summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2012-12-19 12:12:16 -0800
committerelijah <elijah@riseup.net>2012-12-19 12:12:16 -0800
commitc3c23bbc27dee3fdcdf9aec6addcc816ad7b52ba (patch)
tree87a6e1ed0f61fe90fb6b089d695f6de897119128
parent109334ec46ffdde3a96119fd6108080bd1d45c8a (diff)
webapp api now uses a customizable port (so that we don't try to rely on SNI for hosting two TLS domains on one IP).
Diffstat
-rw-r--r--provider_base/files/service-definitions/provider.json.erb2
-rw-r--r--provider_base/services/webapp.json7
-rw-r--r--puppet/modules/site_apache/templates/vhosts.d/api.conf.erb6
-rw-r--r--puppet/modules/site_webapp/manifests/apache.pp5
4 files changed, 14 insertions, 6 deletions
diff --git a/provider_base/files/service-definitions/provider.json.erb b/provider_base/files/service-definitions/provider.json.erb
index c19e5538..f26f25a2 100644
--- a/provider_base/files/service-definitions/provider.json.erb
+++ b/provider_base/files/service-definitions/provider.json.erb
@@ -11,7 +11,7 @@
hsh['services'] = global.services[:service_type => :user_service].field(:name)
hsh['api_version'] = "1"
- hsh['api_uri'] = "https://" + api_domain
+ hsh['api_uri'] = "https://" + api.domain + ':' + api.port
hsh['ca_cert_uri'] = 'https://' + global.provider.domain + '/ca.crt'
hsh['ca_cert_fingerprint'] = fingerprint(:ca_cert)
diff --git a/provider_base/services/webapp.json b/provider_base/services/webapp.json
index 3eb0ba62..e40ed0ca 100644
--- a/provider_base/services/webapp.json
+++ b/provider_base/services/webapp.json
@@ -9,9 +9,12 @@
"eip_service": "= file :eip_service_json_template"
},
"service_type": "public_service",
- "api_domain": "= 'api.' + domain.full_suffix",
+ "api": {
+ "domain": "= 'api.' + domain.full_suffix",
+ "port": "4430"
+ },
"dns": {
- "aliases": "= [domain.full, api_domain]"
+ "aliases": "= [domain.full, api.domain]"
},
"x509": {
"use": true,
diff --git a/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb
index 05d5f69d..cdfcbd68 100644
--- a/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb
+++ b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb
@@ -1,10 +1,12 @@
<VirtualHost *:80>
ServerName <%= api_domain %>
RewriteEngine On
- RewriteRule ^.*$ https://<%= api_domain -%>%{REQUEST_URI} [R=permanent,L]
+ RewriteRule ^.*$ https://<%= api_domain -%>:<%= api_port -%>%{REQUEST_URI} [R=permanent,L]
</VirtualHost>
-<VirtualHost *:443>
+Listen 0.0.0.0:<%= api_port %>
+
+<VirtualHost *:<%= api_port -%>>
ServerName <%= api_domain %>
SSLEngine on
diff --git a/puppet/modules/site_webapp/manifests/apache.pp b/puppet/modules/site_webapp/manifests/apache.pp
index 8532cc38..554b9147 100644
--- a/puppet/modules/site_webapp/manifests/apache.pp
+++ b/puppet/modules/site_webapp/manifests/apache.pp
@@ -1,6 +1,9 @@
class site_webapp::apache {
- $api_domain = hiera('api_domain')
+ $web_api = hiera('api')
+ $api_domain = $web_api['domain']
+ $api_port = $web_api['port']
+
$x509 = hiera('x509')
$commercial_key = $x509['commercial_key']
$commercial_cert = $x509['commercial_cert']
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-16 05:02:47 +0000