Portal:Cloud VPS/Admin/Web proxy
< Portal:Cloud VPS | Admin
The web proxy (aka dynamicproxy aka novaproxy aka Yuviproxy) mechanism powers the Cloud VPS web proxy service. It's powered by Nginx, OpenResty, a Redis backend and a Python API to manage it. The setup is hosted in the project-proxy
Cloud VPS project.
How to
Enable per-project subdomain delegation
To enable the use of a delegated wmcloud.org subdomain on the proxy, follow these steps:
- Ensure a subdomain delegation is a good idea for the specific use case.
- Delegate the specific subdomain in Designate to the project using wmcs-makedomain if it's not delegated already. To check, see the domain listing in Horizon or in openstack-browser for that specific project.
- Provision the TLS certificates in the
project-proxy-acme-chief
prefix hiera:- Add the project ID to
profile::acme_chief::cloud::designate_sync_project_names
if not there already. - Add the names to an existing
profile::acme_chief::certificates
entry if there's a related zone already configured or add a new certificate definition. By convention, custom domains have certificates with names starting withcustom
, e.g.customtools
for Toolforge and Toolsbeta.
- Add the project ID to
- Run Puppet on the active project-proxy acme-chief host.
- Add the zone to
profile::wmcs::novaproxy::supported_zones
in theproxy
Hiera prefix. - Run Puppet on the proxy instances, starting with the passive.