diff options
| author | Pascal Terjan <pterjan@mageia.org> | 2020-06-28 20:48:06 +0000 |
|---|---|---|
| committer | Pascal Terjan <pterjan@mageia.org> | 2020-06-28 20:48:06 +0000 |
| commit | ec92e347631abc76485aae135691d93e707dcc4b (patch) | |
| tree | e0c6a2aa3653d1e30431363299485f5d30304604 | |
| parent | b25a543dfd218cc5725d82fec4dbd9af1f50564b (diff) | |
| download | puppet-ec92e347631abc76485aae135691d93e707dcc4b.tar puppet-ec92e347631abc76485aae135691d93e707dcc4b.tar.gz puppet-ec92e347631abc76485aae135691d93e707dcc4b.tar.bz2 puppet-ec92e347631abc76485aae135691d93e707dcc4b.tar.xz puppet-ec92e347631abc76485aae135691d93e707dcc4b.zip | |
Simplify repository vhost
We use the same access list for all versions of the distribution
on the HTPP server (our internal machines) so there is no reason
to duplicate it per distro.
This also allows to access files at the top level directory (like
mageia_timestamp).
| -rw-r--r-- | deployment/mga_buildsystem/manifests/config.pp | 12 | ||||
| -rw-r--r-- | modules/buildsystem/templates/vhost_repository.conf | 18 |
2 files changed, 12 insertions, 18 deletions
diff --git a/deployment/mga_buildsystem/manifests/config.pp b/deployment/mga_buildsystem/manifests/config.pp index d33c7d25..4200f614 100644 --- a/deployment/mga_buildsystem/manifests/config.pp +++ b/deployment/mga_buildsystem/manifests/config.pp @@ -400,6 +400,8 @@ class mga_buildsystem::config { class { 'buildsystem::var::distros': default_distro => 'cauldron', + repo_allow_from_ips => $repo_allow_from_ips, + repo_allow_from_domains => $repo_allow_from_domains, distros => { 'cauldron' => { 'arch' => concat($std_arch, ['armv7hl', 'aarch64']), @@ -411,8 +413,6 @@ class mga_buildsystem::config { 'version' => '8', 'submit_allowed' => "${svn_root_packages}/cauldron", 'macros' => $std_macros, - 'repo_allow_from_ips' => $repo_allow_from_ips, - 'repo_allow_from_domains' => $repo_allow_from_domains, 'youri' => { 'upload' => { 'targets' => $cauldron_youri_upload_targets, @@ -441,8 +441,6 @@ class mga_buildsystem::config { 'submit_allowed' => "${svn_root_packages}/updates/6", 'backports_allowed' => "${svn_root_packages}/backports/6", 'macros' => $std_macros, - 'repo_allow_from_ips' => $repo_allow_from_ips, - 'repo_allow_from_domains' => $repo_allow_from_domains, 'youri' => { 'upload' => { 'targets' => $mga6_youri_upload_targets, @@ -471,8 +469,6 @@ class mga_buildsystem::config { 'submit_allowed' => "${svn_root_packages}/updates/7", 'backports_allowed' => "${svn_root_packages}/backports/7", 'macros' => $std_macros, - 'repo_allow_from_ips' => $repo_allow_from_ips, - 'repo_allow_from_domains' => $repo_allow_from_domains, 'youri' => { 'upload' => { 'targets' => $mga7_youri_upload_targets, @@ -503,8 +499,6 @@ class mga_buildsystem::config { 'core' => [ 'release', 'updates' ], }, }, - 'repo_allow_from_ips' => $repo_allow_from_ips, - 'repo_allow_from_domains' => $repo_allow_from_domains, 'youri' => { 'upload' => { 'targets' => $infra_youri_upload_targets, @@ -536,8 +530,6 @@ class mga_buildsystem::config { 'core' => [ 'release', 'updates' ], }, }, - 'repo_allow_from_ips' => $repo_allow_from_ips, - 'repo_allow_from_domains' => $repo_allow_from_domains, 'youri' => { 'upload' => { 'targets' => $infra_youri_upload_targets, diff --git a/modules/buildsystem/templates/vhost_repository.conf b/modules/buildsystem/templates/vhost_repository.conf index b5f2fa04..0e50d78b 100644 --- a/modules/buildsystem/templates/vhost_repository.conf +++ b/modules/buildsystem/templates/vhost_repository.conf @@ -3,6 +3,8 @@ mirror_root = scope.lookupvar('buildsystem::var::repository::mirror_root') mirror_reporoot = scope.lookupvar('buildsystem::var::repository::mirror_reporoot') bootstrap_reporoot = scope.lookupvar('buildsystem::var::repository::bootstrap_reporoot') distribdir = scope.lookupvar('buildsystem::var::repository::distribdir') +repo_allow_from_ips = scope.lookupvar('buildsystem::var::distros::repo_allow_from_ips') +repo_allow_from_domains = scope.lookupvar('buildsystem::var::distros::repo_allow_from_ips') distros = scope.lookupvar('buildsystem::var::distros::distros') -%> <VirtualHost *:80> @@ -18,9 +20,7 @@ distros = scope.lookupvar('buildsystem::var::distros::distros') RewriteRule ^/qa/checksrpm/ - [L,G] <%- - distros.keys.sort.each{|distroname| - distro = distros[distroname] - if distro['repo_allow_from_ips'] != nil || distro['repo_allow_from_domains'] != nil then + if repo_allow_from_ips != nil || repo_allow_from_domains != nil then access_requires = [ 'all denied' ] if distro['repo_allow_from_ips'] != nil then for allow in distro['repo_allow_from_ips'] do @@ -36,13 +36,15 @@ distros = scope.lookupvar('buildsystem::var::distros::distros') access_requires = [ 'all granted' ] end %> - Alias /bootstrap/<%= distroname %>/ "<%= bootstrap_reporoot %>/<%= distroname %>/" - -<%- if distro['no_mirror'] -%> + Alias /bootstrap/ "<%= bootstrap_reporoot %>/" +<%- + distros.keys.sort.each{|distroname| + distro = distros[distroname] + if distro['no_mirror'] -%> Alias /<%= distribdir %>/<%= distroname %>/ "<%= bootstrap_reporoot %>/<%= distroname %>/" <%- end -%> - <Directory <%= bootstrap_reporoot %>/<%= distroname %>> + <Directory <%= bootstrap_reporoot %>> Header append Cache-Control "public, must-revalidate" <%- for req in access_requires do @@ -54,7 +56,7 @@ distros = scope.lookupvar('buildsystem::var::distros::distros') Options Indexes FollowSymLinks </Directory> - <Directory <%= mirror_reporoot %>/<%= distroname %>> + <Directory <%= mirror_reporoot %>> Header append Cache-Control "public, must-revalidate" <%- for req in access_requires do |