diff options
| author | elijah <elijah@riseup.net> | 2014-05-24 01:35:54 -0700 |
|---|---|---|
| committer | elijah <elijah@riseup.net> | 2014-06-02 11:28:27 -0700 |
| commit | 24f0cc3c64aab59db436e0827ba24ec08023100a (patch) | |
| tree | 179c4464d13b3aed4e8b6b78735508c4bd7cb700 /puppet/modules/site_static | |
| parent | 09916946f8eb0ab17689255fd626a52ef1808e6a (diff) | |
added support for /provider.json served from static site.
Diffstat (limited to 'puppet/modules/site_static')
| -rw-r--r-- | puppet/modules/site_static/manifests/domain.pp | 3 | ||||
| -rw-r--r-- | puppet/modules/site_static/manifests/init.pp | 18 | ||||
| -rw-r--r-- | puppet/modules/site_static/templates/apache.conf.erb | 14 |
3 files changed, 34 insertions, 1 deletions
diff --git a/puppet/modules/site_static/manifests/domain.pp b/puppet/modules/site_static/manifests/domain.pp index 8af2230f..0f54a975 100644 --- a/puppet/modules/site_static/manifests/domain.pp +++ b/puppet/modules/site_static/manifests/domain.pp @@ -3,7 +3,8 @@ define site_static::domain ( $ca_cert, $key, $cert, - $tls_only) { + $tls_only, + $aliases) { $domain = $name $base_dir = '/srv/static' diff --git a/puppet/modules/site_static/manifests/init.pp b/puppet/modules/site_static/manifests/init.pp index 4f6d895f..6b2cc1f3 100644 --- a/puppet/modules/site_static/manifests/init.pp +++ b/puppet/modules/site_static/manifests/init.pp @@ -3,6 +3,24 @@ class site_static { $static = hiera('static') $domains = $static['domains'] $formats = $static['formats'] + $bootstrap = $static['bootstrap_files'] + + if $bootstrap['enabled'] { + $bootstrap_domain = $bootstrap['domain'] + $bootstrap_client = $bootstrap['client_version'] + file { '/srv/leap/provider.json': + content => $bootstrap['provider_json'], + owner => 'www-data', + group => 'www-data', + mode => '0444'; + } + # It is important to always touch provider.json: the client needs to check x-min-client-version header, + # but this is only sent when the file has been modified (otherwise 304 is sent by apache). The problem + # is that changing min client version won't alter the content of provider.json, so we must touch it. + exec { '/bin/touch /srv/leap/provider.json': + require => File['/srv/leap/provider.json']; + } + } if (member($formats, 'amber')) { include site_config::ruby::dev diff --git a/puppet/modules/site_static/templates/apache.conf.erb b/puppet/modules/site_static/templates/apache.conf.erb index 2abe1a98..b694d44c 100644 --- a/puppet/modules/site_static/templates/apache.conf.erb +++ b/puppet/modules/site_static/templates/apache.conf.erb @@ -16,11 +16,16 @@ end end document_root = document_root.gsub(%r{^/|/$}, '') + bootstrap_domain = scope.lookupvar('site_static::bootstrap_domain') + bootstrap_client = scope.lookupvar('site_static::bootstrap_client') -%> <VirtualHost *:80> ServerName <%= @domain %> ServerAlias www.<%= @domain %> +<%- @aliases && @aliases.each do |domain_alias| -%> + ServerAlias <%= domain_alias %> +<%- end -%> RewriteEngine On RewriteRule ^.*$ https://<%= @domain -%>%{REQUEST_URI} [R=permanent,L] </VirtualHost> @@ -28,6 +33,9 @@ <VirtualHost *:443> ServerName <%= @domain %> ServerAlias www.<%= @domain %> +<%- @aliases && @aliases.each do |domain_alias| -%> + ServerAlias <%= domain_alias %> +<%- end -%> #RewriteLog "/var/log/apache2/rewrite.log" #RewriteLogLevel 3 @@ -62,6 +70,12 @@ Order deny,allow Allow from all </Directory> + <%- if ([@aliases]+[@domain]).flatten.include?(bootstrap_domain) -%> + Alias /provider.json /srv/leap/provider.json + <Location /provider.json> + Header set X-Minimum-Client-Version <%= bootstrap_client['min'] %> + </Location> + <%- end -%> <%- else -%> AliasMatch ^/[a-z]{2}/<%=path%>(/.+|/|)$ "/<%=directory%>/$1" Alias /<%=path%> "/<%=directory%>/" |