Fixes on website apache backend

This commit is contained in:
Marc Aymerich 2015-03-10 22:27:32 +00:00
parent 340a40262f
commit 2f7861db33
5 changed files with 36 additions and 58 deletions

View file

@ -147,50 +147,49 @@ class Apache2Backend(ServiceController):
""") % context
def get_ssl(self, directives):
config = []
config = ''
ca = directives.get('ssl_ca')
if ca:
config.append("SSLCACertificateFile %s" % ca[0])
config += "SSLCACertificateFile %s\n" % ca[0]
cert = directives.get('ssl_cert')
if cert:
config.append("SSLCertificateFile %" % cert[0])
config += "SSLCertificateFile %\n" % cert[0]
key = directives.get('ssl_key')
if key:
config.append("SSLCertificateKeyFile %s" % key[0])
return '\n'.join(config)
config += "SSLCertificateKeyFile %s\n" % key[0]
return config
def get_security(self, directives):
config = []
config = ''
for rules in directives.get('sec_rule_remove', []):
for rule in rules.value.split():
config.append("SecRuleRemoveById %i" % int(rule))
config += "SecRuleRemoveById %i\n" % int(rule)
for modsecurity in directives.get('sec_rule_off', []):
config.append(textwrap.dedent("""\
config += textwrap.dedent("""\
<Location %s>
SecRuleEngine off
</LocationMatch>\
</LocationMatch>
""") % modsecurity
)
return '\n'.join(config)
return config
def get_redirects(self, directives):
config = []
config = ''
for redirect in directives.get('redirect', []):
source, target = redirect.split()
if re.match(r'^.*[\^\*\$\?\)]+.*$', redirect):
config.append("RedirectMatch %s %s" % (source, target))
config += "RedirectMatch %s %s\n" % (source, target)
else:
config.append("Redirect %s %s" % (source, target))
return '\n'.join(config)
config += "Redirect %s %s\n" % (source, target)
return config
def get_proxies(self, directives):
config = []
config = ''
for proxy in directives.get('proxy', []):
source, target = redirect.split()
source, target = proxy.split()
source = normurlpath(source)
config.append('ProxyPass %s %s' % (source, target))
config.append('ProxyPassReverse %s %s' % (source, target))
return '\n'.join(directives)
config += 'ProxyPass %s %s\n' % (source, target)
config += 'ProxyPassReverse %s %s\n' % (source, target)
return config
# def get_protections(self, site):
# protections = ''

View file

@ -1,8 +1,7 @@
from django import forms
from django.core.exceptions import ValidationError
from django.db.models import Q
from .models import Website
from .validators import validate_domain_protocol
class WebsiteAdminForm(forms.ModelForm):
@ -12,32 +11,11 @@ class WebsiteAdminForm(forms.ModelForm):
if not domains:
return self.cleaned_data
protocol = self.cleaned_data.get('protocol')
existing = []
for domain in domains.all():
if protocol == Website.HTTP:
qset = Q(
Q(protocol=Website.HTTP) |
Q(protocol=Website.HTTP_AND_HTTPS) |
Q(protocol=Website.HTTPS_ONLY)
)
elif protocol == Website.HTTPS:
qset = Q(
Q(protocol=Website.HTTPS) |
Q(protocol=Website.HTTP_AND_HTTPS) |
Q(protocol=Website.HTTPS_ONLY)
)
elif protocol in (Website.HTTP_AND_HTTPS, Website.HTTPS_ONLY):
qset = Q()
else:
raise ValidationError({
'protocol': _("Unknown protocol %s") % protocol
})
if domain.websites.filter(qset).exclude(pk=self.instance.pk).exists():
existing.append(domain.name)
if existing:
context = (', '.join(existing), protocol)
raise ValidationError({
'domains': 'A website is already defined for "%s" on protocol %s' % context
})
try:
validate_domain_protocol(self.instance, domain, protocol)
except ValidationError as e:
# TODO not sure about this one
self.add_error(None, e)
return self.cleaned_data

View file

@ -27,7 +27,9 @@ class Website(models.Model):
related_name='websites')
protocol = models.CharField(_("protocol"), max_length=16,
choices=settings.WEBSITES_PROTOCOL_CHOICES,
default=settings.WEBSITES_DEFAULT_PROTOCOL)
default=settings.WEBSITES_DEFAULT_PROTOCOL,
help_text=_("Select the protocol(s) for this website<br>"
"<tt>HTTPS only</tt> performs a redirection from <tt>http</tt> to <tt>https</tt>."))
# port = models.PositiveIntegerField(_("port"),
# choices=settings.WEBSITES_PORT_CHOICES,
# default=settings.WEBSITES_DEFAULT_PORT)

View file

@ -1,4 +1,5 @@
from django.core.exceptions import ValidationError
from django.db.models import Q
from django.shortcuts import get_object_or_404
from rest_framework import serializers
@ -7,6 +8,7 @@ from orchestra.api.serializers import HyperlinkedModelSerializer
from orchestra.apps.accounts.serializers import AccountSerializerMixin
from .models import Website, Content
from .validators import validate_domain_protocol
class RelatedDomainSerializer(AccountSerializerMixin, serializers.HyperlinkedModelSerializer):
@ -53,14 +55,11 @@ class WebsiteSerializer(AccountSerializerMixin, HyperlinkedModelSerializer):
def full_clean(self, instance):
""" Prevent multiples domains on the same port """
existing = []
for domain in instance._m2m_data['domains']:
if domain.websites.filter(port=instance.port).exclude(pk=instance.pk).exists():
existing.append(domain.name)
if existing:
context = (', '.join(existing), instance.port)
raise ValidationError({
'domains': 'A website is already defined for "%s" on port %s' % context
})
try:
validate_domain_protocol(instance, domain, instance.protocol)
except ValidationError as e:
# TODO not sure about this one
self.add_error(None, e)
return instance

View file

@ -22,7 +22,7 @@ WEBSITES_PROTOCOL_CHOICES = getattr(settings, 'WEBSITES_PROTOCOL_CHOICES', (
WEBSITES_DEFAULT_PROTOCOL = getattr(settings, 'WEBSITES_DEFAULT_PROTOCOL', 'http')
WEBSITES_DEFAULT_PORT = getattr(settings, 'WEBSITES_DEFAULT_PORT', 80)
#WEBSITES_DEFAULT_PORT = getattr(settings, 'WEBSITES_DEFAULT_PORT', 80)
WEBSITES_DEFAULT_IP = getattr(settings, 'WEBSITES_DEFAULT_IP', '*')