|
@ -72,6 +72,22 @@ is_protocol_enabled() { |
|
|
export -f is_protocol_enabled |
|
|
export -f is_protocol_enabled |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
_get_ssl_option_value() { |
|
|
|
|
|
local target_relation rn ts rc td |
|
|
|
|
|
relation-get ssl 2>/dev/null && return 0 |
|
|
|
|
|
|
|
|
|
|
|
target_relation="cert-provider" |
|
|
|
|
|
while read-0 rn ts rc td; do |
|
|
|
|
|
[ "$rn" == "${target_relation}" ] || continue |
|
|
|
|
|
info "A cert-provider '$ts' declared as 'ssl' value" |
|
|
|
|
|
echo "$ts" |
|
|
|
|
|
return 0 |
|
|
|
|
|
done < <(get_service_relations "$SERVICE_NAME") |
|
|
|
|
|
|
|
|
|
|
|
return 1 |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
__vhost_cfg_normalize_protocol() { |
|
|
__vhost_cfg_normalize_protocol() { |
|
|
local protocol |
|
|
local protocol |
|
|
|
|
|
|
|
@ -83,7 +99,7 @@ __vhost_cfg_normalize_protocol() { |
|
|
|
|
|
|
|
|
case "$protocol" in |
|
|
case "$protocol" in |
|
|
auto) |
|
|
auto) |
|
|
if __vhost_cfg_ssl="$(relation-get ssl 2>/dev/null)"; then |
|
|
|
|
|
|
|
|
if __vhost_cfg_ssl="$(_get_ssl_option_value)"; then |
|
|
protocol="https" |
|
|
protocol="https" |
|
|
export __vhost_cfg_ssl |
|
|
export __vhost_cfg_ssl |
|
|
else |
|
|
else |
|
@ -114,7 +130,8 @@ __vhost_cfg_normalize_protocol() { |
|
|
|
|
|
|
|
|
ssl_get_plugin_fun() { |
|
|
ssl_get_plugin_fun() { |
|
|
# from ssl conf, return the function that should manage SSL code creation |
|
|
# from ssl conf, return the function that should manage SSL code creation |
|
|
local cfg="$(relation-get ssl 2>/dev/null)" type keys |
|
|
|
|
|
|
|
|
local cfg type keys |
|
|
|
|
|
cfg=$(_get_ssl_option_value) |
|
|
if [ -z "$cfg" ]; then |
|
|
if [ -z "$cfg" ]; then |
|
|
return 0 |
|
|
return 0 |
|
|
else |
|
|
else |
|
@ -150,7 +167,7 @@ ssl_get_plugin_fun() { |
|
|
merged_config=$(merge_yaml_str "$relation_config" "$ssl_cfg") || return 1 |
|
|
merged_config=$(merge_yaml_str "$relation_config" "$ssl_cfg") || return 1 |
|
|
printf "%s\0" "$fun" "$key" "$merged_config" |
|
|
printf "%s\0" "$fun" "$key" "$merged_config" |
|
|
return 0 |
|
|
return 0 |
|
|
done < <(get_compose_relations "$SERVICE_NAME") || return 1 |
|
|
|
|
|
|
|
|
done < <(get_service_relations "$SERVICE_NAME") || return 1 |
|
|
case "$key" in |
|
|
case "$key" in |
|
|
cert|ca-cert|key) |
|
|
cert|ca-cert|key) |
|
|
: |
|
|
: |
|
@ -271,7 +288,7 @@ apache_vhost_statement() { |
|
|
__vhost_full_vhost_statement http |
|
|
__vhost_full_vhost_statement http |
|
|
fi |
|
|
fi |
|
|
if is_protocol_enabled https; then |
|
|
if is_protocol_enabled https; then |
|
|
"$SSL_PLUGIN_FUN"_vars "$(relation-get ssl 2>/dev/null)" |
|
|
|
|
|
|
|
|
"$SSL_PLUGIN_FUN"_vars "$(_get_ssl_option_value 2>/dev/null)" |
|
|
cat <<EOF |
|
|
cat <<EOF |
|
|
|
|
|
|
|
|
<IfModule mod_ssl.c> |
|
|
<IfModule mod_ssl.c> |
|
|