You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

350 lines
7.1 KiB

  1. #!/bin/bash
  2. exname=$(basename $0)
  3. prefix_cmd="
  4. . /etc/shlib
  5. include common
  6. include parse
  7. . ../lib/common
  8. "
  9. # mock
  10. relation-get() {
  11. local key="$1"
  12. echo "$CFG" | shyaml get-value "$key" 2>/dev/null
  13. }
  14. export -f relation-get
  15. cfg-get-value() {
  16. local key="$1"
  17. shyaml get-value "$key" 2>/dev/null
  18. }
  19. export -f cfg-get-value
  20. get_service_relations() {
  21. printf "%s\0" "${RELATIONS[@]}"
  22. }
  23. export -f get_service_relations
  24. export state_tmpdir=$(mktemp -d -t tmp.XXXXXXXXXX)
  25. trap "rm -rf \"$state_tmpdir\"" EXIT
  26. ##
  27. ## Tests
  28. ##
  29. try "
  30. apache_vhost_statement publish_dir ,http, '\
  31. domain: www.example.com
  32. '"
  33. noerror
  34. is out '<VirtualHost *:80>
  35. ServerAdmin contact@www.example.com
  36. ServerName www.example.com
  37. ServerSignature Off
  38. CustomLog /var/log/apache2/www.example.com_access.log combined
  39. ErrorLog /var/log/apache2/www.example.com_error.log
  40. ErrorLog syslog:local2
  41. ##
  42. ## Publish directory /var/www/www.example.com
  43. ##
  44. DocumentRoot /var/www/www.example.com
  45. <Directory />
  46. Options FollowSymLinks
  47. AllowOverride None
  48. </Directory>
  49. <Directory /var/www/www.example.com>
  50. Options Indexes FollowSymLinks MultiViews
  51. AllowOverride all
  52. Allow from all
  53. </Directory>
  54. ## Forbid any cache, this is only usefull on dev server.
  55. #Header set Cache-Control "no-cache"
  56. #Header set Access-Control-Allow-Origin "*"
  57. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  58. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  59. </VirtualHost>' RTRIM
  60. ##
  61. ## Aliases
  62. ##
  63. try "
  64. apache_vhost_statement publish_dir ,http, '
  65. domain: www.example.com
  66. server-aliases:
  67. - toto
  68. '"
  69. noerror
  70. is out reg 'ServerAlias toto'
  71. try "
  72. apache_vhost_statement publish_dir ,http, '
  73. domain: www.example.com
  74. server-aliases:
  75. - toto
  76. - titi
  77. '"
  78. noerror
  79. is out reg 'ServerAlias toto'
  80. is out reg 'ServerAlias titi'
  81. ##
  82. ## Creds
  83. ##
  84. try "
  85. apache_vhost_statement publish_dir ,http, '
  86. domain: www.example.com
  87. '
  88. " "credentials allow all"
  89. noerror
  90. is out reg 'Allow from all'
  91. try "
  92. apache_vhost_statement publish_dir ,http, '
  93. domain: www.example.com
  94. creds:
  95. toto: xxx
  96. titi: yyy
  97. '
  98. " "credentials with basic auth user/pass"
  99. noerror
  100. is out reg 'AuthType basic'
  101. is out reg 'Require valid-user'
  102. ##
  103. ## proxy
  104. ##
  105. try "
  106. apache_vhost_statement web_proxy ,http, '
  107. domain: www.example.com
  108. target: popo:3333
  109. creds:
  110. toto: titi
  111. '
  112. " "proxy explicit target"
  113. noerror
  114. is out reg 'ProxyPass / http://popo:3333/'
  115. is out part '
  116. <Location / >
  117. AuthType basic
  118. AuthName "private"
  119. AuthUserFile /etc/apache2/sites-enabled/www.example.com.passwd
  120. Require valid-user
  121. ProxyPassReverse /
  122. </Location>
  123. '
  124. ##
  125. ## ssl
  126. ##
  127. try "
  128. apache_vhost_statement web_proxy ,https, '
  129. domain: www.example.com
  130. ssl: true
  131. target: popo:3333
  132. '
  133. " "ssl default generation (ssl-cert-snakeoil)"
  134. noerror
  135. is out reg 'VirtualHost \*:443'
  136. is out reg '<IfModule mod_ssl.c>'
  137. is out reg 'SSLEngine On'
  138. is out reg 'SSLProxyEngine On'
  139. is out reg 'ssl-cert-snakeoil'
  140. is out reg 'CustomLog /var/log/apache2/s-www.example.com_access.log combined'
  141. try "
  142. RELATIONS=()
  143. apache_vhost_statement web_proxy ,https, '
  144. domain: www.example.com
  145. ssl:
  146. ca-cert: a
  147. key: b
  148. cert: c
  149. target: popo:3333
  150. '
  151. " "ssl providing keys inline"
  152. noerror
  153. is out reg 'SSLCertificateFile /etc/ssl/certs/www.example.com.pem'
  154. is out reg 'SSLCertificateKeyFile /etc/ssl/private/www.example.com.key'
  155. is out reg 'SSLCACertificateFile /etc/ssl/certs/www.example.com-ca.pem'
  156. ##
  157. ## CustomRules
  158. ##
  159. try "
  160. apache_vhost_statement web_proxy ,https, '
  161. domain: www.example.com
  162. ssl:
  163. ca-cert: a
  164. key: b
  165. cert: c
  166. apache-custom-rules: |
  167. RewriteEngine On
  168. RewriteCond %{QUERY_STRING} !skin=formanoo
  169. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  170. target: popo:3333
  171. '
  172. " "custom rules"
  173. noerror
  174. is out reg 'RewriteEngine On'
  175. ##
  176. ## double def
  177. ##
  178. try "
  179. apache_vhost_statement web_proxy ,https,http, '
  180. domain: www.example.com
  181. ssl:
  182. ca-cert: a
  183. key: b
  184. cert: c
  185. apache-custom-rules: |
  186. RewriteEngine On
  187. RewriteCond %{QUERY_STRING} !skin=formanoo
  188. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  189. target: popo:3333
  190. '
  191. " "both http and https"
  192. noerror
  193. is out '<VirtualHost *:80>
  194. ServerAdmin contact@www.example.com
  195. ServerName www.example.com
  196. ServerSignature Off
  197. CustomLog /var/log/apache2/www.example.com_access.log combined
  198. ErrorLog /var/log/apache2/www.example.com_error.log
  199. ErrorLog syslog:local2
  200. ##
  201. ## Custom rules
  202. ##
  203. RewriteEngine On
  204. RewriteCond %{QUERY_STRING} !skin=formanoo
  205. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  206. ##
  207. ## Proxy declaration towards popo:3333
  208. ##
  209. <IfModule mod_proxy.c>
  210. ProxyRequests Off
  211. <Proxy *>
  212. Order deny,allow
  213. Allow from all
  214. </Proxy>
  215. ProxyVia On
  216. ProxyPass / http://popo:3333/ retry=0
  217. <Location / >
  218. Allow from all
  219. ProxyPassReverse /
  220. </Location>
  221. </IfModule>
  222. RequestHeader set "X-Forwarded-Proto" "http"
  223. ## Fix IE problem (httpapache proxy dav error 408/409)
  224. SetEnv proxy-nokeepalive 1
  225. ## Forbid any cache, this is only usefull on dev server.
  226. #Header set Cache-Control "no-cache"
  227. #Header set Access-Control-Allow-Origin "*"
  228. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  229. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  230. </VirtualHost>
  231. <IfModule mod_ssl.c>
  232. <VirtualHost *:443>
  233. ServerAdmin contact@www.example.com
  234. ServerName www.example.com
  235. ServerSignature Off
  236. CustomLog /var/log/apache2/s-www.example.com_access.log combined
  237. ErrorLog /var/log/apache2/s-www.example.com_error.log
  238. ErrorLog syslog:local2
  239. ##
  240. ## Custom rules
  241. ##
  242. RewriteEngine On
  243. RewriteCond %{QUERY_STRING} !skin=formanoo
  244. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  245. ##
  246. ## Proxy declaration towards popo:3333
  247. ##
  248. <IfModule mod_proxy.c>
  249. ProxyRequests Off
  250. <Proxy *>
  251. Order deny,allow
  252. Allow from all
  253. </Proxy>
  254. ProxyVia On
  255. ProxyPass / http://popo:3333/ retry=0
  256. <Location / >
  257. Allow from all
  258. ProxyPassReverse /
  259. </Location>
  260. SSLProxyEngine On
  261. </IfModule>
  262. RequestHeader set "X-Forwarded-Proto" "https"
  263. ## Fix IE problem (httpapache proxy dav error 408/409)
  264. SetEnv proxy-nokeepalive 1
  265. ## Forbid any cache, this is only usefull on dev server.
  266. #Header set Cache-Control "no-cache"
  267. #Header set Access-Control-Allow-Origin "*"
  268. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  269. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  270. ##
  271. ## SSL Configuration
  272. ##
  273. SSLEngine On
  274. SSLCertificateFile /etc/ssl/certs/www.example.com.pem
  275. SSLCertificateKeyFile /etc/ssl/private/www.example.com.key
  276. SSLCACertificateFile /etc/ssl/certs/www.example.com-ca.pem
  277. SSLVerifyClient None
  278. </VirtualHost>
  279. </IfModule>' RTRIM