revcache

Merge ~pwlars/revcache/+git/revcache-charm:juju1-support into ~canonical-hw-cert/revcache/+git/revcache-charm:master

  1. Git
  2. lp:~pwlars/revcache/+git/revcache-charm
  3. juju1-support
  4. Merge into master
Proposed by Paul Larson
Status: Merged
Approved by: Paul Larson
Approved revision: fff4d98edf52afaf94ff3d9b66d765ef667e2535
Merged at revision: 7cd5a3bbeda700aad6f99c58bfa2e1b8512920e9
Proposed branch: ~pwlars/revcache/+git/revcache-charm:juju1-support
Merge into: ~canonical-hw-cert/revcache/+git/revcache-charm:master
Diff against target: 72 lines (+35/-4)
2 files modified
config.yaml (+12/-0)
playbooks/revcache.yaml (+23/-4)
Reviewer Review Type Date Requested Status
Paul Larson Approve
Review via email: mp+348270@code.launchpad.net

This proposal supersedes a proposal from 2018-06-18.

Description of the change

I think this finally does what I want. I've tested it locally with some fake keys, and confirmed that it puts the files in the right location and uses the correct vhost template with ssl support for nginx *only* when specifying the certificates and ssl key in either the config or in an artifact. This allows us to support both juju1 and juju2 in the same charm!

To post a comment you must log in.
Revision history for this message
Paul Larson (pwlars) wrote :

Wrong target, that should look a little more sane now :)

review: Needs Resubmitting
Revision history for this message
Paul Larson (pwlars) wrote :

I've tried this locally, but would like to try deploying it in the production environment. It's not actually going to affect any production runs right now, so self-approving since it won't break anything (yet) :)

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/config.yaml b/config.yaml
index ad24364..1e4601f 100644
--- a/config.yaml
+++ b/config.yaml
@@ -7,3 +7,15 @@ options:
7 type: string7 type: string
8 description: git branch for revcache8 description: git branch for revcache
9 default: "start"9 default: "start"
10 config-ssl-certificate:
11 type: string
12 description: base64 encoded ssl certificate file
13 default: ""
14 config-ssl-chain:
15 type: string
16 description: base64 encoded ssl chain file
17 default: ""
18 config-ssl-key:
19 type: string
20 description: base64 encoded ssl key file
21 default: ""
diff --git a/playbooks/revcache.yaml b/playbooks/revcache.yaml
index c540ff3..3ec76fe 100644
--- a/playbooks/revcache.yaml
+++ b/playbooks/revcache.yaml
@@ -85,6 +85,25 @@
85 tags:85 tags:
86 - install86 - install
8787
88 - name: Get SSL Certificate File (from config for juju1)
89 shell: echo -n "{{ config_ssl_certificate | b64decode }}" > /etc/ssl/certs/revcache.crt
90 when: config_ssl_certificate != ""
91 tags:
92 - config-changed
93
94 - name: Get SSL Chain File (from config for juju1)
95 shell: echo -n "{{ config_ssl_chain | b64decode }}" >> /etc/ssl/certs/revcache.crt
96 when: config_ssl_chain != ""
97 tags:
98 - config-changed
99
100 - name: Get SSL Key File (from config for juju1)
101 shell: echo -n "{{ config_ssl_key | b64decode }}" >> /etc/ssl/private/revcache.key
102 when: config_ssl_key != ""
103 tags:
104 - config-changed
105
106
88 - name: Get SSL Certificate File107 - name: Get SSL Certificate File
89 shell: resource-get ssl_certificate || echo -n ""108 shell: resource-get ssl_certificate || echo -n ""
90 register: ssl_certificate109 register: ssl_certificate
@@ -118,8 +137,8 @@
118 - config-changed137 - config-changed
119138
120 - name: Copy nginx site config file139 - name: Copy nginx site config file
121 when: ssl_key.stdout == "" and 140 when: (ssl_key.stdout == "" and ssl_certificate.stdout == "") and
122 ssl_certificate.stdout == ""141 ("{{ config_ssl_key }}" == "" and "{{ config_ssl_certificate }}" == "")
123 copy:142 copy:
124 src: "{{ charm_dir }}/templates/revcache-vhost.conf"143 src: "{{ charm_dir }}/templates/revcache-vhost.conf"
125 dest: "/etc/nginx/sites-enabled/revcache"144 dest: "/etc/nginx/sites-enabled/revcache"
@@ -127,8 +146,8 @@
127 - config-changed146 - config-changed
128147
129 - name: Copy nginx site config file148 - name: Copy nginx site config file
130 when: ssl_key.stdout != "" and 149 when: (ssl_key.stdout != "" and ssl_certificate.stdout != "") or
131 ssl_certificate.stdout != ""150 ("{{ config_ssl_key }}" != "" and "{{ config_ssl_certificate }}" != "")
132 copy:151 copy:
133 src: "{{ charm_dir }}/templates/revcache-vhost-https.conf"152 src: "{{ charm_dir }}/templates/revcache-vhost-https.conf"
134 dest: "/etc/nginx/sites-enabled/revcache"153 dest: "/etc/nginx/sites-enabled/revcache"

Subscribers

People subscribed via source and target branches