-
Notifications
You must be signed in to change notification settings - Fork 118
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
reorganize the internal structure #428
Conversation
/test-ubuntu-integration-main |
/test-centos-integration-main |
/test-ubuntu-integration-main |
/test-ubuntu-integration-main |
/hold |
/test-ubuntu-integration-main |
/hold cancel |
/approve |
|
||
LogLevel warn | ||
|
||
<IfModule log_config_module> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Everything below this line seems to be repeating the defaults or at least stuff that is not metal3-specific. Do we really need it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have no strong option about that, I am happy to change it if it is useless, I just copied everything over from the previous config that were not modified by the "sed"s
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was looking into these some of these are not hard coded defaults, I think neither the logging nor the mime types are the hard coded defaults.
When I have more time I could go through this file and remove options that match the hard coded defaults. I will also turn EnableSendfile on configurable in a followup anyways.
But for now I would like to merge this and not delay the merger further by introducing test failures that might result from deleting something here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
One question inline.
COPY ironic-config/httpd-modules.conf /etc/httpd/conf.modules.d/ | ||
COPY ironic-config/apache2-ironic-api.conf.j2 /etc/httpd-ironic-api.conf.j2 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
so this configuration file is not needed anymore?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it has been moved up a bit to L49 https://github.com/metal3-io/ironic-image/pull/428/files#diff-dd2c0eb6ea5cfc6c4bd4eac30934e2d5746747af48fef6da689e85b752f39557R49
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One typo, plus the servername pointed out earlier is still to be fixed.
eff31e4
to
d6bbe0b
Compare
/test-ubuntu-integration-main |
This commit: - provides a more strict access controll for the httpd ditectories - blocks access to the ftp directories via http paths - removes unused legacy code (mainly related to ignition and coreOS) - where possible 'sed' commands have been removed and replaced with jinja templates - httpd configuration has been modifed to better utilize the modular nature of apache configuration files - environment variable controlled switch has been introduced to the allow/block serving /shared/html/images when "runhttpd" is in use
d6bbe0b
to
4eb43fa
Compare
/test-ubuntu-integration-main |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
OCPBUGS-23939: Firmware interface
This commit:
This PR is also a preparatory work before image-server basic auth and iPXE hardening is introduced.