file_put $SERVICE_CONFIGSTORE/etc/apache2/sites-enabled/www.example.com.conf
  316. | <VirtualHost *:80>
  317. |
  318. | ServerAdmin contact@www.example.com
  319. | ServerName www.example.com
  320. | ServerAlias example.fr
  321. | ServerAlias example.de
  322. | ServerSignature Off' RTRIM
  323. is out part '
  324. | ## Auto-redirection from http to https
  325. | RewriteEngine On
  326. | RewriteCond %{HTTPS} off
  327. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  328. '