Skip to content

Commit 56d41c8

Browse files
GiooDevGiooDev
committed
Story #15211: Fixing cas-server resolution while starting.
Disable ssl for ui-design-system.
1 parent a3f51e0 commit 56d41c8

File tree

5 files changed

+15
-23
lines changed

5 files changed

+15
-23
lines changed

deployment/pki/scripts/generate_certs.sh

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,6 @@ function generateCerts {
4343
generateServerAndClientCertAndStorePassphrase ui-archive-search vitamui-services
4444
generateServerAndClientCertAndStorePassphrase ui-collect vitamui-services
4545
generateServerAndClientCertAndStorePassphrase ui-pastis vitamui-services
46-
generateServerCertAndStorePassphrase ui-design-system vitamui-services
4746

4847
#Reverse
4948
generateServerCertAndStorePassphrase reverse vitamui-services

deployment/pki/scripts/generate_certs_dev.sh

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,6 @@ function generateCerts {
5353
generateServerAndClientCertAndStorePassphrase ui-archive-search vitamui-services
5454
generateServerAndClientCertAndStorePassphrase ui-pastis vitamui-services
5555
generateServerAndClientCertAndStorePassphrase ui-collect vitamui-services
56-
generateServerCertAndStorePassphrase ui-design-system vitamui-services
5756

5857
#Reverse
5958
generateServerCertAndStorePassphrase reverse vitamui-services

deployment/roles/nginx_webapp/tasks/install.yml

Lines changed: 12 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -90,20 +90,21 @@
9090
mode: "{{ vitamui_defaults.folder.conf_permission }}"
9191
notify: reload nginx
9292

93+
#### Consul configuration ####
94+
# Currently not needed as we don't use consul dns resolution for the upstream configuration
95+
# - name: "Deploy consul agent service declaration for {{ vitamui_struct.vitamui_component }} service"
96+
# template:
97+
# src: service-componentid.json.j2
98+
# dest: "{{ consul.conf_folder | default(consul_folder_conf) }}/service-{{ vitamui_struct.vitamui_component }}.json"
99+
# owner: "{{ vitam_defaults.users.vitam }}"
100+
# group: "{{ vitam_defaults.users.group }}"
101+
# mode: "{{ '0644' if install_mode == 'container' else vitam_defaults.folder.conf_permission }}"
102+
# tags: consul_conf
103+
# notify: nginx_webapp - reload consul configuration
104+
93105
when: vitamui_struct.secure | default(secure) | bool
94106

95107
- name: Ensure nginx is started
96108
systemd:
97109
name: nginx
98110
state: started
99-
100-
#### Consul configuration ####
101-
- name: "Deploy consul agent service declaration for {{ vitamui_struct.vitamui_component }} service"
102-
template:
103-
src: service-componentid.json.j2
104-
dest: "{{ consul.conf_folder | default(consul_folder_conf) }}/service-{{ vitamui_struct.vitamui_component }}.json"
105-
owner: "{{ vitam_defaults.users.vitam }}"
106-
group: "{{ vitam_defaults.users.group }}"
107-
mode: "{{ '0644' if install_mode == 'container' else vitam_defaults.folder.conf_permission }}"
108-
tags: consul_conf
109-
notify: nginx_webapp - reload consul configuration

deployment/roles/reverse/templates/nginx/conf.d/vhosts.conf.j2

Lines changed: 1 addition & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -143,12 +143,7 @@ server {
143143
# DESIGN SYSTEM
144144
location /design-system {
145145
rewrite /design-system/(.*) /$1 break;
146-
# set $ui_design_system_dns "vitamui-{{ vitamui.ui_design_system.vitamui_component }}.service.{{ consul_domain }}";
147-
# proxy_ssl_name $ui_design_system_dns;
148-
# proxy_set_header Host $ui_design_system_dns;
149-
# proxy_pass {{ 'https' if vitamui.ui_design_system.secure | default(secure) | bool else 'http' }}://$ui_design_system_dns:{{ vitamui.ui_design_system.port_service }};
150-
151-
proxy_pass {{ 'https' if vitamui.ui_design_system.secure | default(secure) | bool else 'http' }}://DESIGN_SYSTEM;
146+
proxy_pass http://DESIGN_SYSTEM;
152147
include {{ nginx_conf_dir }}/proxy_params;
153148
}
154149
{% endif %}
@@ -160,8 +155,6 @@ server {
160155

161156
location ~ ^/cas/(login|logout|extras|webjars|css|icons|favicon|images|js|serviceValidate|oauth2.0|clientredirect|oidc) {
162157
set $cas_server_dns "vitamui-{{ vitamui.cas_server.vitamui_component }}.service.{{ consul_domain }}";
163-
# proxy_ssl_name $cas_server_dns;
164-
# proxy_set_header Host $cas_server_dns;
165158
proxy_pass {{ 'https' if vitamui.cas_server.secure | default(secure) | bool else 'http' }}://$cas_server_dns:{{ vitamui.cas_server.port_service }};
166159

167160
#proxy_pass {{ 'https' if vitamui.cas_server.secure | default(secure) | bool else 'http' }}://CAS; # error: upstream SSL certificate does not match "CAS" while SSL handshaking to upstream

deployment/roles/vitamui/templates/cas-server/application.yml.j2

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -63,8 +63,8 @@ vitamui.cas.identity: cas
6363
iam-client:
6464
server-host: {{ vitamui.iam.host }}
6565
server-port: {{ vitamui.iam.port_service }}
66-
{% if vitamui.iam.secure | default(secure) | bool == true %}
67-
secure: {{ vitamui.iam.secure | default(secure) | lower }}
66+
{% if vitamui.iam.secure | default(secure) | bool %}
67+
secure: true
6868
ssl-configuration:
6969
keystore:
7070
key-path: {{ vitamui_folder_conf }}/keystore_client_{{ vitamui_struct.vitamui_component }}.jks

0 commit comments

Comments
 (0)