On 10/31/2016 01:54 PM, Aline Manera wrote:
Hi Ramon,
On 10/26/2016 03:27 PM, Ramon Medeiros wrote:
>
> Propose:
>
> Do not regenerate wok.conf at nginx at startup of wok.
>
> Questions:
>
> 1) The wok.conf will be generated at make ? And then copied at make rpm?
It will follow the same approach of the logrotate file.
There will be a nginx/wok.conf on source code that would be copy as-is
to /etc/nginx/conf.d on wok installation.
Today, when Wok starts up, the SSL certificate is generated and the
path is used by nginx/wok.conf
ssl_certificate ${cert_pem};
ssl_certificate_key ${cert_key};
You will need to have this path set as default and on package
installation, probably on post installation section, those 2 files
should be generated (or install empty files and let wok generated the
certificate on start up ?)
We also need to think when running wokd from source code. The
nginx/wok.conf will point to a specific path and on start up the
certificate will be generated?
>
> 2) If using make to generate it, how development run (when running
> from git), will work? The developer must copy wok.conf to nginx
> directory?
>
You can identify if wok is running from a installed system or not and
if not create a syslink to /etc/nginx/conf.d
> 3) The [server] configuration at wok.conf will be removed? letting to
> the user to change parameters?
Most of the [server] configuration will be removed.
We have today is:
[server]
# Hostname or IP address to listen on
#host = 0.0.0.0
# Port to listen on
#port = 8000
# Start an SSL-enabled server on the given port
#ssl_port = 8001
# Allow user disables HTTP port. In that case, all the connections
# will be done directly through HTTPS port (values: true|false)
#https_only = false
# Cherrypy server port
#cherrypy_port = 8010
# Port for websocket proxy to listen on
#websockets_port = 64667
# Number of minutes that a session can remain idle before the server
# terminates it automatically.
#session_timeout = 10
# The full path to an SSL Certificate or chain of certificates in
# PEM format. When a chain is used, the server's certificate must be
# the first certificate in the file with the chain concatenated into
# the end of that certificate. If left unspecified, Wok will generate
# a self-signed certificate automatically.
#ssl_cert =
# The corresponding private key in PEM format for the SSL Certificate
supplied
# above. If left blank, Wok will generate a self-signed certificate.
#ssl_key =
# Running environment of the server
#environment = production
# Max request body size in KB, default value is 4GB
#max_body_size = 4 * 1024 * 1024
# Wok server root. Set the following variable to configure any
relative path to
# the server. For example, to have Wok pointing to
https://localhost:8001/wok/
# uncomment the following:
#server_root=/wok
All the red parameters should be removed and keep those in black.
It implies in remove all the occurrences on code about parameters that
will be removed.
Please, also add a comment on server_root parameter informing user,
he/she will need to update the nginx/wok.conf file if this value is
changed too.
And do not forget to update the man page docs/kimchid.8.in
> --
>
> Ramon Nunes Medeiros
> Kimchi Developer
> Linux Technology Center Brazil
> IBM Systems & Technology Group
> Phone : +55 19 2132 7878
> ramonn(a)br.ibm.com
>
>
> _______________________________________________
> Kimchi-devel mailing list
> Kimchi-devel(a)ovirt.org
>
http://lists.ovirt.org/mailman/listinfo/kimchi-devel
_______________________________________________
Kimchi-devel mailing list
Kimchi-devel(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/kimchi-devel