Page MenuHomePhabricator

Modularize Aphront "sites"
ClosedPublic

Authored by epriestley on Jun 29 2015, 7:53 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Aug 7, 9:02 PM
Unknown Object (File)
Sun, Aug 7, 1:29 PM
Unknown Object (File)
Sun, Aug 7, 6:21 AM
Unknown Object (File)
Fri, Aug 5, 5:28 AM
Unknown Object (File)
Fri, Aug 5, 3:03 AM
Unknown Object (File)
Thu, Aug 4, 11:12 PM
Unknown Object (File)
Thu, Aug 4, 9:57 PM
Unknown Object (File)
Wed, Aug 3, 2:52 AM
Subscribers

Details

Summary

Fixes T5702. The path here is long and windy:

  • I want to move blog.phacility.com to the new secure host.
  • That host has security.require-https set, which I want to keep set (before, this was handled in a sort of hacky way at the nginx/preamble level, but I've cleaned up everything else now).
  • Currently, that setting forces blogs to HTTPS too, which won't work.
  • To let blogs be individually configurable, we need to either modularize site config or make things hackier.
  • Modularize rather than increasing hackiness.
  • Also add a little "modules" panel in Config. See T6859. This feels like a reasonable middle ground between putting this stuff in Applications and burying it in bin/somewhere.
Test Plan
  • Visited normal site.
  • Visited phame on-domain site.
  • Visited phame off-domain site.
  • Viewed static resources.

Screen Shot 2015-06-29 at 12.48.29 PM.png (949×1 px, 153 KB)

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley retitled this revision from to Modularize Aphront "sites".
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.

Specifically, intent here is:

  • Next diff adds a "HTTP + HTTPS" / "Require HTTPS" / "Use Default" preference to blogs.
  • We set "HTTP + HTTPS" on blog.phacility.com (no HTTPS requests can ever hit it, so the HTTPS part is moot).
  • Then I can move it to this host.

Although really maybe I'll just do T8706 now instead, and then the whole thing can just be HTTPS. This is still desirable in either case.

Although really maybe I'll just do T8706 now instead

Actually, this makes a much bigger mess with letting custom blog domains through PhacilitySiteConfig that I don't particularly want to deal with, so scratch that.

New revised plan is to just stop requiring HTTPS on blogs on external domains. They have to be public anyway. If you really want them to be HTTPS-only, it's relatively easy to configure that yourself.

  • Don't require HTTPS on blogs on external domains.
This revision is now accepted and ready to land.Jun 29 2015, 8:53 PM
This revision was automatically updated to reflect the committed changes.