stop using unix-sockets and adapt Giovanni's apache script

materialscloud-org · Oct 4, 2023 · cb19b9a · cb19b9a
1 parent 48c9dbe
commit cb19b9a
Show file tree

Hide file tree

Showing 5 changed files with 296 additions and 215 deletions.
diff --git a/scripts/generate_apache_file.py b/scripts/generate_apache_file.py
diff --git a/src/mcloud_implementation/apache-vhosts-sockets.conf b/src/mcloud_implementation/apache-vhosts-sockets.conf
@@ -0,0 +1,87 @@
+<VirtualHost *:80>
+    ServerName dev-optimade.materialscloud.org
+
+    # Let's encrypt certbot ACME challenge for certificate renewal
+    Alias /.well-known/acme-challenge /var/www/letsencrypt/.well-known/acme-challenge
+    <Directory /var/www/letsencrypt/.well-known/acme-challenge>
+        Order allow,deny
+        Allow from all
+    </Directory>
+
+    # redirect all traffic to SSL, unless a specific VirtualHost for *:80 is specified,
+    # which would take precedence over the default virtual host.
+    # Make an exception for the location required for the Letsencrypt/ACME client challenge file
+    RewriteEngine on
+    RewriteCond %{HTTPS} !=on
+    RewriteCond %{REQUEST_URI} !/.well-known/acme-challenge
+    RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
+
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName dev-optimade.materialscloud.org
+
+    # Let's encrypt SSL certificate
+    SSLEngine on
+    SSLCertificateFile   /etc/letsencrypt/live/dev-optimade.materialscloud.org/fullchain.pem
+    SSLCertificateKeyFile  /etc/letsencrypt/live/dev-optimade.materialscloud.org/privkey.pem
+
+
+    DocumentRoot /var/www/html
+    <Directory /var/www/html>
+        Options Indexes FollowSymLinks
+        AllowOverride All
+        Require all granted
+    </Directory>
+
+    ProxyPreserveHost  On
+
+    # Log redirection
+    LogLevel alert rewrite:trace3
+
+    # Define a custom log format including Apache variables (%U is REQUEST_URI)
+    LogFormat "%h %l %u %t \"%r\" %>s %b %{Host}i %U" custom_log
+    CustomLog /var/log/apache2/access.log custom_log
+
+    # ----
+    # index metadb
+    ProxyPass /index http://localhost:3214
+    ProxyPassReverse /index http://localhost:3214
+    # ----
+
+    RewriteEngine On
+
+    # ---------------------------
+    # Direct /archive/$1/$2 to the corresponding unix socket $1.sock
+    # This seems to work...
+
+    # always append a trailing slash
+    RewriteRule ^/{URL}$ /{URL}/ [R=301,L]
+
+    # don't process files or directories
+    RewriteCond %{REQUEST_FILENAME} !-f
+    RewriteCond %{REQUEST_FILENAME} !-d
+
+    # don't process the root path
+    RewriteCond %{REQUEST_URI} !^/$
+    RewriteCond %{REQUEST_URI} !^/index.html$
+
+    # The following could be used to check if files corresponding to URI exists, but
+    # unfortunately this only works with regular files (not unix sockets)
+    #RewriteCond %{REQUEST_URI} ^/([^/]+)/?(.*)$
+    # check that socket corresponding to $1 exists
+    #RewriteCond /home/ubuntu/sockets/$1.sock -f
+
+    # redirect to the socket
+    RewriteRule ^/archive/([^/]+)/?(.*)$ unix:/home/ubuntu/optimade-sockets/$1.sock|http://127.0.0.1/$2 [QSA,P]
+
+    # PROBLEM:
+    # The RewriteRule above doesn't pass through the query parameters (although QSA is specified)
+    # and I didn't find a way to fix it. Interestingly, when using a using a normal proxy, the
+    # query parameters are passed correctly, e.g.
+    # ProxyPass /test unix:/home/ubuntu/optimade-sockets/test.sock|http://127.0.0.1/v1/structures
+    # ProxyPassReverse /test unix:/home/ubuntu/optimade-sockets/test.sock|http://127.0.0.1/v1/structures
+
+    # ---------------------------
+
+</VirtualHost>