Story #1150: As a user, I can lazily fetch repositories
Create a httpd config for the lazy streamer
Part of the lazy component set is an Apache server that acts as an SSL termination point (since squid can't cache encrypted traffic) and enforces content protection. The client is redirected to this Apache server (by way of story #1180) when the content is missing from the Pulp server, but is part of a lazy-loaded repository. When a client connects Apache will need to check the presented client certificate (if any) to ensure they have access to the content. Apache will then keep the connection to the client open while it connects to Squid on localhost:3128 and requests the content on behalf of the client.
To achieve this, a new Apache configuration file needs to be created.
Some inline documentation should be included in the configuration file explaining the purpose of each directive and any other settings the user may want to tweak or look into. A release note should be added for this change.
This new configuration file will be packaged as part of the pulp-streamer and is completely separate from the main Apache configuration for Pulp.
Updated by firstname.lastname@example.org about 7 years ago
- Status changed from ASSIGNED to POST
- % Done changed from 50 to 100
The Apache configuration PR against the feature branch: https://github.com/pulp/pulp/pull/2104
Since we use URL signatures, there is a new WSGI application that checks signatures and is turned on as part of the streamer 'Directory' statement.