summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2014-05-24 01:35:54 -0700
committerelijah <elijah@riseup.net>2014-06-02 11:28:27 -0700
commit24f0cc3c64aab59db436e0827ba24ec08023100a (patch)
tree179c4464d13b3aed4e8b6b78735508c4bd7cb700
parent09916946f8eb0ab17689255fd626a52ef1808e6a (diff)
added support for /provider.json served from static site.
-rw-r--r--platform.rb2
-rw-r--r--provider_base/files/service-definitions/provider.json.erb2
-rw-r--r--provider_base/services/static.json9
-rw-r--r--puppet/modules/site_static/manifests/domain.pp3
-rw-r--r--puppet/modules/site_static/manifests/init.pp18
-rw-r--r--puppet/modules/site_static/templates/apache.conf.erb14
6 files changed, 44 insertions, 4 deletions
diff --git a/platform.rb b/platform.rb
index d36cb3af..cd0cbde0 100644
--- a/platform.rb
+++ b/platform.rb
@@ -5,7 +5,7 @@
Leap::Platform.define do
self.version = "0.5.2"
- self.compatible_cli = "1.5.0".."1.99"
+ self.compatible_cli = "1.5.5".."1.99"
#
# the facter facts that should be gathered
diff --git a/provider_base/files/service-definitions/provider.json.erb b/provider_base/files/service-definitions/provider.json.erb
index be8ae484..2d0a5886 100644
--- a/provider_base/files/service-definitions/provider.json.erb
+++ b/provider_base/files/service-definitions/provider.json.erb
@@ -7,7 +7,7 @@
hsh['domain'] = domain.full_suffix
# advertise services that are 'user services' and for which there are actually nodes
- hsh['services'] ||= global.services[:service_type => :user_service].field(:name).select do |service|
+ hsh['services'] ||= global.env(environment).services[:service_type => :user_service].field(:name).select do |service|
nodes_like_me[:services => service].any?
end
diff --git a/provider_base/services/static.json b/provider_base/services/static.json
index d9155a84..3bbc1240 100644
--- a/provider_base/services/static.json
+++ b/provider_base/services/static.json
@@ -1,6 +1,13 @@
{
"static": {
- "formats": "=> (self.static.domains||{}).values.collect{|d| (d.locations||{}).values.collect{|l|l['format']}}.flatten.uniq"
+ "formats": "=> (self.static.domains||{}).values.collect{|d| (d.locations||{}).values.collect{|l|l['format']}}.flatten.uniq",
+ // include a copy of provider.json in case any of the configured domains happens to match provider.domain
+ "bootstrap_files": {
+ "domain": "= provider.domain",
+ "enabled": "= (self.static.domains||{})[provider.domain] ? true : false",
+ "provider_json": "=> static.bootstrap_files.enabled ? try{nodes_like_me[:services => 'webapp'].values.first.definition_files['provider']} : nil",
+ "client_version": "= static.bootstrap_files.enabled ? provider.client_version : nil"
+ }
},
"service_type": "public_service"
} \ No newline at end of file
diff --git a/puppet/modules/site_static/manifests/domain.pp b/puppet/modules/site_static/manifests/domain.pp
index 8af2230f..0f54a975 100644
--- a/puppet/modules/site_static/manifests/domain.pp
+++ b/puppet/modules/site_static/manifests/domain.pp
@@ -3,7 +3,8 @@ define site_static::domain (
$ca_cert,
$key,
$cert,
- $tls_only) {
+ $tls_only,
+ $aliases) {
$domain = $name
$base_dir = '/srv/static'
diff --git a/puppet/modules/site_static/manifests/init.pp b/puppet/modules/site_static/manifests/init.pp
index 4f6d895f..6b2cc1f3 100644
--- a/puppet/modules/site_static/manifests/init.pp
+++ b/puppet/modules/site_static/manifests/init.pp
@@ -3,6 +3,24 @@ class site_static {
$static = hiera('static')
$domains = $static['domains']
$formats = $static['formats']
+ $bootstrap = $static['bootstrap_files']
+
+ if $bootstrap['enabled'] {
+ $bootstrap_domain = $bootstrap['domain']
+ $bootstrap_client = $bootstrap['client_version']
+ file { '/srv/leap/provider.json':
+ content => $bootstrap['provider_json'],
+ owner => 'www-data',
+ group => 'www-data',
+ mode => '0444';
+ }
+ # It is important to always touch provider.json: the client needs to check x-min-client-version header,
+ # but this is only sent when the file has been modified (otherwise 304 is sent by apache). The problem
+ # is that changing min client version won't alter the content of provider.json, so we must touch it.
+ exec { '/bin/touch /srv/leap/provider.json':
+ require => File['/srv/leap/provider.json'];
+ }
+ }
if (member($formats, 'amber')) {
include site_config::ruby::dev
diff --git a/puppet/modules/site_static/templates/apache.conf.erb b/puppet/modules/site_static/templates/apache.conf.erb
index 2abe1a98..b694d44c 100644
--- a/puppet/modules/site_static/templates/apache.conf.erb
+++ b/puppet/modules/site_static/templates/apache.conf.erb
@@ -16,11 +16,16 @@
end
end
document_root = document_root.gsub(%r{^/|/$}, '')
+ bootstrap_domain = scope.lookupvar('site_static::bootstrap_domain')
+ bootstrap_client = scope.lookupvar('site_static::bootstrap_client')
-%>
<VirtualHost *:80>
ServerName <%= @domain %>
ServerAlias www.<%= @domain %>
+<%- @aliases && @aliases.each do |domain_alias| -%>
+ ServerAlias <%= domain_alias %>
+<%- end -%>
RewriteEngine On
RewriteRule ^.*$ https://<%= @domain -%>%{REQUEST_URI} [R=permanent,L]
</VirtualHost>
@@ -28,6 +33,9 @@
<VirtualHost *:443>
ServerName <%= @domain %>
ServerAlias www.<%= @domain %>
+<%- @aliases && @aliases.each do |domain_alias| -%>
+ ServerAlias <%= domain_alias %>
+<%- end -%>
#RewriteLog "/var/log/apache2/rewrite.log"
#RewriteLogLevel 3
@@ -62,6 +70,12 @@
Order deny,allow
Allow from all
</Directory>
+ <%- if ([@aliases]+[@domain]).flatten.include?(bootstrap_domain) -%>
+ Alias /provider.json /srv/leap/provider.json
+ <Location /provider.json>
+ Header set X-Minimum-Client-Version <%= bootstrap_client['min'] %>
+ </Location>
+ <%- end -%>
<%- else -%>
AliasMatch ^/[a-z]{2}/<%=path%>(/.+|/|)$ "/<%=directory%>/$1"
Alias /<%=path%> "/<%=directory%>/"