Ubuntu Mirror Charm

~pjdc/ubuntu-mirror-charm/+git/ubuntu-mirror-charm:use-system-keyring

  1. Git
  2. lp:~pjdc/ubuntu-mirror-charm/+git/ubuntu-mirror-charm
  3. use-system-keyring
Last commit made on 2020-03-20
Get this branch:
git clone -b use-system-keyring https://git.launchpad.net/~pjdc/ubuntu-mirror-charm/+git/ubuntu-mirror-charm
Only Paul Collins can upload to this branch. If you are Paul Collins please log in for upload directions.

Branch merges

Branch information

Name:
use-system-keyring
Repository:
lp:~pjdc/ubuntu-mirror-charm/+git/ubuntu-mirror-charm

Recent commits

ab273f6... by Paul Collins <paul@agnew>

check-mirror.sh: use the system keyring, which we can rely on existing

It includes the following:

pub rsa4096 2012-05-11 [SC]
      790BC7277767219C42C86F933B4FE6ACC0B21F32
uid [ unknown] Ubuntu Archive Automatic Signing Key (2012) <email address hidden>

pub rsa4096 2012-05-11 [SC]
      843938DF228D22F7B3742BC0D94AA3F0EFE21092
uid [ unknown] Ubuntu CD Image Automatic Signing Key (2012) <email address hidden>

pub rsa4096 2018-09-17 [SC]
      F6ECB3762474EDA9D21B7022871920D1991BC93C
uid [ unknown] Ubuntu Archive Automatic Signing Key (2018) <email address hidden>

2e6f364... by Paul Collins

support TLS and listening on specific addresses

This is so that we can avoid opening port 443 on archive.ubuntu.com.

Reviewed-on: https://code.launchpad.net/~pjdc/ubuntu-mirror-charm/+git/ubuntu-mirror-charm/+merge/380758
Reviewed-by: Joel Sing <email address hidden>

64c5add... by Paul Collins

address some review comments

61a5340... by Paul Collins

enable ssl and restart, if necessary

a6897c7... by Paul Collins

all_addresses.discard to get rid of an address!

convert ports to int to fix ordering, and rewrite template to emit the comment block only once

1e2898b... by Paul Collins

ensure we only listen on specific IPs for non-port-80

Also, generate a cleaner result when addresses is empty.

a5d76b0... by Paul Collins

pass ports and addresses into the templates, and teach them to emit an https virtualhost

905a707... by Paul Collins

document proposed changes to role_map for tls/https

8821005... by Paul Collins

write default ports.conf, "Listen 80" only

9b0554e... by Paul Collins

add SSL to templates, controlled by $tls