From c3c23bbc27dee3fdcdf9aec6addcc816ad7b52ba Mon Sep 17 00:00:00 2001 From: elijah Date: Wed, 19 Dec 2012 12:12:16 -0800 Subject: webapp api now uses a customizable port (so that we don't try to rely on SNI for hosting two TLS domains on one IP). --- provider_base/files/service-definitions/provider.json.erb | 2 +- provider_base/services/webapp.json | 7 +++++-- puppet/modules/site_apache/templates/vhosts.d/api.conf.erb | 6 ++++-- puppet/modules/site_webapp/manifests/apache.pp | 5 ++++- 4 files changed, 14 insertions(+), 6 deletions(-) diff --git a/provider_base/files/service-definitions/provider.json.erb b/provider_base/files/service-definitions/provider.json.erb index c19e5538..f26f25a2 100644 --- a/provider_base/files/service-definitions/provider.json.erb +++ b/provider_base/files/service-definitions/provider.json.erb @@ -11,7 +11,7 @@ hsh['services'] = global.services[:service_type => :user_service].field(:name) hsh['api_version'] = "1" - hsh['api_uri'] = "https://" + api_domain + hsh['api_uri'] = "https://" + api.domain + ':' + api.port hsh['ca_cert_uri'] = 'https://' + global.provider.domain + '/ca.crt' hsh['ca_cert_fingerprint'] = fingerprint(:ca_cert) diff --git a/provider_base/services/webapp.json b/provider_base/services/webapp.json index 3eb0ba62..e40ed0ca 100644 --- a/provider_base/services/webapp.json +++ b/provider_base/services/webapp.json @@ -9,9 +9,12 @@ "eip_service": "= file :eip_service_json_template" }, "service_type": "public_service", - "api_domain": "= 'api.' + domain.full_suffix", + "api": { + "domain": "= 'api.' + domain.full_suffix", + "port": "4430" + }, "dns": { - "aliases": "= [domain.full, api_domain]" + "aliases": "= [domain.full, api.domain]" }, "x509": { "use": true, diff --git a/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb index 05d5f69d..cdfcbd68 100644 --- a/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb +++ b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb @@ -1,10 +1,12 @@ ServerName <%= api_domain %> RewriteEngine On - RewriteRule ^.*$ https://<%= api_domain -%>%{REQUEST_URI} [R=permanent,L] + RewriteRule ^.*$ https://<%= api_domain -%>:<%= api_port -%>%{REQUEST_URI} [R=permanent,L] - +Listen 0.0.0.0:<%= api_port %> + +> ServerName <%= api_domain %> SSLEngine on diff --git a/puppet/modules/site_webapp/manifests/apache.pp b/puppet/modules/site_webapp/manifests/apache.pp index 8532cc38..554b9147 100644 --- a/puppet/modules/site_webapp/manifests/apache.pp +++ b/puppet/modules/site_webapp/manifests/apache.pp @@ -1,6 +1,9 @@ class site_webapp::apache { - $api_domain = hiera('api_domain') + $web_api = hiera('api') + $api_domain = $web_api['domain'] + $api_port = $web_api['port'] + $x509 = hiera('x509') $commercial_key = $x509['commercial_key'] $commercial_cert = $x509['commercial_cert'] -- cgit v1.2.3