Commit Graph

5 Commits

Author SHA1 Message Date
James E. Blair 26d88125ef Handle SSL proxying and other fixes
Enable mod_ssl and enable proxying to ssl-terminated endpoints.

In the case where the artifact is not found, return NULL instead
of the bogus "Artifact_not_found" url, otherwise we can end up in
a loop where we continuously append that to the url.

Strip trailing slashes from the returned proxy target.  We can't
guarantee that folks won't have a '/' at the end of the artifact
url they return to Zuul (and in fact, it's probably more correct
that they do).  But our regex in mod_rewrite guarantees that we
will add a slash to it.  One sure way to handle this is just to
strip it from the data returned from Zuul if present.

Add a .dockerignore file with both itself and the Dockerfile
added, so that docker won't rebuild extra layers (like the C++
compile layer) if we just change the Dockerfile.

Change-Id: I00dfd0b6842abedf938702a816698d1c6526974d
2020-04-08 09:50:29 -07:00
James E. Blair faeda1ab85 Don't proxy urls that don't appear in the map
If a rewritemap fails to find a URL, mod_rewrite will nonetheless
continue to attempt to proxy the request; if the request has a
hostname in the URI (as it would if it were being used as a forward
proxy), then it will proxy to that URI.  The upshot is that this
was behaving as an open proxy for any URL that it didn't know about.

Correct this by "proxying" to http://localhost/notfound in all cases
where the map program fails, and then cause that URL to always fail
with a 403.

This seems a little Rube Goldberg, but I don't see another way to
deal with map failures in a rewriterule proxy.

Change-Id: I1fdace79b6059c0297dd27b6bc9ce0afa9fe1396
2020-04-06 15:02:40 -07:00
James E. Blair 7b680c18ec Use an env var for the API url 2019-02-11 08:39:01 -08:00
James E. Blair 07cd0862de Set cache size to 1024
And tweak the rewrite url.
2019-02-11 07:24:41 -08:00
James E. Blair 9b9951dff5 Run apache
Add an apache vhost config file which uses zuul-preview as a
rewritemap.

Remove extraneous output from zuul-preview.

Add an exception handler around the http code.

Remove the mutex (as we are single threaded).

Run apache as the docker CMD.
2019-02-10 17:33:27 -08:00