yellow team mailing list archive
-
yellow team
-
Mailing list archive
-
Message #02041
Re: Serve the GUI assets over HTTPS (issue 6940084)
Uhm. It looks like the OpenSSl commands in the nginx are suboptimal, or
obsolete, or both. I like the conciseness in the superuser.com solution:
I applied that one, and the other changes you suggested.
I will test this all better manually before landing. Thanks.
https://codereview.appspot.com/6940084/diff/6009/config/nginx.conf.template
File config/nginx.conf.template (right):
https://codereview.appspot.com/6940084/diff/6009/config/nginx.conf.template#newcode1
config/nginx.conf.template:1: server {
On 2012/12/19 03:55:52, gary.poster wrote:
> As we discussed, please add a redirect from port 80 to port 443, and
then
> re-expose port 80 in the docs and code (in addition to port 443).
Done.
https://codereview.appspot.com/6940084/diff/6009/config/nginx.conf.template#newcode6
config/nginx.conf.template:6: ssl_certificate
/etc/ssl/private/juju-gui/server.pem
On 2012/12/19 03:55:52, gary.poster wrote:
> You need to terminate this with a semicolon.
Done.
https://codereview.appspot.com/6940084/diff/6009/config/nginx.conf.template#newcode7
config/nginx.conf.template:7: ssl_certificate_key
/etc/ssl/private/juju-gui/server.key
On 2012/12/19 03:55:52, gary.poster wrote:
> This one needs a semicolon too.
Done.
https://codereview.appspot.com/6940084/diff/6009/hooks/utils.py
File hooks/utils.py (right):
https://codereview.appspot.com/6940084/diff/6009/hooks/utils.py#newcode25
hooks/utils.py:25: command,
On 2012/12/19 03:55:52, gary.poster wrote:
> Please also import environ...
Done.
https://codereview.appspot.com/6940084/diff/6009/hooks/utils.py#newcode228
hooks/utils.py:228: os.makedirs(ssl_cert_path)
On 2012/12/19 03:55:52, gary.poster wrote:
> To make debugging easier, I suggest only creating the directory if it
does not
> exist. See http://pastebin.ubuntu.com/1449174/ for example.
Done.
https://codereview.appspot.com/6940084/diff/6009/hooks/utils.py#newcode230
hooks/utils.py:230: cmd_log(run('openssl', 'genrsa', '-des3', '-out',
key_path, '1024'))
On 2012/12/19 03:55:52, gary.poster wrote:
> This is interactive, and fails.
> See http://pastebin.ubuntu.com/1449174/ for an approach that
eliminates this
> problem and seems simpler.
Done.
https://codereview.appspot.com/6940084/diff/6009/hooks/utils.py#newcode233
hooks/utils.py:233: cmd_log(run('openssl', 'req', '-new', '-key',
key_path, '-out',
On 2012/12/19 03:55:52, gary.poster wrote:
> This is interactive, and fails.
> See http://pastebin.ubuntu.com/1449174/ for an approach that
eliminates this
> problem and seems simpler.
Done.
https://codereview.appspot.com/6940084/
--
https://code.launchpad.net/~teknico/charms/precise/juju-gui/serve-via-https/+merge/140511
Your team Juju GUI Hackers is requested to review the proposed merge of lp:~teknico/charms/precise/juju-gui/serve-via-https into lp:~juju-gui/charms/precise/juju-gui/trunk.
References
