diff --git a/README.md b/README.md
index 181737ed865bb63972a8904263cfe20335340c7d..88764b373ed194fc040912119731973f919a842a 100755
--- a/README.md
+++ b/README.md
@@ -50,8 +50,9 @@ Webapp service configuraion parameters and their defaults:
- DJANGO_DEBUG=true
- DJANGO_LOG_LEVEL=ERROR
- ROSETTA_LOG_LEVEL=ERROR
- - ROSETTA_HOST=localhost
- - ROSETTA_TUNNEL_HOST=localhost
+ - ROSETTA_HOST=localhost
+ - ROSETTA_TASKS_PROXY_HOST=$ROSETTA_HOST
+ - ROSETTA_TASKS_TUNNEL_HOST=$ROSETTA_HOST
- ROSETTA_WEBAPP_HOST=""
- ROSETTA_WEBAPP_PORT=8080
- ROSETTA_REGISTRY_HOST=proxy
@@ -69,10 +70,13 @@ Webapp service configuraion parameters and their defaults:
Notes:
- - `ROSETTA_TUNNEL_HOST` must not include http:// or https://
- `ROSETTA_REGISTRY_HOST` should be set to the same value as `ROSETTA_HOST` for production scenarios, in order to be secured unders SSL. The `standaloneworker` is configured to treat the following hosts (and ports) as unsecure registies, where it can connect without a valid certificate: `proxy:5000`,`dregistry:5000` and `rosetta.platform:5000`.
- `ROSETTA_WEBAPP_HOST` is used for let the agent know where to connect, and it is differentiated from `ROSETTA_HOST` as it can be on an internal Docker network. It is indeed defaulted to the `webapp` container IP address.
+Proxy service configuraion parameters and their defaults:
+
+ - SAFEMODE=false
+ - ROSETTA_HOST=localhost
### User types
diff --git a/docker-compose-dev.yml b/docker-compose-dev.yml
index 5d7f06730fbb637066127789ee514f8275fd93c6..ef5a65aa3f354a50de9330ced9bc77182a08a764 100644
--- a/docker-compose-dev.yml
+++ b/docker-compose-dev.yml
@@ -60,15 +60,14 @@ services:
- ROSETTA_LOG_LEVEL=DEBUG
#- ROSETTA_WEBAPP_HOST=localhost # Internal, for the agent
#- ROSETTA_WEBAPP_PORT=8080 # Internal, for the agent
- #- ROSETTA_REGISTRY_HOST=
+ #- ROSETTA_REGISTRY_HOST=proxy
#- ROSETTA_REGISTRY_PORT=5000
#- DJANGO_EMAIL_APIKEY=""
#- DJANGO_EMAIL_FROM="Rosetta Platform <notifications@rosetta.platform>"
#- DJANGO_SECRET_KEY=""
- - TASK_PROXY_HOST=localhost
- - TASK_TUNNEL_HOST=localhost
+ #- ROSETTA_TASKS_PROXY_HOST=
+ #- ROSETTA_TASKS_TUNNEL_HOST=
- ROSETTA_HOST=localhost
- - REGISTRY_HOST=proxy:5000 # Use same value as ROSETTA_HOST for production or to use "real" computing resurces
ports:
- "8080:8080"
- "7000-7020:7000-7020"
diff --git a/services/webapp/code/rosetta/core_app/utils.py b/services/webapp/code/rosetta/core_app/utils.py
index 4598a9a6411084b77268914f2cc2e15c156be926..50eedeee55ae60babd51495360e8e76a49d2df53 100644
--- a/services/webapp/code/rosetta/core_app/utils.py
+++ b/services/webapp/code/rosetta/core_app/utils.py
@@ -515,12 +515,16 @@ def get_platform_registry():
platform_registry_conn_string = '{}:{}'.format(platform_registry_host, platform_registry_port)
return platform_registry_conn_string
-def get_task_tunnel_host():
- tunnel_host = os.environ.get('TASK_TUNNEL_HOST', 'localhost')
+def get_rosetta_tasks_tunnel_host():
+ # Importing here instead of on top avoids circular dependencies problems when loading booleanize in settings
+ from django.conf import settings
+ tunnel_host = os.environ.get('ROSETTA_TASKS_TUNNEL_HOST', settings.ROSETTA_HOST)
return tunnel_host
-def get_task_proxy_host():
- proxy_host = os.environ.get('TASK_PROXY_HOST', 'localhost')
+def get_rosetta_tasks_proxy_host():
+ # Importing here instead of on top avoids circular dependencies problems when loading booleanize in settings
+ from django.conf import settings
+ proxy_host = os.environ.get('ROSETTA_TASKS_PROXY_HOST', settings.ROSETTA_HOST)
return proxy_host
def hash_string_to_int(string):
@@ -622,7 +626,7 @@ def setup_tunnel_and_proxy(task):
# Some info about the various SSL switches: https://serverfault.com/questions/577616/using-https-between-apache-loadbalancer-and-backends
logger.debug('Writing task proxy conf to {}'.format(apache_conf_file))
websocket_protocol = 'wss' if task.container.interface_protocol == 'https' else 'ws'
- task_proxy_host = get_task_proxy_host()
+ rosetta_tasks_proxy_host = get_rosetta_tasks_proxy_host()
apache_conf_content = '''
#---------------------------
# Task interface proxy
@@ -641,7 +645,7 @@ Listen '''+str(task.tcp_tunnel_port)+'''
<VirtualHost *:'''+str(task.tcp_tunnel_port)+'''>
- ServerName '''+task_proxy_host+'''
+ ServerName '''+rosetta_tasks_proxy_host+'''
ServerAdmin admin@rosetta.platform
SSLEngine on
diff --git a/services/webapp/code/rosetta/core_app/views.py b/services/webapp/code/rosetta/core_app/views.py
index 06d53c2be5e7ac6af28893bf688181413a5ecd29..70ea9230e05f13e6e752aee52cffebe247cd5f35 100644
--- a/services/webapp/code/rosetta/core_app/views.py
+++ b/services/webapp/code/rosetta/core_app/views.py
@@ -13,8 +13,8 @@ from django.contrib.auth.models import User
from django.shortcuts import redirect
from django.db.models import Q
from .models import Profile, LoginToken, Task, TaskStatuses, Container, Computing, KeyPair, Page
-from .utils import send_email, format_exception, timezonize, os_shell, booleanize, get_task_tunnel_host
-from .utils import get_task_proxy_host, random_username, setup_tunnel_and_proxy, finalize_user_creation
+from .utils import send_email, format_exception, timezonize, os_shell, booleanize, get_rosetta_tasks_tunnel_host
+from .utils import get_rosetta_tasks_proxy_host, random_username, setup_tunnel_and_proxy, finalize_user_creation
from .utils import sanitize_container_env_vars, get_or_create_container_from_repository
from .decorators import public_view, private_view
from .exceptions import ErrorMessage
@@ -1183,19 +1183,19 @@ def direct_connection_handler(request, uuid):
setup_tunnel_and_proxy(task)
# Get task and tunnel proxy host
- task_proxy_host = get_task_proxy_host()
- task_tunnel_host = get_task_tunnel_host()
+ rosetta_tasks_proxy_host = get_rosetta_tasks_proxy_host()
+ rosetta_tasks_tunnel_host = get_rosetta_tasks_tunnel_host()
# Redirect to the task through the tunnel
if task.requires_proxy:
if task.requires_proxy_auth and task.auth_token:
user = request.user.email
password = task.auth_token
- redirect_string = 'https://{}:{}@{}:{}'.format(user, password, task_proxy_host, task.tcp_tunnel_port)
+ redirect_string = 'https://{}:{}@{}:{}'.format(user, password, rosetta_tasks_proxy_host, task.tcp_tunnel_port)
else:
- redirect_string = 'https://{}:{}'.format(task_proxy_host, task.tcp_tunnel_port)
+ redirect_string = 'https://{}:{}'.format(rosetta_tasks_proxy_host, task.tcp_tunnel_port)
else:
- redirect_string = '{}://{}:{}'.format(task.container.interface_protocol, task_tunnel_host, task.tcp_tunnel_port)
+ redirect_string = '{}://{}:{}'.format(task.container.interface_protocol, rosetta_tasks_tunnel_host, task.tcp_tunnel_port)
logger.debug('Task direct connect redirect: "{}"'.format(redirect_string))
return redirect(redirect_string)
@@ -1216,14 +1216,14 @@ def sharable_link_handler(request, short_uuid):
setup_tunnel_and_proxy(task)
# Get task and tunnel proxy host
- task_proxy_host = get_task_proxy_host()
- task_tunnel_host = get_task_tunnel_host()
+ rosetta_tasks_proxy_host = get_rosetta_tasks_proxy_host()
+ rosetta_tasks_tunnel_host = get_rosetta_tasks_tunnel_host()
# Redirect to the task through the tunnel
if task.requires_proxy:
- redirect_string = 'https://{}:{}'.format(task_proxy_host, task.tcp_tunnel_port)
+ redirect_string = 'https://{}:{}'.format(rosetta_tasks_proxy_host, task.tcp_tunnel_port)
else:
- redirect_string = '{}://{}:{}'.format(task.container.interface_protocol, task_tunnel_host, task.tcp_tunnel_port)
+ redirect_string = '{}://{}:{}'.format(task.container.interface_protocol, rosetta_tasks_tunnel_host, task.tcp_tunnel_port)
logger.debug('Task sharable link connect redirect: "{}"'.format(redirect_string))
return redirect(redirect_string)