Reviewers: mp+141646_code.launchpad.net,
Message: Please take a look.
Description: Restore TLS in the charm
Now the charm is served using SSL again.
https://code.launchpad.net/~frankban/charms/precise/juju-gui/bug-1095281-restore-tls/+merge/141646
(do not edit description out of merge proposal)
Please review this at https://codereview.appspot.com/7026046/
Affected files: M README.md A [revision details] M config/config.js.template M config/nginx.conf.template M hooks/start M tests/deploy.test
Index: README.md === modified file 'README.md' --- README.md 2012-12-20 18:02:44 +0000 +++ README.md 2013-01-02 13:31:03 +0000 @@ -58,9 +58,7 @@ machine: 1 open-ports: - 80/tcp - <!--- Uncomment when TLS connections are re-enabled. - 443/tcp - --> - 8080/tcp public-address: ec2-204-236-250-8.compute-1.amazonaws.com
Index: [revision details] === added file '[revision details]' --- [revision details] 2012-01-01 00:00:00 +0000 +++ [revision details] 2012-01-01 00:00:00 +0000 @@ -0,0 +1,2 @@ +Old revision: <email address hidden> +New revision: <email address hidden>
Index: config/config.js.template === modified file 'config/config.js.template' --- config/config.js.template 2012-11-30 16:36:47 +0000 +++ config/config.js.template 2013-01-02 13:31:03 +0000 @@ -5,6 +5,6 @@ container: '#main', viewContainer: '#main', transitions: false, - charm_store_url: 'http://jujucharms.com/', + charm_store_url: 'https://jujucharms.com/', socket_url: 'ws://%(address)s:%(port)s/ws' };
Index: config/nginx.conf.template === modified file 'config/nginx.conf.template' --- config/nginx.conf.template 2012-12-21 15:22:50 +0000 +++ config/nginx.conf.template 2013-01-02 13:31:03 +0000 @@ -1,20 +1,16 @@ -# Uncomment to switch back to TLS connections. -# server { -# listen 80; -# server_name _; -# return 301 https://$host$request_uri; -# } +server { + listen 80; + server_name _; + return 301 https://$host$request_uri; +}
server { - # Uncomment to switch back to TLS connections. - # listen 443 default_server ssl; - listen 80; # Delete this line when TLS connections are re-enabled. + listen 443 default_server ssl; server_name _; root %(server_root)s; index index.html; - # Uncomment to switch back to TLS connections. - # ssl_certificate %(ssl_cert_path)s/server.pem; - # ssl_certificate_key %(ssl_cert_path)s/server.key; + ssl_certificate %(ssl_cert_path)s/server.pem; + ssl_certificate_key %(ssl_cert_path)s/server.key;
# Serve static assets. location ^~ /juju-ui/ {
Index: hooks/start === modified file 'hooks/start' --- hooks/start 2012-12-21 16:32:53 +0000 +++ hooks/start 2013-01-02 13:31:03 +0000 @@ -21,8 +21,7 @@ log('Exposing services.') # Open the Juju GUI web server HTTP and HTTPS ports. open_port(80) - # Uncomment to switch back to TLS connections. - # open_port(443) + open_port(443) # Open the Juju websocket server port. open_port(juju_api_port)
Index: tests/deploy.test === modified file 'tests/deploy.test' --- tests/deploy.test 2012-12-20 18:02:44 +0000 +++ tests/deploy.test 2013-01-02 13:31:03 +0000 @@ -35,7 +35,7 @@
def setUp(self): self.charm = 'juju-gui' - self.port = '80' # Set to 443 when TLS connections are re-enabled. + self.port = '443'
def tearDown(self): juju('destroy-service', self.charm) @@ -53,8 +53,7 @@
def check_services(self, hostname, ws_port=8080): """Check the services are listening on their tcp ports.""" - # Use https below when TLS connections are re-enabled. - url = 'http://{0}:{1}'.format(hostname, self.port) + url = 'https://{0}:{1}'.format(hostname, self.port) response = open_url(url) self.assertEqual(200, response.getcode()) ws_url = 'http://{0}:{1}/ws'.format(hostname, ws_port)
« Back to merge proposal
Reviewers: mp+141646_ code.launchpad. net,
Message:
Please take a look.
Description:
Restore TLS in the charm
Now the charm is served using SSL again.
https:/ /code.launchpad .net/~frankban/ charms/ precise/ juju-gui/ bug-1095281- restore- tls/+merge/ 141646
(do not edit description out of merge proposal)
Please review this at https:/ /codereview. appspot. com/7026046/
Affected files: config. js.template nginx.conf. template
M README.md
A [revision details]
M config/
M config/
M hooks/start
M tests/deploy.test
Index: README.md
machine: 1
open-ports:
public- address: ec2-204- 236-250- 8.compute- 1.amazonaws. com
=== modified file 'README.md'
--- README.md 2012-12-20 18:02:44 +0000
+++ README.md 2013-01-02 13:31:03 +0000
@@ -58,9 +58,7 @@
- 80/tcp
- <!--- Uncomment when TLS connections are re-enabled.
- 443/tcp
- -->
- 8080/tcp
Index: [revision details]
=== added file '[revision details]'
--- [revision details] 2012-01-01 00:00:00 +0000
+++ [revision details] 2012-01-01 00:00:00 +0000
@@ -0,0 +1,2 @@
+Old revision:
<email address hidden>
+New revision:
<email address hidden>
Index: config/ config. js.template config. js.template' config. js.template 2012-11-30 16:36:47 +0000 config. js.template 2013-01-02 13:31:03 +0000 jujucharms. com/', /jujucharms. com/', (address) s:%(port) s/ws'
=== modified file 'config/
--- config/
+++ config/
@@ -5,6 +5,6 @@
container: '#main',
viewContainer: '#main',
transitions: false,
- charm_store_url: 'http://
+ charm_store_url: 'https:/
socket_url: 'ws://%
};
Index: config/ nginx.conf. template nginx.conf. template' nginx.conf. template 2012-12-21 15:22:50 +0000 nginx.conf. template 2013-01-02 13:31:03 +0000 /$host$ request_ uri; /$host$ request_ uri;
=== modified file 'config/
--- config/
+++ config/
@@ -1,20 +1,16 @@
-# Uncomment to switch back to TLS connections.
-# server {
-# listen 80;
-# server_name _;
-# return 301 https:/
-# }
+server {
+ listen 80;
+ server_name _;
+ return 301 https:/
+}
server { path)s/ server. pem; path)s/ server. key; path)s/ server. pem; path)s/ server. key;
- # Uncomment to switch back to TLS connections.
- # listen 443 default_server ssl;
- listen 80; # Delete this line when TLS connections are re-enabled.
+ listen 443 default_server ssl;
server_name _;
root %(server_root)s;
index index.html;
- # Uncomment to switch back to TLS connections.
- # ssl_certificate %(ssl_cert_
- # ssl_certificate_key %(ssl_cert_
+ ssl_certificate %(ssl_cert_
+ ssl_certificate_key %(ssl_cert_
# Serve static assets.
location ^~ /juju-ui/ {
Index: hooks/start port(juju_ api_port)
=== modified file 'hooks/start'
--- hooks/start 2012-12-21 16:32:53 +0000
+++ hooks/start 2013-01-02 13:31:03 +0000
@@ -21,8 +21,7 @@
log('Exposing services.')
# Open the Juju GUI web server HTTP and HTTPS ports.
open_port(80)
- # Uncomment to switch back to TLS connections.
- # open_port(443)
+ open_port(443)
# Open the Juju websocket server port.
open_
Index: tests/deploy.test
=== modified file 'tests/deploy.test'
--- tests/deploy.test 2012-12-20 18:02:44 +0000
+++ tests/deploy.test 2013-01-02 13:31:03 +0000
@@ -35,7 +35,7 @@
def setUp(self):
self. charm = 'juju-gui'
- self.port = '80' # Set to 443 when TLS connections are re-enabled.
+ self.port = '443'
def tearDown(self):
juju( 'destroy- service' , self.charm)
@@ -53,8 +53,7 @@
def check_services( self, hostname, ws_port=8080): '.format( hostname, self.port) '.format( hostname, self.port)
self. assertEqual( 200, response.getcode()) /ws'.format( hostname, ws_port)
"""Check the services are listening on their tcp ports."""
- # Use https below when TLS connections are re-enabled.
- url = 'http://{0}:{1}
+ url = 'https://{0}:{1}
response = open_url(url)
ws_url = 'http://{0}:{1}