Skip to content

Vhost settings #408

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
UserNotFound wants to merge 6 commits into
base: master
Choose a base branch
from
Draft

Vhost settings #408

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
2da4db5
WIP
UserNotFound Jan 8, 2026
0636b3e
Tweaks
UserNotFound Jan 9, 2026
e7fbb9b
Fix
UserNotFound Jan 9, 2026
2e4ceb1
Wrap up
UserNotFound Jan 21, 2026
7eb26f7
Cleanup
UserNotFound Jan 21, 2026
750ff85
include the fab
UserNotFound Jan 21, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions Gemfile.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
PATH
remote: .
specs:
aptible-cli (0.26.0)
aptible-cli (0.27.0)
activesupport (>= 4.0, < 6.0)
aptible-api (~> 1.12)
aptible-auth (~> 1.4)
Expand Down Expand Up @@ -35,7 +35,7 @@ GEM
tzinfo (~> 1.1)
addressable (2.8.0)
public_suffix (>= 2.0.2, < 5.0)
aptible-api (1.12.0)
aptible-api (1.12.1)
aptible-auth
aptible-resource
gem_config
Expand Down Expand Up @@ -120,7 +120,7 @@ GEM
parser (2.7.2.0)
ast (~> 2.4.1)
powerpack (0.1.3)
pry (0.14.2)
pry (0.15.2)
coderay (~> 1.1)
method_source (~> 1.0)
public_suffix (3.1.1)
Expand Down
7 changes: 5 additions & 2 deletions lib/aptible/cli/helpers/vhost.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,11 @@ module Aptible
module CLI
module Helpers
module Vhost
def provision_vhost_and_explain(service, vhost)
op = vhost.create_operation!(type: 'provision')
def provision_vhost_and_explain(service, vhost, settings)
op = vhost.create_operation!(
type: 'provision',
**(settings.empty? ? {} : { settings: settings })
)
attach_to_operation_logs(op)

Formatter.render(Renderer.current) do |root|
Expand Down
132 changes: 131 additions & 1 deletion lib/aptible/cli/helpers/vhost/option_set_builder.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,76 @@ def declare_options(thor)
desc: "Share this Endpoint's load balancer with other " \
'Endpoints'
)

option(
:client_body_timeout,
type: :string,
desc: 'Timeout (seconds) for receiving the request body, ' \
'applying only between successive read operations ' \
'rather than to the entire request body transmission'
)

option(
:force_ssl,
type: :boolean,
desc: 'Redirect all HTTP requests to HTTPS, and ' \
'enable the Strict-Transport-Security header (HSTS)'
)

option(
:idle_timeout,
type: :string,
desc: 'Timeout (seconds) to enforce idle timeouts while ' \
'sending and receiving responses'
)

option(
:ignore_invalid_headers,
type: :boolean,
desc: 'Controls whether header fields with invalid names ' \
'should be dropped by the endpoint'
)

option(
:maintenance_page_url,
type: :string,
desc: 'The URL of a maintenance page to cache and serve ' \
'when requests time out, or your app is unhealthy'
)

option(
:nginx_error_log_level,
type: :string,
desc: "Sets the log level for the endpoint's error logs"
)

option(
:release_healthcheck_timeout,
type: :string,
desc: 'Timeout (seconds) to wait for your app to ' \
'respond to a release health check'
)

option(
:show_elb_healthchecks,
type: :boolean,
desc: 'Show all runtime health check requets in the ' \
"endpoint's logs"
)

option(
:ssl_protocols_override,
type: :string,
desc: 'Specify a list of allowed SSL protocols'
)

option(
:strict_health_checks,
type: :boolean,
desc: 'Require containers to respond to health checks ' \
'with a 200 OK HTTP response.'
)

end
end

Expand Down Expand Up @@ -128,6 +198,18 @@ def declare_options(thor)
desc: 'The fingerprint of an existing Certificate to use ' \
'on this Endpoint'
)

option(
:ssl_ciphers_override,
type: :string,
desc: 'Specify the allowed SSL ciphers'
)

option(
:ssl_protocols_override,
type: :string,
desc: 'Specify a list of allowed SSL protocols'
)
end
end
end
Expand All @@ -137,6 +219,7 @@ def prepare(account, options)
verify_option_conflicts(options)

params = {}
settings = {}

params[:ip_whitelist] = options.delete(:ip_whitelist) do
create? ? [] : nil
Expand Down Expand Up @@ -203,14 +286,61 @@ def prepare(account, options)
params[:shared] = options.delete(:shared)
end

vhost_settings = %i(
client_body_timeout
idle_timeout
maintenance_page_url
nginx_error_log_level
release_healthcheck_timeout
ssl_protocols_override
ssl_ciphers_override
)

vhost_settings.each do |key|
val = options.delete(key)
next if val.nil?

settings[key.to_s.upcase] = case val
when 'default'
''
else
val
end
end

boolean_vhost_settings = %i(
force_ssl
show_elb_healthchecks
strict_health_checks
)

boolean_vhost_settings.each do |key|
value = options.delete(key)
next if value.nil?

settings[key.to_s.upcase] = value.to_s
end

# This one we pass through to nginx for whatever rason, so
Copy link
Member

@aguilinger aguilinger Jan 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

'rason'

also this seems like maybe something we should handle in the sweetness level? i.e. make sure we're only passing 'on' or 'off' based on reasonable values? (What if someone does direct api calls?)

not something you need to fix here, just noting

# "on" and "off" are the exected values
ignore_invalid_headers = options.delete(:ignore_invalid_headers)
unless ignore_invalid_headers.nil?
settings['IGNORE_INVALID_HEADERS'] = case ignore_invalid_headers
when true
'on'
when false
'off'
end
end

options.delete(:environment)

# NOTE: This is here to ensure that specs don't test for options
# that are not declared. This is not expected to happen when using
# this.
raise "Unexpected options: #{options}" if options.any?

params.delete_if { |_, v| v.nil? }
[params.delete_if { |_, v| v.nil? }, settings]
end

FLAGS.each do |f|
Expand Down
4 changes: 3 additions & 1 deletion lib/aptible/cli/renderer/text.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,9 @@ class Text < Base
POST_PROCESSED_KEYS = {
'Tls' => 'TLS',
'Dns' => 'DNS',
'Ip' => 'IP'
'Ip' => 'IP',
'Ssl' => 'SSL',
'Elb' => 'ELB'
}.freeze

def visit(node, io)
Expand Down
6 changes: 6 additions & 0 deletions lib/aptible/cli/resource_formatter.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -209,6 +209,12 @@ def inject_vhost(node, vhost, service)

node.value('internal', vhost.internal)

unless vhost.current_setting.nil?
vhost.current_setting.settings.each do |k, v|
node.value(k.downcase, v)
end
end

ip_whitelist = if vhost.ip_whitelist.any?
vhost.ip_whitelist.join(' ')
else
Expand Down
36 changes: 27 additions & 9 deletions lib/aptible/cli/subcommands/endpoints.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,13 +27,18 @@ def self.included(thor)
service = database.service
raise Thor::Error, 'Database is not provisioned' if service.nil?

prepared_params, settings = database_create_flags.prepare(
database.account,
options
)

vhost = service.create_vhost!(
type: 'tcp',
platform: 'elb',
**database_create_flags.prepare(database.account, options)
**prepared_params
)

provision_vhost_and_explain(service, vhost)
provision_vhost_and_explain(service, vhost, settings)
end

database_modify_flags = Helpers::Vhost::OptionSetBuilder.new do
Expand All @@ -49,9 +54,14 @@ def self.included(thor)

database = ensure_database(options.merge(db: options[:database]))
vhost = find_vhost(each_service(database), hostname)
vhost.update!(**database_modify_flags.prepare(database.account,
options))
provision_vhost_and_explain(vhost.service, vhost)

prepared_params, settings = database_modify_flags.prepare(
database.account,
options
)

vhost.update!(**prepared_params)
provision_vhost_and_explain(vhost.service, vhost, settings)
end

tcp_create_flags = Helpers::Vhost::OptionSetBuilder.new do
Expand Down Expand Up @@ -246,18 +256,26 @@ def self.included(thor)
no_commands do
def create_app_vhost(flags, options, process_type, **attrs)
service = ensure_service(options, process_type)

prepared_params, settings =
flags.prepare(service.account, options)

vhost = service.create_vhost!(
**flags.prepare(service.account, options),
**prepared_params,
**attrs
)
provision_vhost_and_explain(service, vhost)
provision_vhost_and_explain(service, vhost, settings)
end

def modify_app_vhost(flags, options, hostname)
app = ensure_app(options)
vhost = find_vhost(each_service(app), hostname)
vhost.update!(**flags.prepare(vhost.service.account, options))
provision_vhost_and_explain(vhost.service, vhost)

prepared_params, settings =
flags.prepare(vhost.service.account, options)

vhost.update!(**prepared_params)
provision_vhost_and_explain(vhost.service, vhost, settings)
end
end
end
Expand Down
2 changes: 1 addition & 1 deletion lib/aptible/cli/version.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
module Aptible
module CLI
VERSION = '0.26.0'.freeze
VERSION = '0.27.0'.freeze
end
end
3 changes: 3 additions & 0 deletions spec/aptible/cli/resource_formatter_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,9 @@ def capture(m, *args)
shared: false
)

vhost.current_configuration = Fabricate(:setting, settings: {},
vhost: vhost)

expected = [
'Id: 12',
'Hostname: foo.io',
Expand Down
Loading