Content Cache Charm

Merge ~mthaddon/content-cache-charm/+git/content-cache-charm:sites-and-secrets-docs into content-cache-charm:master

  1. Git
  2. lp:~mthaddon/content-cache-charm/+git/content-cache-charm
  3. sites-and-secrets-docs
  4. Merge into master
Proposed by Tom Haddon
Status: Merged
Approved by: Haw Loeung
Approved revision: d588f74e03398ac77aaf30ef29982320e5f3cab3
Merged at revision: ef8a5987454ee267589f72a4e3ab9d8bd7196819
Proposed branch: ~mthaddon/content-cache-charm/+git/content-cache-charm:sites-and-secrets-docs
Merge into: content-cache-charm:master
Diff against target: 108 lines (+7/-47)
4 files modified
README.md (+1/-44)
config.yaml (+4/-1)
tests/unit/files/config_test_secrets.txt (+1/-1)
tests/unit/files/nginx_config_rendered_test_output-site1.local-secrets.txt (+1/-1)
Reviewer Review Type Date Requested Status
Haw Loeung +1 Approve
Canonical IS Reviewers Pending
Review via email: mp+413122@code.launchpad.net

Commit message

Update documentation now that we have sites config in discourse-based docs, and change backend path in unit tests to make more obviously a secret

To post a comment you must log in.
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
Haw Loeung (hloeung) wrote :

LGTM

review: Approve (+1)
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision ef8a5987454ee267589f72a4e3ab9d8bd7196819

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/README.md b/README.md
2index d7fae8e..f2f1068 100644
3--- a/README.md
4+++ b/README.md
5@@ -23,50 +23,7 @@ To deploy the charm:
6
7 juju deploy content-cache
8
9-Set juju config for the `sites` option as required. For example:
10-
11- # Site with some public, some authenticated content, using another site
12- # with two IPs for authentication. In this case, 10.1.1.2 and 10.1.1.3
13- # would need to listen on 443 for auth.example1.com and process
14- # authentication requests. If set, cache-maxconn will set the maximum
15- # number of simultaneous connections to the nginx cache for this location,
16- # while backend-maxconn limits connections to the defined backends.
17- # If unset, both will default to 2048
18- example1.com:
19- tls-cert-bundle-path: /var/lib/haproxy
20- locations:
21- '/':
22- extra-config:
23- - root /srv/example1.com/content/
24- - autoindex on
25- '/auth':
26- modifier: '='
27- backends:
28- - 10.1.1.2:443
29- - 10.1.1.3:443
30- backend-check-path: /status
31- backend-inter-time: '10s'
32- backend-maxconn: 64
33- backend-path: /auth-check/
34- backend-tls: True
35- cache-maxconn: 4096
36- cache-validity: '200 401 1h'
37- origin-headers:
38- - Original-URI: $request_uri
39- - Resource-Name: example1
40- extra-config:
41- - internal
42- - proxy_cache_key $http_authorization
43- site-name: auth.example1.com
44- '/status':
45- extra-config:
46- - stub_status on
47- '/private/content/':
48- extra-config:
49- - root /srv/example1.com/content/
50- - autoindex on
51- - auth_request /auth
52- nagios-expect: 401 Unauthorized
53+For details on configuring sites, see [the sites configuration documentation](https://charmhub.io/content-cache/docs/sites-configuration).
54
55 ## Metrics
56
57diff --git a/config.yaml b/config.yaml
58index e6d4a69..4ee5f31 100644
59--- a/config.yaml
60+++ b/config.yaml
61@@ -113,7 +113,7 @@ options:
62 default: ""
63 type: string
64 description: >
65- YAML-formatted virtual hosts/sites. See the README.md for more details
66+ YAML-formatted virtual hosts/sites. See https://charmhub.io/content-cache/docs/sites-configuration for more details
67 and examples.
68 sites_secrets:
69 default: ""
70@@ -123,9 +123,12 @@ options:
71 site1.local:
72 locations:
73 "/":
74+ backend-path: /my-backend-path-secret/
75 origin-headers:
76 X-Origin-Key: my-origin-secret-key
77 signed-url-hmac-key: my-signed-url-secret-key
78+ See https://charmhub.io/content-cache/docs/sites-secrets-configuration for more details
79+ and examples.
80 tls_cipher_suites:
81 default: ""
82 type: string
83diff --git a/tests/unit/files/config_test_secrets.txt b/tests/unit/files/config_test_secrets.txt
84index fb50f1a..d74cbd0 100644
85--- a/tests/unit/files/config_test_secrets.txt
86+++ b/tests/unit/files/config_test_secrets.txt
87@@ -1,7 +1,7 @@
88 site1.local:
89 locations:
90 /:
91+ backend-path: /ui4rohJ2ohngah7yi4uY/
92 origin-headers:
93 X-Origin-Key: Sae6oob2aethuosh
94 signed-url-hmac-key: xooBaLemenae6voopooz
95- backend-path: /v/
96diff --git a/tests/unit/files/nginx_config_rendered_test_output-site1.local-secrets.txt b/tests/unit/files/nginx_config_rendered_test_output-site1.local-secrets.txt
97index 4ff34b6..8c4608b 100644
98--- a/tests/unit/files/nginx_config_rendered_test_output-site1.local-secrets.txt
99+++ b/tests/unit/files/nginx_config_rendered_test_output-site1.local-secrets.txt
100@@ -9,7 +9,7 @@ server {
101
102 location / {
103 proxy_http_version 1.1;
104- proxy_pass http://localhost:8080/v/;
105+ proxy_pass http://localhost:8080/ui4rohJ2ohngah7yi4uY/;
106 proxy_set_header Host "site1.local";
107 # Removed the following headers to avoid cache poisoning.
108 proxy_set_header Forwarded "";

Subscribers

People subscribed via source and target branches