apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
cloudstack/systemvm/debian/opt/cloud/bin/setup/secstorage.sh
Pearl Dsilva 890386e949
Allow custom NTP servers for CPVM (#11210)
2025-07-25 15:21:06 +02:00

93 lines
3.2 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
. /opt/cloud/bin/setup/common.sh
setup_secstorage() {
log_it "Setting up secondary storage system vm"
echo "cloud apache2 nfs-common portmap" > /var/cache/cloud/enabled_svcs
echo "conntrackd keepalived haproxy dnsmasq" > /var/cache/cloud/disabled_svcs
mkdir -p /var/log/cloud
setup_storage_network
setup_system_rfc1918_internal
log_it "Setting up entry in hosts"
sed -i /$NAME/d /etc/hosts
public_ip=`getPublicIp`
echo "$public_ip $NAME" >> /etc/hosts
log_it "Applying iptables rules"
cp /etc/iptables/iptables-secstorage /etc/iptables/rules.v4
log_it "Configuring apache2"
setup_apache2 $ETH2_IP
# Deprecated, should move to Cs Python all of it
sed -e "s/<VirtualHost .*:8180>/<VirtualHost $ETH2_IP:80>/" \
-e "s/<VirtualHost .*:8443>/<VirtualHost $ETH2_IP:443>/" \
-e "s/Listen .*:8180/Listen $ETH2_IP:80/g" \
-e "s/Listen .*:8443/Listen $ETH2_IP:443/g" /etc/apache2/vhost.template > /etc/apache2/sites-enabled/vhost-${ETH2_IP}.conf
log_it "Setting up apache2 for post upload of volume/template"
a2enmod proxy
a2enmod proxy_http
a2enmod headers
if [ -z $USEHTTPS ] | $USEHTTPS ; then
if [ -f /etc/apache2/http.conf ]; then
rm -rf /etc/apache2/http.conf
fi
cat >/etc/apache2/https.conf <<HTTPS
RewriteEngine On
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_METHOD} =POST
RewriteRule ^/upload/(.*) http://127.0.0.1:8210/upload?uuid=\$1 [P,L]
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, OPTIONS"
Header always set Access-Control-Allow-Headers "x-requested-with, content-type, origin, authorization, accept, client-security-token, x-signature, x-metadata, x-expires"
HTTPS
else
if [ -f /etc/apache2/https.conf ]; then
rm -rf /etc/apache2/https.conf
fi
cat >/etc/apache2/http.conf <<HTTP
RewriteEngine On
RewriteCond %{REQUEST_METHOD} =POST
RewriteRule ^/upload/(.*) http://127.0.0.1:8210/upload?uuid=\$1 [P,L]
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, OPTIONS"
Header always set Access-Control-Allow-Headers "x-requested-with, content-type, origin, authorization, accept, client-security-token, x-signature, x-metadata, x-expires"
HTTP
fi
disable_rpfilter
enable_fwding 0
enable_irqbalance 0
setup_ntp
systemctl restart ntp
rm -f /etc/logrotate.d/cloud
}
setup_secstorage
# System VMs are patched during bootstrap
. /opt/cloud/bin/setup/patch.sh && patch_system_vm
Reference in New Issue View Git Blame Copy Permalink