From 2d8d55bb9b6672ebe829b185beb05d4a399167f5 Mon Sep 17 00:00:00 2001 From: Magnus Ahltorp Date: Fri, 27 Mar 2015 17:33:35 +0100 Subject: Allow local administrator to override IP address and port for web server Closes CATLFISH-30 --- test/catlfish-test-local-1.cfg | 7 +++++++ test/catlfish-test-local-signing.cfg | 3 +++ test/catlfish-test.cfg | 10 +++++----- tools/certkeys.py | 4 ++++ tools/compileconfig.py | 21 +++++++++++++++------ 5 files changed, 34 insertions(+), 11 deletions(-) diff --git a/test/catlfish-test-local-1.cfg b/test/catlfish-test-local-1.cfg index 5e9a593..608d4c0 100644 --- a/test/catlfish-test-local-1.cfg +++ b/test/catlfish-test-local-1.cfg @@ -2,6 +2,13 @@ localnodes: - frontend-1 - storage-1 +addresses: + frontend-1: 127.0.0.1:8082 + storage-1: 127.0.0.1:8081 + +publicaddresses: + frontend-1: 127.0.0.1:8080 + paths: configdir: test/config/ knownroots: known_roots diff --git a/test/catlfish-test-local-signing.cfg b/test/catlfish-test-local-signing.cfg index 047c02b..2cc4df2 100644 --- a/test/catlfish-test-local-signing.cfg +++ b/test/catlfish-test-local-signing.cfg @@ -1,6 +1,9 @@ localnodes: - signing-1 +addresses: + signing-1: 127.0.0.1:8088 + paths: configdir: test/config/ https_certfile: catlfish/webroot/certs/webcert.pem diff --git a/test/catlfish-test.cfg b/test/catlfish-test.cfg index 7a4bb18..3131415 100644 --- a/test/catlfish-test.cfg +++ b/test/catlfish-test.cfg @@ -1,17 +1,17 @@ -baseurl: https://127.0.0.1:8080/ +baseurl: https://localhost:8080/ frontendnodes: - name: frontend-1 - publicaddress: 127.0.0.1:8080 - address: 127.0.0.1:8082 + publicaddress: localhost:8080 + address: localhost:8082 storagenodes: - name: storage-1 - address: 127.0.0.1:8081 + address: localhost:8081 signingnodes: - name: signing-1 - address: 127.0.0.1:8088 + address: localhost:8088 mergenodes: - name: merge-1 diff --git a/tools/certkeys.py b/tools/certkeys.py index 3c459e9..52d61be 100644 --- a/tools/certkeys.py +++ b/tools/certkeys.py @@ -8,6 +8,10 @@ publickeys = { "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4qWq6afhBUi0OdcWUYhyJLNXTkGqQ9" "PMS5lqoCgkV2h1ZvpNjBH2u8UbgcOQwqDo66z6BWQJGolozZYmNHE2kQ==", + "https://localhost:8080/": + "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4qWq6afhBUi0OdcWUYhyJLNXTkGqQ9" + "PMS5lqoCgkV2h1ZvpNjBH2u8UbgcOQwqDo66z6BWQJGolozZYmNHE2kQ==", + "https://flimsy.ct.nordu.net/": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4qWq6afhBUi0OdcWUYhyJLNXTkGqQ9" "PMS5lqoCgkV2h1ZvpNjBH2u8UbgcOQwqDo66z6BWQJGolozZYmNHE2kQ==", diff --git a/tools/compileconfig.py b/tools/compileconfig.py index 52f10e8..88d6b51 100755 --- a/tools/compileconfig.py +++ b/tools/compileconfig.py @@ -77,17 +77,24 @@ def get_node_config(nodename, config): sys.exit(1) return (nodetype, nodeconfig) -def gen_https_servers(nodetype, nodeconfig): +def gen_https_servers(nodetype, nodeconfig, bind_address, bind_publicaddress): + if bind_address: + (host, port) = parse_address(bind_address) + else: + (_, port) = parse_address(nodeconfig["address"]) + host = "0.0.0.0" if nodetype == "frontendnodes": - (publichost, publicport) = parse_address(nodeconfig["publicaddress"]) - (host, port) = parse_address(nodeconfig["address"]) + if bind_publicaddress: + (publichost, publicport) = parse_address(bind_publicaddress) + else: + (_, publicport) = parse_address(nodeconfig["publicaddress"]) + publichost = "0.0.0.0" + return [(Symbol("external_https_api"), publichost, publicport, Symbol("v1")), (Symbol("frontend_https_api"), host, port, Symbol("frontend"))] elif nodetype == "storagenodes": - (host, port) = parse_address(nodeconfig["address"]) return [(Symbol("storage_https_api"), host, port, Symbol("storage"))] elif nodetype == "signingnodes": - (host, port) = parse_address(nodeconfig["address"]) return [(Symbol("signing_https_api"), host, port, Symbol("signing"))] def allowed_clients_frontend(mergenodenames): @@ -136,13 +143,15 @@ def allowed_servers_frontend(signingnodenames, storagenodenames): def gen_config(nodename, config, localconfig): print "generating config for", nodename paths = localconfig["paths"] + bind_address = localconfig.get("addresses", {}).get(nodename) + bind_publicaddress = localconfig.get("publicaddresses", {}).get(nodename) options = localconfig.get("options", []) configfile = open(paths["configdir"] + nodename + ".config", "w") print >>configfile, "%% catlfish configuration file (-*- erlang -*-)" (nodetype, nodeconfig) = get_node_config(nodename, config) - https_servers = gen_https_servers(nodetype, nodeconfig) + https_servers = gen_https_servers(nodetype, nodeconfig, bind_address, bind_publicaddress) catlfishconfig = [] plopconfig = [] -- cgit v1.1