yellow team mailing list archive

[Francesco Banconi <francesco.banconi@xxxxxxxxxxxxx>]

Francesco Banconi has proposed merging lp:~frankban/charms/precise/juju-gui/bug-1095281-restore-tls into lp:~juju-gui/charms/precise/juju-gui/trunk.

Requested reviews:
  Juju GUI Hackers (juju-gui)
Related bugs:
  Bug #1095281 in juju-gui: "Restore TLS in the charm"
  https://bugs.launchpad.net/juju-gui/+bug/1095281

For more details, see:
https://code.launchpad.net/~frankban/charms/precise/juju-gui/bug-1095281-restore-tls/+merge/141646

Restore TLS in the charm

Now the charm is served using SSL again.

https://codereview.appspot.com/7026046/

-- 
https://code.launchpad.net/~frankban/charms/precise/juju-gui/bug-1095281-restore-tls/+merge/141646
Your team Juju GUI Hackers is requested to review the proposed merge of lp:~frankban/charms/precise/juju-gui/bug-1095281-restore-tls into lp:~juju-gui/charms/precise/juju-gui/trunk.

=== modified file 'README.md'
--- README.md	2012-12-20 18:02:44 +0000
+++ README.md	2013-01-02 17:08:22 +0000
@@ -58,9 +58,7 @@
             machine: 1
             open-ports:
             - 80/tcp
-            <!--- Uncomment when TLS connections are re-enabled.
             - 443/tcp
-            -->
             - 8080/tcp
             public-address: ec2-204-236-250-8.compute-1.amazonaws.com
 

=== modified file 'config/config.js.template'
--- config/config.js.template	2012-11-30 16:36:47 +0000
+++ config/config.js.template	2013-01-02 17:08:22 +0000
@@ -5,6 +5,6 @@
   container: '#main',
   viewContainer: '#main',
   transitions: false,
-  charm_store_url: 'http://jujucharms.com/',
+  charm_store_url: 'https://jujucharms.com/',
   socket_url: 'ws://%(address)s:%(port)s/ws'
 };

=== modified file 'config/nginx.conf.template'
--- config/nginx.conf.template	2012-12-21 15:22:50 +0000
+++ config/nginx.conf.template	2013-01-02 17:08:22 +0000
@@ -1,20 +1,16 @@
-# Uncomment to switch back to TLS connections.
-# server {
-#     listen 80;
-#     server_name _;
-#     return 301 https://$host$request_uri;
-# }
+server {
+    listen 80;
+    server_name _;
+    return 301 https://$host$request_uri;
+}
 
 server {
-    # Uncomment to switch back to TLS connections.
-    # listen 443 default_server ssl;
-    listen 80;  # Delete this line when TLS connections are re-enabled.
+    listen 443 default_server ssl;
     server_name _;
     root %(server_root)s;
     index index.html;
-    # Uncomment to switch back to TLS connections.
-    # ssl_certificate %(ssl_cert_path)s/server.pem;
-    # ssl_certificate_key %(ssl_cert_path)s/server.key;
+    ssl_certificate %(ssl_cert_path)s/server.pem;
+    ssl_certificate_key %(ssl_cert_path)s/server.key;
 
     # Serve static assets.
     location ^~ /juju-ui/ {

=== modified file 'hooks/start'
--- hooks/start	2012-12-21 16:32:53 +0000
+++ hooks/start	2013-01-02 17:08:22 +0000
@@ -21,8 +21,7 @@
     log('Exposing services.')
     # Open the Juju GUI web server HTTP and HTTPS ports.
     open_port(80)
-    # Uncomment to switch back to TLS connections.
-    # open_port(443)
+    open_port(443)
     # Open the Juju websocket server port.
     open_port(juju_api_port)
 

=== modified file 'tests/deploy.test'
--- tests/deploy.test	2012-12-20 18:02:44 +0000
+++ tests/deploy.test	2013-01-02 17:08:22 +0000
@@ -35,7 +35,7 @@
 
     def setUp(self):
         self.charm = 'juju-gui'
-        self.port = '80'  # Set to 443 when TLS connections are re-enabled.
+        self.port = '443'
 
     def tearDown(self):
         juju('destroy-service', self.charm)
@@ -53,8 +53,7 @@
 
     def check_services(self, hostname, ws_port=8080):
         """Check the services are listening on their tcp ports."""
-        # Use https below when TLS connections are re-enabled.
-        url = 'http://{0}:{1}'.format(hostname, self.port)
+        url = 'https://{0}:{1}'.format(hostname, self.port)
         response = open_url(url)
         self.assertEqual(200, response.getcode())
         ws_url = 'http://{0}:{1}/ws'.format(hostname, ws_port)