GITC-6054 Fixed SSL server name issue by making it a configuration arg

nasa-gibs · Aug 15, 2024 · 378e76c · 378e76c
1 parent 1f4bcdd
commit 378e76c
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 9 deletions.
diff --git a/docker/reproject/start_reproject.sh b/docker/reproject/start_reproject.sh
@@ -108,9 +108,7 @@ cp ../oe-status/layers/*.yaml /etc/onearth/config/layers/oe-status/
 cp ../oe-status/endpoint/oe-status_reproject.yaml /etc/onearth/config/endpoint/
 mkdir -p $(yq eval ".twms_service.internal_endpoint" /etc/onearth/config/endpoint/oe-status_reproject.yaml)
 if [ "$USE_SSL" = true ]; then
-  sed -i -e 's@http://localhost@https://'"$SERVER_NAME"'@g' /etc/onearth/config/endpoint/oe-status_reproject.yaml
-  python3 /usr/bin/oe2_reproject_configure.py /etc/onearth/config/endpoint/oe-status_reproject.yaml && \
-  sed -i -e 's@http://localhost@https://'"$SERVER_NAME"'@g' /etc/httpd/conf.d/oe-status_reproject.conf
+  python3 /usr/bin/oe2_reproject_configure.py /etc/onearth/config/endpoint/oe-status_reproject.yaml -l "https://$SERVER_NAME" >>/var/log/onearth/config.log 2>&1
 else
   python3 /usr/bin/oe2_reproject_configure.py /etc/onearth/config/endpoint/oe-status_reproject.yaml >>/var/log/onearth/config.log 2>&1
 fi
@@ -150,7 +148,11 @@ for f in $(grep -l 'reproject:' /etc/onearth/config/endpoint/*.yaml); do
 done
 
 # Run endpoint configuration in parallel
-grep -l 'reproject:' /etc/onearth/config/endpoint/*.yaml | parallel -j 4 python3 /usr/bin/oe2_reproject_configure.py {} >>/var/log/onearth/config.log 2>&1
+if [ "$USE_SSL" = true ]; then
+  grep -l 'reproject:' /etc/onearth/config/endpoint/*.yaml | parallel -j 4 python3 /usr/bin/oe2_reproject_configure.py {} -l "https://$SERVER_NAME" >>/var/log/onearth/config.log 2>&1
+else
+  grep -l 'reproject:' /etc/onearth/config/endpoint/*.yaml | parallel -j 4 python3 /usr/bin/oe2_reproject_configure.py {} >>/var/log/onearth/config.log 2>&1
+fi
 
 echo "[$(date)] Completed reproject configuration" >> /var/log/onearth/config.log
 

diff --git a/src/modules/mod_wmts_wrapper/configure_tool/README.md b/src/modules/mod_wmts_wrapper/configure_tool/README.md
@@ -17,7 +17,7 @@ used.
 
 ## Requirements
 
-- Python 3.6
+- Python >=3.6
 - OnEarth 2 modules (`mod_wmts_wrapper, mod_mrf, mod_receive, mod_twms`)
   compiled and installed.
 - `mod_proxy` installed.
@@ -201,7 +201,7 @@ reproject imagery.
 
 ## Requirements
 
-- Python 3.6
+- Python >=3.6
 - OnEarth 2 modules (`mod_wmts_wrapper, mod_reproject, mod_receive, mod_twms`)
   compiled and installed.
 - `mod_proxy` installed.
@@ -223,6 +223,7 @@ This tool requires configuration files to work:
 
 - endpoint config -- contains information about how the WMTS and TWMS endpoints
   should be set up in Apache.
+- local_addr -- local address for tile services (required for SSL) default: "http://172.17.0.1" (Docker host)
 
 Note that Apache must be restarted for new configurations to take effect. This
 command may need to be run as `sudo` depending on the permission settings for
@@ -293,7 +294,7 @@ command line parameter.
 reprojected to. Note that this projection must have Tile Matrix Sets configured
 in the Tile Matrix Set definition file.
 - `source_gc_uri` (required) -- If a reproject endpoint, this is the URI of the source WMTS GetCapabilities endpoint.
-- `replace_with_local` (optional) -- Replace matching host names with local Docker host IP 172.17.0.1 so that connections stay local
+- `replace_with_local` (optional) -- Replace matching host names with local Docker host IP 172.17.0.1 (or custom server name, if different) so that connections stay local
 
 **wmts_service options**
 

diff --git a/src/modules/mod_wmts_wrapper/configure_tool/oe2_reproject_configure.py b/src/modules/mod_wmts_wrapper/configure_tool/oe2_reproject_configure.py
@@ -655,7 +655,7 @@ def build_configs(endpoint_config):
     if endpoint_config['reproject']['replace_with_local']:
         replace_with_local = endpoint_config['reproject']['replace_with_local']
         if 'https:' in replace_with_local:
-            set_local_addr('https://172.17.0.1')
+            set_local_addr(LOCAL_ADDR.replace('http:', 'https:'))
         source_gc_uri = source_gc_uri.replace(replace_with_local, LOCAL_ADDR)
     else:
         print(
@@ -869,9 +869,17 @@ def build_configs(endpoint_config):
         '--tms_defs',
         type=str,
         help='TileMatrixSets definition XML file')
+    parser.add_argument(
+        '-l',
+        '--local_addr',
+        default='http://172.17.0.1',
+        type=str,
+        help='Local address for tile services')
     args = parser.parse_args()
 
     endpoint_config = yaml.safe_load(Path(args.endpoint_config).read_text())
     if args.tms_defs:
         endpoint_config['tms_defs_file'] = args.tms_defs
+    if args.local_addr:
+        set_local_addr(args.local_addr)
     build_configs(endpoint_config)
diff --git a/version.sh b/version.sh
@@ -4,4 +4,4 @@
 export ONEARTH_VERSION=2.8.3 # This must be manually incremented with each OnEarth version
 
 # The onearth release to use in the Docker image tag (e.g. onearth-wms:{ONEARTH_VERSION}-{ONEARTH_RELEASE}).
-export ONEARTH_RELEASE=2 # This must be manually incremented with each OnEarth build
+export ONEARTH_RELEASE=3 # This must be manually incremented with each OnEarth build