0k
/
0k-charms
6
3
Fork 2
Code Issues 11 Pull Requests 5 Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
267 Commits
27 Branches
14 Tags
41 MiB
Tree: 6ac5bf3656
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6ac5bf3656'
${ noResults }
0k-charms/apache/test/vhost_cert_provider

338 lines
7.5 KiB
Raw Normal View History

new: [letsencrypt] not anymore a daemon.
6 years ago
new: dev: [apache] support when called out from a relation. This is to support ``ssh-tunnel`` that will be called from ``init``.
5 years ago
new: [apache] automatic redirection from ``http`` to ``https``.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
5 years ago
new: [apache] default value for ``ssl``, is first cert-provider if any.
6 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
new: [apache] default value for ``ssl``, is first cert-provider if any.
6 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
5 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
5 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
new: dev: [apache] use only ``init-config-add``.
5 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] caching some function in library
5 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
5 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
5 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
new: dev: [apache] use only ``init-config-add``.
5 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
5 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
5 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
5 years ago
new: [apache] automatic redirection from ``http`` to ``https``.
6 years ago
fix: [letsencrypt] use action ``crt {renew,create}`` to manage properly renewal.
5 years ago
new: [letsencrypt] not anymore a daemon.
6 years ago
new: dev: [apache] use only ``init-config-add``.
5 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
5 years ago
fix: [letsencrypt] use action ``crt {renew,create}`` to manage properly renewal.
5 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
5 years ago
new: dev: [apache] use only ``init-config-add``.
5 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
5 years ago
fix: [letsencrypt] use action ``crt {renew,create}`` to manage properly renewal.
5 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
5 years ago
new: dev: [apache] use only ``init-config-add``.
5 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
5 years ago
new: dev: [apache] allow empty domain to make default site entry.
5 years ago
chg: dev: [apache] rewrite internal library to avoid global vars.
5 years ago
  1. #!/bin/bash
  3. exname=$(basename $0)
  5. prefix_cmd="
  6. . /etc/shlib
  8. include common
  9. include parse
  11. . ../lib/common
  13. depends compose
  15. "
  17. ##
  18. ## Mocks
  19. ##
  21. relation-get() {
  22. local key="$1"
  23. echo "$CFG" | shyaml get-value "$key" 2>/dev/null
  24. }
  25. export -f relation-get
  27. export RELATION_DATA_FILE=x
  28. relation-set() {
  29. local key="$1" value="$2"
  30. echo "relation-set $key:" >&2
  31. echo "$value" | prefix " | " >&2
  32. }
  33. export -f relation-set
  35. cfg-get-value() {
  36. local key="$1"
  37. shyaml get-value "$key" 2>/dev/null
  38. }
  39. export -f cfg-get-value
  41. get_service_relations() {
  42. printf "%s\0" "${RELATIONS[@]}"
  43. }
  44. export -f get_service_relations
  46. merge_yaml_str() {
  47. local arg_hash="$(H "$@" | cut -c -16)"
  48. local i
  49. echo "Calling: merge_yaml_str" >&2
  50. ((i=0))
  51. for arg in "$@"; do
  52. echo " arg$((i++)):"
  53. echo "$arg" | prefix " | "
  54. done >&2
  55. echo " H> $arg_hash" >&2
  56. while read-0 h res; do
  57. if [[ "$arg_hash" == "$h" ]]; then
  58. echo "Mock hash matched, returning:" >&2
  59. echo "$res" | prefix " | " >&2
  60. echo "$res"
  61. return 0
  62. fi
  63. done < <(e "$MERGE_YAML_STR" | shyaml key-values-0)
  64. printf "<merge_yaml_str("
  65. printf "'%s', " "$@"
  66. printf ")>"
  67. }
  68. export -f merge_yaml_str
  70. compose() {
  71. printf "Calling: compose "
  72. printf "%s " "$*"
  73. echo
  74. }
  75. export -f compose
  77. yaml_key_val_str() {
  78. printf "%s: %s" "$1" "$2"
  79. }
  80. export -f yaml_key_val_str
  83. yaml_get_interpret() {
  84. shyaml get-value
  85. }
  86. export -f yaml_get_interpret
  88. file_put() {
  89. echo "file_put $1"
  90. cat - | prefix " | "
  91. }
  92. export -f file_put
  94. docker() {
  95. echo "docker" "$@"
  96. echo stdin:
  97. cat - | prefix " | "
  98. }
  99. export -f docker
  101. config-add() {
  102. echo "config-add"
  103. echo "$1" | prefix " | "
  104. }
  105. export -f config-add
  107. init-config-add() {
  108. echo "config-add"
  109. echo "$1" | prefix " | "
  110. }
  111. export -f init-config-add
  113. mkdir() {
  114. echo "called: $FUNCNAME $@" >&2
  115. }
  116. export -f mkdir
  118. setfacl() {
  119. echo "called: $FUNCNAME $@" >&2
  120. }
  121. export -f setfacl
  123. chgrp() {
  124. echo "called: $FUNCNAME $@" >&2
  125. }
  126. export -f chgrp
  128. chmod() {
  129. echo "called: $FUNCNAME $@" >&2
  130. }
  131. export -f chmod
  134. cached_cmd_on_base_image() {
  135. echo "called: $FUNCNAME $@" >&2
  136. echo "stdout:" >&2
  137. echo "<GID>" | prefix " | " >&2
  138. echo "<GID>"
  139. }
  140. export -f cached_cmd_on_base_image
  143. export state_tmpdir=$(mktemp -d -t tmp.XXXXXXXXXX)
  144. trap "rm -rf \"$state_tmpdir\"" EXIT
  147. ##
  148. ## cert-provider
  149. ##
  152. try "
  153. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  154. export CONFIGSTORE='\$CONFIGSTORE'
  155. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  156. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  157. RELATIONS=()
  158. apache_vhost_create publish_dir '
  159. domain: www.example.com
  160. ssl:
  161. foo: |
  162. a
  163. b
  164. '
  165. " "unknown cert key"
  166. is errlvl 1
  167. is err reg 'Error: .*cert-provider.*'
  170. try "
  171. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  172. export CONFIGSTORE='\$CONFIGSTORE'
  173. export DATASTORE='\$DATASTORE'
  174. export SERVICE_NAME='\$SERVICE_NAME'
  175. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  176. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  177. CFG='
  178. domain: www.example.com
  179. ssl:
  180. foo: 12
  181. '
  182. ADDITION='
  183. apache-custom-rules:
  184. - |
  185. ## Auto-redirection from http to https
  186. RewriteEngine On
  187. RewriteCond %{HTTPS} off
  188. RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]'
  189. MERGE_YAML_STR=\"
  190. 3e417c2db15450f3: |
  191. \$(echo \"\$CFG\" | prefix ' ')
  192. \$(echo \"\$ADDITION\" | prefix ' ')
  193. \"
  194. RELATIONS=(cert-provider foo a True)
  195. apache_vhost_create publish_dir \"\$CFG\"
  196. " "known cert key"
  197. is errlvl 0
  198. is err part "\
  199. relation-set apache-custom-rules:
  200. | - |
  201. | ## Auto-redirection from http to https
  202. | RewriteEngine On
  203. | RewriteCond %{HTTPS} off
  204. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  205. |"
  206. is out reg 'Calling: compose .*foo: options: <merge_yaml_str\(.a., .12., )>.*crt foo create www.example.com'
  207. is out part 'config-add
  208. | $SERVICE_NAME:
  209. | volumes:
  210. | - $DATASTORE/foo/etc/letsencrypt:/etc/letsencrypt:ro'
  211. is out part '
  212. | ## Auto-redirection from http to https
  213. | RewriteEngine On
  214. | RewriteCond %{HTTPS} off
  215. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  216. '
  220. try "
  221. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  222. export CONFIGSTORE='\$CONFIGSTORE'
  223. export DATASTORE='\$DATASTORE'
  224. export SERVICE_NAME='\$SERVICE_NAME'
  225. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  226. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  227. RELATIONS=(cert-provider foo a True)
  228. CFG='
  229. domain: www.example.com
  230. server-aliases:
  231. ssl:
  232. foo: 12
  233. '
  234. ADDITION='
  235. apache-custom-rules:
  236. - |
  237. ## Auto-redirection from http to https
  238. RewriteEngine On
  239. RewriteCond %{HTTPS} off
  240. RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]'
  241. MERGE_YAML_STR=\"
  242. d186e0ae74640f6d: |
  243. \$(echo \"\$CFG\" | prefix ' ')
  244. \$(echo \"\$ADDITION\" | prefix ' ')
  245. \"
  246. apache_vhost_create publish_dir \"\$CFG\"
  247. " "known cert key - empty server-aliases"
  248. is errlvl 0
  249. is err part "\
  250. relation-set apache-custom-rules:
  251. | - |
  252. | ## Auto-redirection from http to https
  253. | RewriteEngine On
  254. | RewriteCond %{HTTPS} off
  255. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  256. |"
  257. is out reg 'Calling: compose .*foo: options: <merge_yaml_str\(.a., .12., )>.*crt foo create www.example.com\s+
  258. '
  259. is out part 'config-add
  260. | $SERVICE_NAME:
  261. | volumes:
  262. | - $DATASTORE/foo/etc/letsencrypt:/etc/letsencrypt:ro'
  263. is out part 'file_put $SERVICE_CONFIGSTORE/etc/apache2/sites-enabled/www.example.com.conf
  264. | <VirtualHost *:80>
  265. |
  266. | ServerAdmin contact@www.example.com
  267. | ServerName www.example.com
  268. |
  269. | ServerSignature Off' RTRIM
  270. is out part '
  271. | ## Auto-redirection from http to https
  272. | RewriteEngine On
  273. | RewriteCond %{HTTPS} off
  274. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  275. '
  278. try "
  279. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  280. export CONFIGSTORE='\$CONFIGSTORE'
  281. export DATASTORE='\$DATASTORE'
  282. export SERVICE_NAME='\$SERVICE_NAME'
  283. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  284. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  285. RELATIONS=(cert-provider foo a True)
  286. CFG='
  287. domain: www.example.com
  288. server-aliases:
  289. - example.fr
  290. - example.de
  291. ssl:
  292. foo: 12
  293. '
  294. ADDITION='
  295. apache-custom-rules:
  296. - |
  297. ## Auto-redirection from http to https
  298. RewriteEngine On
  299. RewriteCond %{HTTPS} off
  300. RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]'
  301. MERGE_YAML_STR=\"
  302. fcab3acadc661133: |
  303. \$(echo \"\$CFG\" | prefix ' ')
  304. \$(echo \"\$ADDITION\" | prefix ' ')
  305. \"
  306. apache_vhost_create publish_dir \"\$CFG\"
  308. " "known cert key - multiple server-aliases"
  309. is errlvl 0
  310. is err part "\
  311. relation-set apache-custom-rules:
  312. | - |
  313. | ## Auto-redirection from http to https
  314. | RewriteEngine On
  315. | RewriteCond %{HTTPS} off
  316. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  317. |"
  318. is out reg 'Calling: compose .*foo: options: <merge_yaml_str\(.a., .12., )>.*crt foo create www.example.com example.fr example.de\s+
  319. '
  320. is out part 'config-add
  321. | $SERVICE_NAME:
  322. | volumes:
  323. | - $DATASTORE/foo/etc/letsencrypt:/etc/letsencrypt:ro'
  324. is out part 'file_put $SERVICE_CONFIGSTORE/etc/apache2/sites-enabled/www.example.com.conf
  325. | <VirtualHost *:80>
  326. |
  327. | ServerAdmin contact@www.example.com
  328. | ServerName www.example.com
  329. | ServerAlias example.fr
  330. | ServerAlias example.de
  331. |
  332. | ServerSignature Off' RTRIM
  333. is out part '
  334. | ## Auto-redirection from http to https
  335. | RewriteEngine On
  336. | RewriteCond %{HTTPS} off
  337. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  338. '