From 5bf76f78a2eaa11ab18edb0c3fe9fdc78e6368c0 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Javier=20B=C3=A9rtoli?= <javier@netmanagers.com.ar>
Date: Mon, 17 May 2021 15:20:33 -0300
Subject: [PATCH] test(examples): nginx config examples for webshells

---
 .../controller/controls/resources_spec.rb     |  2 +-
 test/salt/pillar/arvados.sls                  |  2 +-
 .../examples/nginx_webshell_configuration.sls | 39 ++++++++++++++++---
 .../nginx_workbench_configuration.sls         |  3 +-
 4 files changed, 36 insertions(+), 10 deletions(-)

diff --git a/test/integration/controller/controls/resources_spec.rb b/test/integration/controller/controls/resources_spec.rb
index 2d05a1e..8d21752 100644
--- a/test/integration/controller/controls/resources_spec.rb
+++ b/test/integration/controller/controls/resources_spec.rb
@@ -20,7 +20,7 @@ control 'arvados api resources' do
 
   %w[
     webshell1
-    webshell2
+    shell.internal
     webshell3
   ].each do |vm|
     describe "virtual machine #{vm}" do
diff --git a/test/salt/pillar/arvados.sls b/test/salt/pillar/arvados.sls
index 81d22d4..6ba0d1f 100644
--- a/test/salt/pillar/arvados.sls
+++ b/test/salt/pillar/arvados.sls
@@ -61,7 +61,7 @@ arvados:
           name: webshell1
           backend: 1.2.3.4
           port: 4200
-        webshell2: {}
+        shell.internal: {}
         webshell3:
           backend: 4.3.2.1
           port: 4500
diff --git a/test/salt/pillar/examples/nginx_webshell_configuration.sls b/test/salt/pillar/examples/nginx_webshell_configuration.sls
index e28fb9a..050adf9 100644
--- a/test/salt/pillar/examples/nginx_webshell_configuration.sls
+++ b/test/salt/pillar/examples/nginx_webshell_configuration.sls
@@ -1,15 +1,39 @@
 ---
+# This parameter will be used here to generate a list of upstreams and vhosts.
+# This dict is here for convenience and should be managed some other way, but the
+# different ways of orchestration that can be used for this are outside the scope
+# of this formula and their examples.
+# These upstreams should match those defined in `arvados:cluster:resources:virtual_machines`
+{% set webshell_virtual_machines = {
+  'shell1': {
+    'name': 'webshell1',
+    'backend': '1.2.3.4',
+    'port': 4200,
+  },
+  'shell.internal': {},
+  'webshell3': {
+    'backend': '4.3.2.1',
+    'port': 4500,
+  }
+}
+%}
+
 ### NGINX
 nginx:
   ### SERVER
   server:
     config:
-
       ### STREAMS
       http:
-        {%- for shell_node, params in %}
-        upstream webshell_upstream:
-          - server: 'shell.internal:4200 fail_timeout=10s'
+        {%- for vm, params in webshell_virtual_machines.items() %}
+          {%- set vm_name = params.name | default(vm) %}
+          {%- set vm_backend = params.backend | default(vm_name) %}
+          {%- set vm_port = params.port | default(4200) %}
+
+        upstream {{ vm_name }}_upstream:
+          - server: '{{ vm_backend }}:{{ vm_port }} fail_timeout=10s'
+
+        {%- endfor %}
 
   ### SITES
   servers:
@@ -36,8 +60,10 @@ nginx:
             - listen:
               - 443 http2 ssl
             - index: index.html index.htm
-            - location /shell.fixme.example.net:
-              - proxy_pass: 'http://webshell_upstream'
+            {%- for vm, params in webshell_virtual_machines.items() %}
+              {%- set vm_name = params.name | default(vm) %}
+            - location /{{ vm_name }}:
+              - proxy_pass: 'http://{{ vm_name }}_upstream'
               - proxy_read_timeout: 90
               - proxy_connect_timeout: 90
               - proxy_set_header: 'Host $http_host'
@@ -64,6 +90,7 @@ nginx:
                 - add_header: "'Access-Control-Allow-Origin' '*'"
                 - add_header: "'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'"
                 - add_header: "'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'"
+            {%- endfor %}
             - include: 'snippets/ssl_hardening_default.conf'
             # - include: 'snippets/letsencrypt.conf'
             - include: 'snippets/ssl_snakeoil.conf'
diff --git a/test/salt/pillar/examples/nginx_workbench_configuration.sls b/test/salt/pillar/examples/nginx_workbench_configuration.sls
index e34ad2d..34d8221 100644
--- a/test/salt/pillar/examples/nginx_workbench_configuration.sls
+++ b/test/salt/pillar/examples/nginx_workbench_configuration.sls
@@ -37,10 +37,9 @@ nginx:
             - server_name: workbench.fixme.example.net
             - listen:
               - 443 http2 ssl
-            - index: index.html index.htm
-            - location /:
             - root: /var/www/arvados-workbench/current/public
             - passenger_enabled: 'on'
+            - index: index.html index.htm
             - include: 'snippets/ssl_hardening_default.conf'
             # - include: 'snippets/letsencrypt.conf'
             - include: 'snippets/ssl_snakeoil.conf'
-- 
2.30.2