Launchpad itself

Merge ~cjwatson/launchpad:charm-ftpmaster-top-level-directory-index into launchpad:master

Git
lp:~cjwatson/launchpad
charm-ftpmaster-top-level-directory-index
Merge into master

Proposed by Colin Watson on 2023-10-20

Status:	Merged
Approved by:	Colin Watson on 2023-10-20
Approved revision:	2ba595c6c1321fd58aad48fed705a309c1794213
Merge reported by:	Otto Co-Pilot
Merged at revision:	not available
Proposed branch:	~cjwatson/launchpad:charm-ftpmaster-top-level-directory-index
Merge into:	launchpad:master
Diff against target:	26 lines (+8/-3) 1 file modified charm/launchpad-ftpmaster-publisher/templates/vhost.conf.j2 (+8/-3)
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Simone Pelosi		2023-10-20	Approve on 2023-10-20
Review via email: mp+454137@code.launchpad.net

Commit message

charm: Enable a top-level directory index on ftpmaster-publish

Description of the change

Although it doesn't strictly break anything if http://ftpmaster.internal/ returns 403 (as opposed to http://ftpmaster.internal/ubuntu/ etc.), it's a bit ugly and makes it look as though things are broken. Restructure the Apache configuration so that requests for a top-level directory index return 200 with a filtered index showing only the permitted subdirectories.

Revision history for this message

Simone Pelosi (pelpsi) wrote on 2023-10-20:

thank you Colin for this fix, LGTM!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Canonical Launchpad Engineering

Christina A Reitbauer

Colin Watson

Edson_g2020_ubuntuone Gomes

Jordan

Kevin bush

Maximiliano Bertacchini

noômen

to status/vote changes:

asimbol83

 diff --git a/charm/launchpad-ftpmaster-publisher/templates/vhost.conf.j2 b/charm/launchpad-ftpmaster-publisher/templates/vhost.conf.j2
 index 169ff83..b24e533 100644
 --- a/charm/launchpad-ftpmaster-publisher/templates/vhost.conf.j2
 +++ b/charm/launchpad-ftpmaster-publisher/templates/vhost.conf.j2
@@ -6,14 +6,19 @@
      CustomLog /var/log/apache2/{{ domain_ftpmaster }}-access.log combined
      ErrorLog /var/log/apache2/{{ domain_ftpmaster }}-error.log
--{% for distribution in ("ubuntu", "ubuntu-partner") %}
--    <Directory "{{ archives_dir }}/ubuntu-archive/{{ distribution }}/">
++    <Directory "{{ archives_dir }}/ubuntu-archive/">
          IndexOptions NameWidth=* +SuppressDescription
          Options +Indexes +FollowSymLinks
          IndexIgnore favicon.ico
          AllowOverride None
          Require all granted
      </Directory>
--{% endfor %}
++
++    # Deny access to subdirectories other than "ubuntu" and
++    # "ubuntu-partner".  (This also has the effect of including only those
++    # subdirectories in the top-level directory index.)
++    <DirectoryMatch "{{ archives_dir }}/ubuntu-archive/[^/]+(?<!/ubuntu|/ubuntu-partner)/">
++        Require all denied
++    </DirectoryMatch>
  </VirtualHost>