From ea4cd025a6d229d613d0390adecd6bc3e41cdcee Mon Sep 17 00:00:00 2001
From: Florian Dold <florian.dold@gmail.com>
Date: Fri, 10 Mar 2017 13:54:27 +0100
Subject: full header-based switching

---
 etc/nginx/sites-enabled/test.site | 196 ++++++++++++++++++++++++++++++++++----
 1 file changed, 180 insertions(+), 16 deletions(-)

diff --git a/etc/nginx/sites-enabled/test.site b/etc/nginx/sites-enabled/test.site
index 1409f3f..4d97e69 100644
--- a/etc/nginx/sites-enabled/test.site
+++ b/etc/nginx/sites-enabled/test.site
@@ -9,11 +9,10 @@ server {
 }
 
 
-
 server {
+  server_name test.taler.net www.test.taler.net;
   listen 443 ssl;
   listen [::]:443 ssl;
-  server_name test.taler.net www.test.taler.net;
   root /dev/null;
   rewrite /javascript /javascript.html break;
   include conf.d/test.redirects;
@@ -34,12 +33,8 @@ server {
     error_page 418 = @blue;
     error_page 419 = @green;
     recursive_error_pages on;
-    if ($http_x_taler_deployment_color ~ "blue") {
-      return 418;
-    }
-    if ($http_x_taler_deployment_color ~ "green") {
-      return 419;
-    }
+    if ($http_x_taler_deployment_color ~ "blue") { return 418; }
+    if ($http_x_taler_deployment_color ~ "green") { return 419; }
     uwsgi_pass unix:/home/test/sockets/landing.uwsgi;
     include /etc/nginx/uwsgi_params;
   }
@@ -48,19 +43,55 @@ server {
 
 
 server {
+  server_name exchange.test.taler.net;
   listen 443 ssl;
   listen [::]:443 ssl;
-  server_name exchange.test.taler.net;
   root /dev/null;
   include conf.d/talerssl;
+  location @blue-admin {
+    add_header X-Taler-Deployment-Color blue;
+    proxy_pass http://unix:/home/test-blue/sockets/exchange-admin.http;
+    proxy_redirect off;
+    proxy_set_header Host $host;
+  }
+  location @green-admin {
+    add_header X-Taler-Deployment-Color green;
+    proxy_pass http://unix:/home/test-green/sockets/exchange-admin.http;
+    proxy_redirect off;
+    proxy_set_header Host $host;
+  }
+
+  location @blue {
+    add_header X-Taler-Deployment-Color blue;
+    proxy_pass http://unix:/home/test-blue/sockets/exchange.http:/;
+    proxy_redirect off;
+    proxy_set_header Host $host;
+  }
+
+  location @green {
+    add_header X-Taler-Deployment-Color green;
+    proxy_pass http://unix:/home/test-green/sockets/exchange.http:/;
+    proxy_redirect off;
+    proxy_set_header Host $host;
+  }
 
   location /admin {
+    error_page 418 = @blue-admin;
+    error_page 419 = @green-admin;
+    recursive_error_pages on;
+    if ($http_x_taler_deployment_color ~ "blue") { return 418; }
+    if ($http_x_taler_deployment_color ~ "green") { return 419; }
     proxy_pass http://unix:/home/test/sockets/exchange-admin.http;
     proxy_redirect off;
     proxy_set_header Host $host;
   }
 
   location / {
+    error_page 418 = @blue;
+    error_page 419 = @green;
+    recursive_error_pages on;
+    if ($http_x_taler_deployment_color ~ "blue") { return 418; }
+    if ($http_x_taler_deployment_color ~ "green") { return 419; }
     proxy_pass http://unix:/home/test/sockets/exchange.http:/;
     proxy_redirect off;
     proxy_set_header Host $host;
@@ -69,20 +100,59 @@ server {
 
 
 server {
+  server_name shop.test.taler.net;
   listen 443 ssl;
   listen [::]:443 ssl;
-  server_name shop.test.taler.net;
   root /dev/null;
   include conf.d/test.redirects;
   include conf.d/talerssl;
 
+  location @blue {
+    add_header X-Taler-Deployment-Color blue;
+    uwsgi_pass unix:/home/test-green/sockets/shop.uwsgi;
+    include /etc/nginx/uwsgi_params;
+  }
+  location @green {
+    add_header X-Taler-Deployment-Color green;
+    uwsgi_pass unix:/home/test-blue/sockets/shop.uwsgi;
+    include /etc/nginx/uwsgi_params;
+  }
+
+  location @blue-backend {
+    add_header X-Taler-Deployment-Color blue;
+    rewrite /backend/(.*) /$1 break;
+    proxy_pass http://unix:/home/test-blue/sockets/merchant.http:/;
+    proxy_redirect off;
+    proxy_set_header Host $host;
+  }
+  location @green-backend {
+    add_header X-Taler-Deployment-Color green;
+    rewrite /backend/(.*) /$1 break;
+    proxy_pass http://unix:/home/test-green/sockets/merchant.http:/;
+    proxy_redirect off;
+    proxy_set_header Host $host;
+  }
+
   location / {
-    ssi on;
+    # Redirection technique explainted at
+    # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
+    error_page 418 = @blue;
+    error_page 419 = @green;
+    recursive_error_pages on;
+    if ($http_x_taler_deployment_color ~ "blue") { return 418; }
+    if ($http_x_taler_deployment_color ~ "green") { return 419; }
     uwsgi_pass unix:/home/test/sockets/shop.uwsgi;
     include /etc/nginx/uwsgi_params;
   }
 
   location /backend {
+    # Redirection technique explainted at
+    # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
+    error_page 418 = @blue-backend;
+    error_page 419 = @green-backend;
+    recursive_error_pages on;
+    if ($http_x_taler_deployment_color ~ "blue") { return 418; }
+    if ($http_x_taler_deployment_color ~ "green") { return 419; }
     rewrite /backend/(.*) /$1 break;
     proxy_pass http://unix:/home/test/sockets/merchant.http:/;
     proxy_redirect off;
@@ -93,14 +163,34 @@ server {
 
 
 server {
+  server_name backend.test.taler.net;
   listen 443 ssl;
   listen 80;
   listen [::]:443 ssl;
   listen [::]:80;
-  server_name backend.test.taler.net;
   include conf.d/talerssl;
 
+  location @blue {
+    add_header X-Taler-Deployment-Color blue;
+    proxy_pass http://unix:/home/test-blue/sockets/merchant.http:/;
+    proxy_redirect off;
+    proxy_set_header Host $host;
+  }
+  location @green {
+    add_header X-Taler-Deployment-Color green;
+    proxy_pass http://unix:/home/test-green/sockets/merchant.http:/;
+    proxy_redirect off;
+    proxy_set_header Host $host;
+  }
+
   location / {
+    # Redirection technique explainted at
+    # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
+    error_page 418 = @blue;
+    error_page 419 = @green;
+    recursive_error_pages on;
+    if ($http_x_taler_deployment_color ~ "blue") { return 418; }
+    if ($http_x_taler_deployment_color ~ "green") { return 419; }
     proxy_pass http://unix:/home/test/sockets/merchant.http:/;
     proxy_redirect off;
     proxy_set_header Host $host;
@@ -109,19 +199,58 @@ server {
 
 
 server {
+  server_name donations.test.taler.net;
   listen 443 ssl;
   listen [::]:443 ssl;
-  server_name donations.test.taler.net;
   include conf.d/test.redirects;
   include conf.d/talerssl;
 
+  location @blue {
+    add_header X-Taler-Deployment-Color blue;
+    uwsgi_pass unix:/home/test-green/sockets/donations.uwsgi;
+    include /etc/nginx/uwsgi_params;
+  }
+  location @green {
+    add_header X-Taler-Deployment-Color green;
+    uwsgi_pass unix:/home/test/sockets/donations.uwsgi;
+    include /etc/nginx/uwsgi_params;
+  }
+
+  location @blue-backend {
+    add_header X-Taler-Deployment-Color blue;
+    rewrite /backend/(.*) /$1 break;
+    proxy_pass http://unix:/home/test-blue/sockets/merchant.http:/;
+    proxy_redirect off;
+    proxy_set_header Host $host;
+  }
+  location @green-backend {
+    add_header X-Taler-Deployment-Color green;
+    rewrite /backend/(.*) /$1 break;
+    proxy_pass http://unix:/home/test-green/sockets/merchant.http:/;
+    proxy_redirect off;
+    proxy_set_header Host $host;
+  }
+
   location / {
-    ssi on;
+    # Redirection technique explainted at
+    # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
+    error_page 418 = @blue;
+    error_page 419 = @green;
+    recursive_error_pages on;
+    if ($http_x_taler_deployment_color ~ "blue") { return 418; }
+    if ($http_x_taler_deployment_color ~ "green") { return 419; }
     uwsgi_pass unix:/home/test/sockets/donations.uwsgi;
     include /etc/nginx/uwsgi_params;
   }
 
   location /backend {
+    # Redirection technique explainted at
+    # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
+    error_page 418 = @blue-backend;
+    error_page 419 = @green-backend;
+    recursive_error_pages on;
+    if ($http_x_taler_deployment_color ~ "blue") { return 418; }
+    if ($http_x_taler_deployment_color ~ "green") { return 419; }
     rewrite /backend/(.*) /$1 break;
     proxy_pass http://unix:/home/test/sockets/merchant.http:/;
     proxy_redirect off;
@@ -132,19 +261,54 @@ server {
 
 
 server {
+  server_name bank.test.taler.net;
   listen 443 ssl;
   listen [::]:443 ssl;
-  server_name bank.test.taler.net;
   include conf.d/test.redirects;
   include conf.d/talerssl;
 
+  location @blue-add-incoming {
+    add_header X-Taler-Deployment-Color blue;
+    uwsgi_pass unix:/home/test-blue/sockets/bank-admin.uwsgi;
+    include /etc/nginx/uwsgi_params;
+  }
+  location @green-add-incoming {
+    add_header X-Taler-Deployment-Color green;
+    uwsgi_pass unix:/home/test-green/sockets/bank-admin.uwsgi;
+    include /etc/nginx/uwsgi_params;
+  }
+
+  location @blue {
+    add_header X-Taler-Deployment-Color blue;
+    uwsgi_pass unix:/home/test-blue/sockets/bank.uwsgi;
+    include /etc/nginx/uwsgi_params;
+  }
+  location @green {
+    add_header X-Taler-Deployment-Color green;
+    uwsgi_pass unix:/home/test-green/sockets/bank.uwsgi;
+    include /etc/nginx/uwsgi_params;
+  }
+
   location /admin/add/incoming {
+    # Redirection technique explainted at
+    # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
+    error_page 418 = @blue-add-incoming;
+    error_page 419 = @green-add-incoming;
+    recursive_error_pages on;
+    if ($http_x_taler_deployment_color ~ "blue") { return 418; }
+    if ($http_x_taler_deployment_color ~ "green") { return 419; }
     uwsgi_pass unix:/home/test/sockets/bank-admin.uwsgi;
     include /etc/nginx/uwsgi_params;
   }
 
   location / {
-    ssi on;
+    # Redirection technique explainted at
+    # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
+    error_page 418 = @blue;
+    error_page 419 = @green;
+    recursive_error_pages on;
+    if ($http_x_taler_deployment_color ~ "blue") { return 418; }
+    if ($http_x_taler_deployment_color ~ "green") { return 419; }
     uwsgi_pass unix:/home/test/sockets/bank.uwsgi;
     include /etc/nginx/uwsgi_params;
   }
-- 
cgit v1.2.3