mirror of
https://github.com/google/nomulus.git
synced 2025-07-21 10:16:07 +02:00
Import code from internal repository to git
This commit is contained in:
Justine Tunney
commit
0ef0c933d2
2490 changed files with 281594 additions and 0 deletions
5
java/com/google/domain/registry/env/common/BUILD
vendored
Normal file
5
java/com/google/domain/registry/env/common/BUILD
vendored
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
package(
|
||||
default_visibility = ["//java/com/google/domain/registry:registry_project"],
|
||||
)
|
||||
|
||||
|
||||
4
java/com/google/domain/registry/env/common/META-INF/appengine-application.xml
vendored
Normal file
4
java/com/google/domain/registry/env/common/META-INF/appengine-application.xml
vendored
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
<?xml version="1.0" encoding="utf-8" standalone="no"?>
|
||||
<appengine-application xmlns="http://appengine.google.com/ns/1.0">
|
||||
<application>domain-registry</application>
|
||||
</appengine-application>
|
||||
34
java/com/google/domain/registry/env/common/META-INF/application.xml
vendored
Normal file
34
java/com/google/domain/registry/env/common/META-INF/application.xml
vendored
Normal file
|
|
@ -0,0 +1,34 @@
|
|||
<?xml version="1.0"
|
||||
encoding="UTF-8"?>
|
||||
|
||||
<application
|
||||
xmlns="http://java.sun.com/xml/ns/javaee"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
|
||||
http://java.sun.com/xml/ns/javaee/application_5.xsd"
|
||||
version="5">
|
||||
|
||||
<description>Google Registry</description>
|
||||
<display-name>Google Registry</display-name>
|
||||
|
||||
<!-- Modules -->
|
||||
<!-- The default module should be listed first -->
|
||||
<module>
|
||||
<web>
|
||||
<web-uri>default</web-uri>
|
||||
<context-root>default</context-root>
|
||||
</web>
|
||||
</module>
|
||||
<module>
|
||||
<web>
|
||||
<web-uri>backend</web-uri>
|
||||
<context-root>backend</context-root>
|
||||
</web>
|
||||
</module>
|
||||
<module>
|
||||
<web>
|
||||
<web-uri>tools</web-uri>
|
||||
<context-root>tools</context-root>
|
||||
</web>
|
||||
</module>
|
||||
</application>
|
||||
7
java/com/google/domain/registry/env/common/backend/BUILD
vendored
Normal file
7
java/com/google/domain/registry/env/common/backend/BUILD
vendored
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
package(
|
||||
default_visibility = ["//java/com/google/domain/registry:registry_project"],
|
||||
)
|
||||
|
||||
exports_files(glob(["WEB-INF/*"]))
|
||||
|
||||
|
||||
13
java/com/google/domain/registry/env/common/backend/WEB-INF/logging.properties
vendored
Normal file
13
java/com/google/domain/registry/env/common/backend/WEB-INF/logging.properties
vendored
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
# A default java.util.logging configuration.
|
||||
# (All App Engine logging is through java.util.logging by default).
|
||||
#
|
||||
# To use this configuration, copy it into your application's WEB-INF
|
||||
# folder and add the following to your appengine-web.xml:
|
||||
#
|
||||
# <system-properties>
|
||||
# <property name="java.util.logging.config.file" value="WEB-INF/logging.properties"/>
|
||||
# </system-properties>
|
||||
#
|
||||
|
||||
# Set the default logging level for all loggers to INFO.
|
||||
.level = INFO
|
||||
499
java/com/google/domain/registry/env/common/backend/WEB-INF/web.xml
vendored
Normal file
499
java/com/google/domain/registry/env/common/backend/WEB-INF/web.xml
vendored
Normal file
|
|
@ -0,0 +1,499 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee" version="2.5"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
|
||||
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
|
||||
<!-- Servlets -->
|
||||
|
||||
<!-- RDE -->
|
||||
|
||||
<servlet>
|
||||
<description>
|
||||
Responsible for scanning the database to create a full deposit for a single TLD
|
||||
and streaming it to cloud storage. Requests are sent here by App Engine after
|
||||
`RdeCreateCronServlet` enqueues a task specifying a URL that points to this servlet.
|
||||
</description>
|
||||
<display-name>RDE Staging Task</display-name>
|
||||
<servlet-name>rdeStagingTask</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>rdeStagingTask</servlet-name>
|
||||
<url-pattern>/_dr/task/rdeStaging</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>
|
||||
Once `rdeCreateFullCron` finishes writing a deposit file to cloud storage, it'll
|
||||
launch this task with the cloud filename so it can be uploaded to Iron Mountain
|
||||
via SFTP. The file is deleted once the upload completes. This should be run via
|
||||
`rde-upload-backend`.
|
||||
</description>
|
||||
<display-name>RDE Upload Task</display-name>
|
||||
<servlet-name>rdeUploadTask</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>rdeUploadTask</servlet-name>
|
||||
<url-pattern>/_dr/task/rdeUpload</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>
|
||||
Sends an XML RDE report to ICANN's HTTP server after rdeUploadTask finishes.
|
||||
</description>
|
||||
<display-name>RDE Report Task</display-name>
|
||||
<servlet-name>rdeReportTask</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>rdeReportTask</servlet-name>
|
||||
<url-pattern>/_dr/task/rdeReport</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>
|
||||
Bulk Registration Data Access. This task creates a thin escrow deposit
|
||||
and saves it to cloud storage, where a separate script owned by the SREs
|
||||
uploads it to ICANN.
|
||||
</description>
|
||||
<display-name>BRDA Copy Task</display-name>
|
||||
<servlet-name>brdaCopyTask</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>brdaCopyTask</servlet-name>
|
||||
<url-pattern>/_dr/task/brdaCopy</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Trademark Clearinghouse -->
|
||||
|
||||
<servlet>
|
||||
<description>Downloads TMCH DNL data from MarksDB.</description>
|
||||
<display-name>DNL Downloader</display-name>
|
||||
<servlet-name>tmchDnl</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>tmchDnl</servlet-name>
|
||||
<url-pattern>/_dr/task/tmchDnl</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Downloads TMCH SMDRL data from MarksDB.</description>
|
||||
<display-name>SMDRL Downloader</display-name>
|
||||
<servlet-name>tmchSmdrl</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>tmchSmdrl</servlet-name>
|
||||
<url-pattern>/_dr/task/tmchSmdrl</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Downloads TMCH CRL data from MarksDB.</description>
|
||||
<display-name>CRL Downloader</display-name>
|
||||
<servlet-name>tmchCrl</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>tmchCrl</servlet-name>
|
||||
<url-pattern>/_dr/task/tmchCrl</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>
|
||||
Reads the LORDN queues and uploads CSV data for sunrise and claims marks to MarksDB.
|
||||
</description>
|
||||
<display-name>NORDN Upload Task</display-name>
|
||||
<servlet-name>nordnUploadTask</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>nordnUploadTask</servlet-name>
|
||||
<url-pattern>/_dr/task/nordnUpload</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Verifies upload of LORDN data to MarksDB.</description>
|
||||
<display-name> NORDN Verify Task</display-name>
|
||||
<servlet-name>nordnVerifyTask</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>nordnVerifyTask</servlet-name>
|
||||
<url-pattern>/_dr/task/nordnVerify</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- TODO(b/24564175): Remove this entry. -->
|
||||
<servlet>
|
||||
<description>Write DNS updates.</description>
|
||||
<display-name>WriteDnsServlet</display-name>
|
||||
<servlet-name>writeDns</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>writeDns</servlet-name>
|
||||
<url-pattern>/_dr/task/writeDns</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>
|
||||
Read the DNS push and pull queues and kick off the appropriate tasks to update zone.</description>
|
||||
<display-name>Read DNS Queue</display-name>
|
||||
<servlet-name>readDnsQueue</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>readDnsQueue</servlet-name>
|
||||
<url-pattern>/_dr/cron/readDnsQueue</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Publish DNS updates.</description>
|
||||
<display-name>Publish DNS Updates</display-name>
|
||||
<servlet-name>publishDnsUpdates</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>publishDnsUpdates</servlet-name>
|
||||
<url-pattern>/_dr/task/publishDnsUpdates</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>
|
||||
Endpoint to manually refresh DNS information.
|
||||
</description>
|
||||
<display-name>DNS Refresh</display-name>
|
||||
<servlet-name>dns-refresh</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>dns-refresh</servlet-name>
|
||||
<url-pattern>/_dr/dnsRefresh</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Export a datastore backup snapshot to GCS.</description>
|
||||
<display-name>Export snapshot to GCS</display-name>
|
||||
<servlet-name>exportSnapshot</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.export.ExportSnapshotServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>exportSnapshot</servlet-name>
|
||||
<url-pattern>/_dr/task/exportSnapshot</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Check the completion of a datastore backup snapshot.</description>
|
||||
<display-name>Check on snapshot status</display-name>
|
||||
<servlet-name>checkSnapshot</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.export.CheckSnapshotServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>checkSnapshot</servlet-name>
|
||||
<url-pattern>/_dr/task/checkSnapshot</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Load a datastore backup snapshot into BigQuery.</description>
|
||||
<display-name>Load snapshot into BigQuery</display-name>
|
||||
<servlet-name>loadSnapshot</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.export.LoadSnapshotServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>loadSnapshot</servlet-name>
|
||||
<url-pattern>/_dr/task/loadSnapshot</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Update a view to point at a certain snapshot in BigQuery.</description>
|
||||
<display-name>Update snapshot view in BigQuery</display-name>
|
||||
<servlet-name>updateSnapshotView</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.export.UpdateSnapshotViewServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>updateSnapshotView</servlet-name>
|
||||
<url-pattern>/_dr/task/updateSnapshotView</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Polls state of jobs in Bigquery</description>
|
||||
<display-name>Bigquery Job Poll Task</display-name>
|
||||
<servlet-name>poll-bigquery-job</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>poll-bigquery-job</servlet-name>
|
||||
<url-pattern>/_dr/task/pollBigqueryJob</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Fan out a cron task over an adjustable range of TLDs.</description>
|
||||
<display-name>TLD Cron Fanout</display-name>
|
||||
<servlet-name>tld-fanout</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>tld-fanout</servlet-name>
|
||||
<url-pattern>/_dr/cron/fanout</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Backups. -->
|
||||
|
||||
<servlet>
|
||||
<description>Fan out a cron task over all commit log buckets.</description>
|
||||
<display-name>Commit Log Bucket Cron Fanout</display-name>
|
||||
<servlet-name>commit-log-fanout</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>commit-log-fanout</servlet-name>
|
||||
<url-pattern>/_dr/cron/commitLogFanout</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Deletes old commit logs from datastore.</description>
|
||||
<display-name>Delete Old Commit Logs</display-name>
|
||||
<servlet-name>delete-commits</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>delete-commits</servlet-name>
|
||||
<url-pattern>/_dr/task/deleteOldCommitLogs</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Checkpoint commit logs.</description>
|
||||
<servlet-name>checkpoint-commit-logs</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>checkpoint-commit-logs</servlet-name>
|
||||
<url-pattern>/_dr/cron/commitLogCheckpoint</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Export commit log diff.</description>
|
||||
<servlet-name>export-commit-log-diff</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>export-commit-log-diff</servlet-name>
|
||||
<url-pattern>/_dr/task/exportCommitLogDiff</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Delete EppResources, children, and indices.</description>
|
||||
<servlet-name>kill-epp-resources</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>kill-epp-resources</servlet-name>
|
||||
<url-pattern>/_dr/task/killAllEppResources</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Restore commit logs.</description>
|
||||
<servlet-name>restore-commit-logs</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>restore-commit-logs</servlet-name>
|
||||
<url-pattern>/_dr/task/restoreCommitLogs</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Delete commit logs.</description>
|
||||
<servlet-name>kill-commit-logs</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>kill-commit-logs</servlet-name>
|
||||
<url-pattern>/_dr/task/killCommitLogs</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- MapReduce servlet. -->
|
||||
<servlet>
|
||||
<servlet-name>mapreduce</servlet-name>
|
||||
<servlet-class>com.google.appengine.tools.mapreduce.MapReduceServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>mapreduce</servlet-name>
|
||||
<url-pattern>/_dr/mapreduce/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Pipeline GUI servlets. -->
|
||||
<servlet>
|
||||
<servlet-name>pipeline</servlet-name>
|
||||
<servlet-class>com.google.appengine.tools.pipeline.impl.servlets.PipelineServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>pipeline</servlet-name>
|
||||
<url-pattern>/_ah/pipeline/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Synchronize registrars spreadsheet task. -->
|
||||
<servlet>
|
||||
<servlet-name>sync-registrars-sheet</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>sync-registrars-sheet</servlet-name>
|
||||
<url-pattern>/_dr/task/syncRegistrarsSheet</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- TLD reserved terms exporting servlet. -->
|
||||
<servlet>
|
||||
<servlet-name>export-reserved-terms</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>export-reserved-terms</servlet-name>
|
||||
<url-pattern>/_dr/task/exportReservedTerms</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- RegistrarContact changes syncing to Google Groups servlet. -->
|
||||
<servlet>
|
||||
<servlet-name>sync-group-members</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>sync-group-members</servlet-name>
|
||||
<url-pattern>/_dr/task/syncGroupMembers</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Mapreduce to delete the specified contact resource if it is not referenced by any domains. -->
|
||||
<servlet>
|
||||
<description>
|
||||
Deletes the specified contact resource if it is not referenced by any domains.
|
||||
</description>
|
||||
<display-name>Delete Contact Resource</display-name>
|
||||
<servlet-name>delete-contact-resource</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>delete-contact-resource</servlet-name>
|
||||
<url-pattern>/_dr/task/deleteContactResource</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Mapreduce to delete the specified host resource if it is not referenced by any domains. -->
|
||||
<servlet>
|
||||
<description>
|
||||
Deletes the specified host resource if it is not referenced by any domains.
|
||||
</description>
|
||||
<display-name>Delete Host Resource</display-name>
|
||||
<servlet-name>delete-host-resource</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>delete-host-resource</servlet-name>
|
||||
<url-pattern>/_dr/task/deleteHostResource</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Mapreduce to enqueue DNS update tasks following a host rename. -->
|
||||
<servlet>
|
||||
<description>
|
||||
Enqueues DNS update tasks following a host rename
|
||||
</description>
|
||||
<display-name>DNS Refresh For Host Rename</display-name>
|
||||
<servlet-name>dns-refresh-for-host-rename</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.backend.BackendServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>dns-refresh-for-host-rename</servlet-name>
|
||||
<url-pattern>/_dr/task/dnsRefreshForHostRename</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Security config -->
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Internal</web-resource-name>
|
||||
<description>
|
||||
Any request path starting with `/_dr/` will be restricted to requests originating
|
||||
from the backend or by anyone authenticated to a Google account that's listed in
|
||||
the AppEngine control panel settings for this project as a Viewer/Owner/Developer.
|
||||
The `_dr` is short for Domain Registry to follow AppEngine naming conventions.
|
||||
</description>
|
||||
<url-pattern>/_dr/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
<user-data-constraint>
|
||||
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
||||
</user-data-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<!-- Require TLS on all requests. -->
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Secure</web-resource-name>
|
||||
<description>
|
||||
Require encryption for all paths. http URLs will be redirected to https.
|
||||
</description>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<user-data-constraint>
|
||||
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
||||
</user-data-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<!-- Shut down external access to registrar console. -->
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Internal</web-resource-name>
|
||||
<description>
|
||||
Go home rogue registrar!
|
||||
</description>
|
||||
<url-pattern>/registrar*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
<user-data-constraint>
|
||||
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
||||
</user-data-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<!-- Restrict access to source code. -->
|
||||
<!-- These are only included in the default module war, but restricting here too for safety. -->
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Internal</web-resource-name>
|
||||
<description>No soup for you!</description>
|
||||
<url-pattern>/assets/sources/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
<user-data-constraint>
|
||||
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
||||
</user-data-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<!-- See: https://code.google.com/p/objectify-appengine/wiki/Setup -->
|
||||
<filter>
|
||||
<filter-name>ObjectifyFilter</filter-name>
|
||||
<filter-class>com.googlecode.objectify.ObjectifyFilter</filter-class>
|
||||
</filter>
|
||||
<filter-mapping>
|
||||
<filter-name>ObjectifyFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<!-- Register types with Objectify. -->
|
||||
<filter>
|
||||
<filter-name>OfyFilter</filter-name>
|
||||
<filter-class>com.google.domain.registry.model.ofy.OfyFilter</filter-class>
|
||||
</filter>
|
||||
<filter-mapping>
|
||||
<filter-name>OfyFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
</web-app>
|
||||
7
java/com/google/domain/registry/env/common/default/BUILD
vendored
Normal file
7
java/com/google/domain/registry/env/common/default/BUILD
vendored
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
package(
|
||||
default_visibility = ["//java/com/google/domain/registry:registry_project"],
|
||||
)
|
||||
|
||||
exports_files(glob(["WEB-INF/*"]))
|
||||
|
||||
|
||||
136
java/com/google/domain/registry/env/common/default/WEB-INF/datastore-indexes.xml
vendored
Normal file
136
java/com/google/domain/registry/env/common/default/WEB-INF/datastore-indexes.xml
vendored
Normal file
|
|
@ -0,0 +1,136 @@
|
|||
<datastore-indexes autoGenerate="false">
|
||||
<!-- For finding contact resources by registrar. -->
|
||||
<datastore-index kind="ContactResource" ancestor="false" source="manual">
|
||||
<property name="currentSponsorClientId" direction="asc"/>
|
||||
<property name="deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- TODO(b/19035583): Remove sharedFields indexes. -->
|
||||
<datastore-index kind="ContactResource" ancestor="false" source="manual">
|
||||
<property name="sharedFields.currentSponsorClientId" direction="asc"/>
|
||||
<property name="sharedFields.deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- For finding domain resources by registrar. -->
|
||||
<datastore-index kind="DomainBase" ancestor="false" source="manual">
|
||||
<property name="^i" direction="asc"/>
|
||||
<property name="currentSponsorClientId" direction="asc"/>
|
||||
<property name="deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- TODO(b/19035583): Remove sharedFields indexes. -->
|
||||
<datastore-index kind="DomainBase" ancestor="false" source="manual">
|
||||
<property name="^i" direction="asc"/>
|
||||
<property name="sharedFields.currentSponsorClientId" direction="asc"/>
|
||||
<property name="sharedFields.deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- For finding domain resources by tld. -->
|
||||
<datastore-index kind="DomainBase" ancestor="false" source="manual">
|
||||
<property name="^i" direction="asc"/>
|
||||
<property name="tld" direction="asc"/>
|
||||
<property name="deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- TODO(b/19035583): Remove sharedFields indexes. -->
|
||||
<datastore-index kind="DomainBase" ancestor="false" source="manual">
|
||||
<property name="^i" direction="asc"/>
|
||||
<property name="tld" direction="asc"/>
|
||||
<property name="sharedFields.deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- For finding domain resources by registrar. -->
|
||||
<datastore-index kind="DomainBase" ancestor="false" source="manual">
|
||||
<property name="currentSponsorClientId" direction="asc"/>
|
||||
<property name="deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- TODO(b/19035583): Remove sharedFields indexes. -->
|
||||
<datastore-index kind="DomainBase" ancestor="false" source="manual">
|
||||
<property name="sharedFields.currentSponsorClientId" direction="asc"/>
|
||||
<property name="sharedFields.deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- For finding host resources by registrar. -->
|
||||
<datastore-index kind="HostResource" ancestor="false" source="manual">
|
||||
<property name="currentSponsorClientId" direction="asc"/>
|
||||
<property name="deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- TODO(b/19035583): Remove sharedFields indexes. -->
|
||||
<datastore-index kind="HostResource" ancestor="false" source="manual">
|
||||
<property name="sharedFields.currentSponsorClientId" direction="asc"/>
|
||||
<property name="sharedFields.deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- For finding account balance of Registrar and viewing billing history. -->
|
||||
<datastore-index kind="RegistrarBillingEntry" ancestor="true" source="manual">
|
||||
<property name="currency" direction="asc"/>
|
||||
<property name="created" direction="desc"/>
|
||||
</datastore-index>
|
||||
<!-- For determining the active domains linked to a given contact. -->
|
||||
<datastore-index kind="DomainBase" ancestor="false" source="manual">
|
||||
<property name="allContacts.contactId.linked" direction="asc"/>
|
||||
<property name="deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- TODO(b/19035583): Remove sharedFields indexes. -->
|
||||
<datastore-index kind="DomainBase" ancestor="false" source="manual">
|
||||
<property name="allContacts.contactId.linked" direction="asc"/>
|
||||
<property name="sharedFields.deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- For determining the active domains linked to a given host. -->
|
||||
<datastore-index kind="DomainBase" ancestor="false" source="manual">
|
||||
<property name="nameservers.linked" direction="asc"/>
|
||||
<property name="deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- TODO(b/19035583): Remove sharedFields indexes. -->
|
||||
<datastore-index kind="DomainBase" ancestor="false" source="manual">
|
||||
<property name="nameservers.linked" direction="asc"/>
|
||||
<property name="sharedFields.deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- For updating domains and applications after a host rename. -->
|
||||
<datastore-index kind="DomainBase" ancestor="false" source="manual">
|
||||
<property name="^i" direction="asc"/>
|
||||
<property name="nameservers.linked" direction="asc"/>
|
||||
<property name="deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- TODO(b/19035583): Remove sharedFields indexes. -->
|
||||
<datastore-index kind="DomainBase" ancestor="false" source="manual">
|
||||
<property name="^i" direction="asc"/>
|
||||
<property name="nameservers.linked" direction="asc"/>
|
||||
<property name="sharedFields.deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- For Whois ip lookup -->
|
||||
<datastore-index kind="HostResource" ancestor="false" source="manual">
|
||||
<property name="inetAddresses" direction="asc"/>
|
||||
<property name="deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- TODO(b/19035583): Remove sharedFields indexes. -->
|
||||
<datastore-index kind="HostResource" ancestor="false" source="manual">
|
||||
<property name="inetAddresses" direction="asc"/>
|
||||
<property name="sharedFields.deletionTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- For Poll -->
|
||||
<datastore-index kind="PollMessage" ancestor="false" source="manual">
|
||||
<property name="clientId" direction="asc"/>
|
||||
<property name="eventTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<datastore-index kind="PollMessage" ancestor="true" source="manual">
|
||||
<property name="clientId" direction="asc"/>
|
||||
<property name="eventTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- For the history viewer. -->
|
||||
<datastore-index kind="HistoryEntry" ancestor="true" source="manual">
|
||||
<property name="modificationTime" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- For RDAP. -->
|
||||
<!-- TODO(b/25644770): Backfill these indexes. -->
|
||||
<datastore-index kind="DomainBase" ancestor="false" source="manual">
|
||||
<property name="^i" direction="asc"/>
|
||||
<property name="fullyQualifiedDomainName" direction="asc"/>
|
||||
</datastore-index>
|
||||
<datastore-index kind="DomainBase" ancestor="false" source="manual">
|
||||
<property name="^i" direction="asc"/>
|
||||
<property name="tld" direction="asc"/>
|
||||
<property name="fullyQualifiedDomainName" direction="asc"/>
|
||||
</datastore-index>
|
||||
<datastore-index kind="HostResource" ancestor="false" source="manual">
|
||||
<property name="deletionTime" direction="asc"/>
|
||||
<property name="fullyQualifiedHostName" direction="asc"/>
|
||||
</datastore-index>
|
||||
<!-- TODO(b/19035583): Remove sharedFields indexes. -->
|
||||
<datastore-index kind="HostResource" ancestor="false" source="manual">
|
||||
<property name="sharedFields.deletionTime" direction="asc"/>
|
||||
<property name="fullyQualifiedHostName" direction="asc"/>
|
||||
</datastore-index>
|
||||
</datastore-indexes>
|
||||
16
java/com/google/domain/registry/env/common/default/WEB-INF/dos.xml
vendored
Normal file
16
java/com/google/domain/registry/env/common/default/WEB-INF/dos.xml
vendored
Normal file
|
|
@ -0,0 +1,16 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<blacklistentries>
|
||||
|
||||
<!-- Example IPv4 CIDR Subnet
|
||||
<blacklist>
|
||||
<subnet>1.2.3.4/24</subnet>
|
||||
<description>An IPv4 subnet</description>
|
||||
</blacklist> -->
|
||||
|
||||
<!-- Example IPv6 CIDR Subnet
|
||||
<blacklist>
|
||||
<subnet>abcd::123:4567/48</subnet>
|
||||
<description>An IPv6 subnet</description>
|
||||
</blacklist> -->
|
||||
|
||||
</blacklistentries>
|
||||
13
java/com/google/domain/registry/env/common/default/WEB-INF/logging.properties
vendored
Normal file
13
java/com/google/domain/registry/env/common/default/WEB-INF/logging.properties
vendored
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
# A default java.util.logging configuration.
|
||||
# (All App Engine logging is through java.util.logging by default).
|
||||
#
|
||||
# To use this configuration, copy it into your application's WEB-INF
|
||||
# folder and add the following to your appengine-web.xml:
|
||||
#
|
||||
# <system-properties>
|
||||
# <property name="java.util.logging.config.file" value="WEB-INF/logging.properties"/>
|
||||
# </system-properties>
|
||||
#
|
||||
|
||||
# Set the default logging level for all loggers to INFO.
|
||||
.level = INFO
|
||||
288
java/com/google/domain/registry/env/common/default/WEB-INF/queue.xml
vendored
Normal file
288
java/com/google/domain/registry/env/common/default/WEB-INF/queue.xml
vendored
Normal file
|
|
@ -0,0 +1,288 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<queue-entries>
|
||||
|
||||
<queue>
|
||||
<name>default</name>
|
||||
<rate>1/s</rate>
|
||||
<bucket-size>5</bucket-size>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>dns-cron</name>
|
||||
<!-- There is no point allowing more than 10/s because the pull queue that feeds
|
||||
this job will refuse to service more than 10 qps. See
|
||||
https://cloud.google.com/appengine/docs/java/javadoc/com/google/appengine/api/taskqueue/Queue#leaseTasks-long-java.util.concurrent.TimeUnit-long- -->
|
||||
<rate>10/s</rate>
|
||||
<bucket-size>100</bucket-size>
|
||||
<retry-parameters>
|
||||
<task-retry-limit>1</task-retry-limit>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>dns-pull</name>
|
||||
<mode>pull</mode>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>dns-publish</name>
|
||||
<rate>100/s</rate>
|
||||
<bucket-size>100</bucket-size>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>export</name>
|
||||
<rate>10/s</rate>
|
||||
<bucket-size>100</bucket-size>
|
||||
<retry-parameters>
|
||||
<task-retry-limit>1</task-retry-limit>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<!-- Queue for launching asynchronous actions (e.g. mapreduces) from async flows. -->
|
||||
<queue>
|
||||
<name>flows-async</name>
|
||||
<!-- Note: rate-limiting a bit here because each of these will kick off an MR.
|
||||
TODO(b/26140521): do more intelligent/aggressive batching than this. -->
|
||||
<rate>1/m</rate>
|
||||
<!-- Async flow tasks should run on the backend module. -->
|
||||
<target>backend</target>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>delete-commits</name>
|
||||
<rate>10/s</rate>
|
||||
<bucket-size>100</bucket-size>
|
||||
<retry-parameters>
|
||||
<task-retry-limit>1</task-retry-limit>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>export-commits</name>
|
||||
<rate>10/s</rate>
|
||||
<bucket-size>100</bucket-size>
|
||||
<retry-parameters>
|
||||
<!-- Retry aggressively since a single delayed export increases our time window of
|
||||
unrecoverable data loss in the event of a datastore failure. -->
|
||||
<min-backoff-seconds>1</min-backoff-seconds>
|
||||
<max-backoff-seconds>60</max-backoff-seconds>
|
||||
<!-- No age limit; a failed export should be retried as long as possible to avoid
|
||||
having data missing from our exported commit log record. -->
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<!-- Queue for jobs to export reserved terms to Google Drive for a TLD. -->
|
||||
<queue>
|
||||
<name>export-reserved-terms</name>
|
||||
<rate>1/s</rate>
|
||||
<bucket-size>100</bucket-size>
|
||||
<retry-parameters>
|
||||
<task-retry-limit>3</task-retry-limit>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<!-- Queue for jobs to sync RegistrarContact changes to Google Groups. -->
|
||||
<queue>
|
||||
<name>group-members-sync</name>
|
||||
<rate>1/s</rate>
|
||||
<bucket-size>100</bucket-size>
|
||||
<retry-parameters>
|
||||
<task-retry-limit>3</task-retry-limit>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<!-- Queue for polling export BigQuery jobs for completion. -->
|
||||
<queue>
|
||||
<name>export-bigquery-poll</name>
|
||||
<!-- Limit queue to 5 concurrent tasks and 5 per second to avoid hitting BigQuery quotas. -->
|
||||
<rate>5/s</rate>
|
||||
<bucket-size>5</bucket-size>
|
||||
<max-concurrent-requests>5</max-concurrent-requests>
|
||||
<!-- Check every 20s and increase interval to every 5 minutes. -->
|
||||
<retry-parameters>
|
||||
<min-backoff-seconds>20</min-backoff-seconds>
|
||||
<max-backoff-seconds>300</max-backoff-seconds>
|
||||
<max-doublings>2</max-doublings>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<!-- Queue for launching new snapshots and for triggering the initial BigQuery load jobs. -->
|
||||
<queue>
|
||||
<name>export-snapshot</name>
|
||||
<rate>5/m</rate>
|
||||
<retry-parameters>
|
||||
<!-- Should be less than the exportSnapshot cron interval; see cron.xml. -->
|
||||
<task-age-limit>22h</task-age-limit>
|
||||
<!-- Retry starting at a 5m interval and increasing up to a 30m interval. -->
|
||||
<min-backoff-seconds>300</min-backoff-seconds>
|
||||
<max-backoff-seconds>1800</max-backoff-seconds>
|
||||
<task-retry-limit>10</task-retry-limit>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<!-- Queue for polling managed backup snapshots for completion. -->
|
||||
<queue>
|
||||
<name>export-snapshot-poll</name>
|
||||
<rate>5/m</rate>
|
||||
<retry-parameters>
|
||||
<!-- Should be less than the exportSnapshot cron interval; see cron.xml. -->
|
||||
<task-age-limit>22h</task-age-limit>
|
||||
<!-- Retry starting at a 1m interval and increasing up to a 5m interval. -->
|
||||
<min-backoff-seconds>60</min-backoff-seconds>
|
||||
<max-backoff-seconds>300</max-backoff-seconds>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<!-- Queue for updating BigQuery views after a snapshot kind's load job completes. -->
|
||||
<queue>
|
||||
<name>export-snapshot-update-view</name>
|
||||
<rate>1/s</rate>
|
||||
<retry-parameters>
|
||||
<!-- Should be less than the exportSnapshot cron interval; see cron.xml. -->
|
||||
<task-age-limit>22h</task-age-limit>
|
||||
<!-- Retry starting at a 10s interval and increasing up to a 1m interval. -->
|
||||
<min-backoff-seconds>10</min-backoff-seconds>
|
||||
<max-backoff-seconds>60</max-backoff-seconds>
|
||||
<task-retry-limit>10</task-retry-limit>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>mail</name>
|
||||
<rate>5/m</rate>
|
||||
<bucket-size>10</bucket-size>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>rde-upload</name>
|
||||
<rate>1/m</rate>
|
||||
<max-concurrent-requests>1</max-concurrent-requests>
|
||||
<retry-parameters>
|
||||
<task-age-limit>4h</task-age-limit>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>rde-report</name>
|
||||
<rate>1/s</rate>
|
||||
<max-concurrent-requests>1</max-concurrent-requests>
|
||||
<retry-parameters>
|
||||
<task-age-limit>4h</task-age-limit>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>rde-staging</name>
|
||||
<rate>1/m</rate>
|
||||
<max-concurrent-requests>10</max-concurrent-requests>
|
||||
<retry-parameters>
|
||||
<task-age-limit>4h</task-age-limit>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>brda</name>
|
||||
<rate>1/m</rate>
|
||||
<max-concurrent-requests>10</max-concurrent-requests>
|
||||
<retry-parameters>
|
||||
<task-age-limit>23h</task-age-limit>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<!-- Queue for tasks that communicate with TMCH MarksDB webserver. -->
|
||||
<!-- TODO(b/17623181): Delete this once the queue implementation is live and working. -->
|
||||
<queue>
|
||||
<name>marksdb</name>
|
||||
<rate>1/m</rate>
|
||||
<max-concurrent-requests>1</max-concurrent-requests>
|
||||
<retry-parameters>
|
||||
<task-age-limit>11h</task-age-limit> <!-- cron interval minus hour -->
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<!-- Queue for tasks to produce LORDN CSV reports, either by by the query or queue method. -->
|
||||
<queue>
|
||||
<name>nordn</name>
|
||||
<rate>1/s</rate>
|
||||
<max-concurrent-requests>10</max-concurrent-requests>
|
||||
<retry-parameters>
|
||||
<task-age-limit>11h</task-age-limit> <!-- cron interval minus hour -->
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<!-- Queue for LORDN Claims CSV rows to be periodically queried and then uploaded in batches. -->
|
||||
<queue>
|
||||
<name>lordn-claims</name>
|
||||
<mode>pull</mode>
|
||||
</queue>
|
||||
|
||||
<!-- Queue for LORDN Sunrise CSV rows to be periodically queried and then uploaded in batches. -->
|
||||
<queue>
|
||||
<name>lordn-sunrise</name>
|
||||
<mode>pull</mode>
|
||||
</queue>
|
||||
|
||||
<!-- Queue used by the MapReduce library for running tasks.
|
||||
|
||||
Do not re-use this queue for tasks that our code creates (e.g. tasks to launch MapReduces
|
||||
that aren't themselves part of a running MapReduce).-->
|
||||
<queue>
|
||||
<name>mapreduce</name>
|
||||
<!-- Warning: DO NOT SET A <target> parameter for this queue. See b/24782801 for why. -->
|
||||
<rate>500/s</rate>
|
||||
<bucket-size>100</bucket-size>
|
||||
</queue>
|
||||
|
||||
<!-- Queue for tasks that sync data to Google Spreadsheets. -->
|
||||
<queue>
|
||||
<name>sheet</name>
|
||||
<rate>1/s</rate>
|
||||
<!-- max-concurrent-requests is intentionally omitted. -->
|
||||
<retry-parameters>
|
||||
<task-age-limit>1h</task-age-limit>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<!-- queue for whitebox metrics -->
|
||||
<queue>
|
||||
<name>bigquery-streaming-metrics</name>
|
||||
<rate>500/s</rate>
|
||||
<bucket-size>500</bucket-size>
|
||||
<retry-parameters>
|
||||
<task-retry-limit>1</task-retry-limit>
|
||||
<task-age-limit>1m</task-age-limit>
|
||||
</retry-parameters>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>load0</name>
|
||||
<rate>500/s</rate>
|
||||
<bucket-size>500</bucket-size>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>load1</name>
|
||||
<rate>500/s</rate>
|
||||
<bucket-size>500</bucket-size>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>load2</name>
|
||||
<rate>500/s</rate>
|
||||
<bucket-size>500</bucket-size>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>load3</name>
|
||||
<rate>500/s</rate>
|
||||
<bucket-size>500</bucket-size>
|
||||
</queue>
|
||||
|
||||
<queue>
|
||||
<name>load4</name>
|
||||
<rate>500/s</rate>
|
||||
<bucket-size>500</bucket-size>
|
||||
</queue>
|
||||
|
||||
</queue-entries>
|
||||
375
java/com/google/domain/registry/env/common/default/WEB-INF/web.xml
vendored
Normal file
375
java/com/google/domain/registry/env/common/default/WEB-INF/web.xml
vendored
Normal file
|
|
@ -0,0 +1,375 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee" version="2.5"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
|
||||
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
|
||||
<!-- Servlets -->
|
||||
<servlet>
|
||||
<description>
|
||||
This is the primary EPP endpoint for the Registry. It accepts
|
||||
EPP XHRs from our TLS proxy.
|
||||
</description>
|
||||
<display-name>EPP</display-name>
|
||||
<servlet-name>epp</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.flows.EppTlsServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>epp</servlet-name>
|
||||
<url-pattern>/_dr/epp</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Registrar Console -->
|
||||
<servlet>
|
||||
<description>
|
||||
Registrar Console UI servlet.
|
||||
</description>
|
||||
<display-name>Registrar Console UI</display-name>
|
||||
<servlet-name>registrar-ui</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.ui.server.registrar.ConsoleUiServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>registrar-ui</servlet-name>
|
||||
<url-pattern>/registrar</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>
|
||||
Registrar Console XHR servlet. Accepts EPP XHRs from GAE GAIA-authenticated frontend sessions.
|
||||
</description>
|
||||
<display-name>Registrar Console XHR</display-name>
|
||||
<servlet-name>registrar-xhr</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.flows.EppConsoleServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>registrar-xhr</servlet-name>
|
||||
<url-pattern>/registrar-xhr</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<display-name>Registrar Self-serve Settings</display-name>
|
||||
<servlet-name>registrar-settings</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.ui.server.registrar.RegistrarServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>registrar-settings</servlet-name>
|
||||
<url-pattern>/registrar-settings</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<display-name>Registrar Braintree Payment Form Setup</display-name>
|
||||
<servlet-name>registrar-payment-setup</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.frontend.FrontendServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>registrar-payment-setup</servlet-name>
|
||||
<url-pattern>/registrar-payment-setup</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<display-name>Registrar Braintree Payment</display-name>
|
||||
<servlet-name>registrar-payment</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.frontend.FrontendServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>registrar-payment</servlet-name>
|
||||
<url-pattern>/registrar-payment</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Admin Console -->
|
||||
<servlet>
|
||||
<display-name>Admin UI Servlet</display-name>
|
||||
<servlet-name>admin-ui</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.ui.server.admin.AdminUiServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>admin-ui</servlet-name>
|
||||
<url-pattern>/_dr/admin</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<display-name>Registry Admin</display-name>
|
||||
<servlet-name>registry-admin</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.ui.server.admin.RegistryServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>registry-admin</servlet-name>
|
||||
<url-pattern>/_dr/admin/registry/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<display-name>Registrar Admin</display-name>
|
||||
<servlet-name>registrar-admin</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.ui.server.admin.RegistrarServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>registrar-admin</servlet-name>
|
||||
<url-pattern>/_dr/admin/registrar/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- WHOIS -->
|
||||
<servlet>
|
||||
<description>
|
||||
HTTP WHOIS API.
|
||||
</description>
|
||||
<display-name>WHOIS</display-name>
|
||||
<servlet-name>whois</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.frontend.FrontendServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>whois</servlet-name>
|
||||
<url-pattern>/whois/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>
|
||||
WHOIS Protocol API.
|
||||
</description>
|
||||
<display-name>WHOIS Protocol</display-name>
|
||||
<servlet-name>whois-protocol</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.frontend.FrontendServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>whois-protocol</servlet-name>
|
||||
<url-pattern>/_dr/whois</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- RDAP (new WHOIS) -->
|
||||
<servlet>
|
||||
<description>
|
||||
RDAP API.
|
||||
</description>
|
||||
<display-name>RDAP</display-name>
|
||||
<servlet-name>rdap</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.frontend.FrontendServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>rdap</servlet-name>
|
||||
<url-pattern>/rdap/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Public API to do availability checks -->
|
||||
<servlet>
|
||||
<description>
|
||||
Availability Check API.
|
||||
</description>
|
||||
<display-name>Availability Check</display-name>
|
||||
<servlet-name>check</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.ui.server.api.CheckApiServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>check</servlet-name>
|
||||
<url-pattern>/check</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Whitebox Metrics servlet. -->
|
||||
<servlet>
|
||||
<servlet-name>metrics</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.monitoring.whitebox.MetricsTaskServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>metrics</servlet-name>
|
||||
<url-pattern>/_dr/task/metrics</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Security config -->
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Internal</web-resource-name>
|
||||
<description>
|
||||
Any request path starting with `/_dr/` will be restricted to requests originating
|
||||
from the backend or by anyone authenticated to a Google account that's listed in
|
||||
the AppEngine control panel settings for this project as a Viewer/Owner/Developer.
|
||||
The `_dr` is short for Domain Registry to follow AppEngine naming conventions.
|
||||
</description>
|
||||
<url-pattern>/_dr/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>profile-registrar-xhr</web-resource-name>
|
||||
<description>
|
||||
Only allow logged-in users to even try to issue EPP commands. This is an additional
|
||||
layer of safety on top of in-servlet authentication and XSRF protection.
|
||||
</description>
|
||||
<url-pattern>/registrar-xhr</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>*</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>profile-registrar-settings</web-resource-name>
|
||||
<description>
|
||||
Only allow logged-in users to even try to change registrar settings. This is an additional
|
||||
layer of safety on top of in-servlet authentication and XSRF protection.
|
||||
</description>
|
||||
<url-pattern>/registrar-settings</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>*</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>profile-registrar-payment</web-resource-name>
|
||||
<description>
|
||||
Only allow logged-in users to even try to change registrar settings. This is an additional
|
||||
layer of safety on top of in-servlet authentication and XSRF protection.
|
||||
</description>
|
||||
<url-pattern>/registrar-payment</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>*</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>profile-registrar-payment-token</web-resource-name>
|
||||
<description>
|
||||
Only allow logged-in users to even try to change registrar settings. This is an additional
|
||||
layer of safety on top of in-servlet authentication and XSRF protection.
|
||||
</description>
|
||||
<url-pattern>/registrar-payment-token</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>*</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<!-- Require TLS on all requests. -->
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Secure</web-resource-name>
|
||||
<description>
|
||||
Require encryption for all paths. http URLs will be redirected to https.
|
||||
</description>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<user-data-constraint>
|
||||
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
||||
</user-data-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<!-- Restrict access to source code. -->
|
||||
<!-- This directory contains all the JavaScript sources verbatim. -->
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>internal-sources</web-resource-name>
|
||||
<description>No soup for you!</description>
|
||||
<url-pattern>/assets/sources/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<!-- TODO(b/26776367): Move these files to /assets/sources. -->
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>admin-bin-js-map</web-resource-name>
|
||||
<description>No soup for you!</description>
|
||||
<url-pattern>/assets/js/admin_bin.js.map</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>admin-dbg-js</web-resource-name>
|
||||
<description>No soup for you!</description>
|
||||
<url-pattern>/assets/js/admin_dbg.js</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>registrar-bin-js-map</web-resource-name>
|
||||
<description>No soup for you!</description>
|
||||
<url-pattern>/assets/js/registrar_bin.js.map</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>registrar-dbg-js</web-resource-name>
|
||||
<description>No soup for you!</description>
|
||||
<url-pattern>/assets/js/registrar_dbg.js</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>brain-bin-js-map</web-resource-name>
|
||||
<description>No soup for you!</description>
|
||||
<url-pattern>/assets/js/brain_bin.js.map</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>admin-dbg-css</web-resource-name>
|
||||
<description>No soup for you!</description>
|
||||
<url-pattern>/assets/css/admin_dbg.css</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>registrar-dbg-css</web-resource-name>
|
||||
<description>No soup for you!</description>
|
||||
<url-pattern>/assets/css/registrar_dbg.css</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<!-- See: https://code.google.com/p/objectify-appengine/wiki/Setup -->
|
||||
<filter>
|
||||
<filter-name>ObjectifyFilter</filter-name>
|
||||
<filter-class>com.googlecode.objectify.ObjectifyFilter</filter-class>
|
||||
</filter>
|
||||
<filter-mapping>
|
||||
<filter-name>ObjectifyFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<!-- Register types with Objectify. -->
|
||||
<filter>
|
||||
<filter-name>OfyFilter</filter-name>
|
||||
<filter-class>com.google.domain.registry.model.ofy.OfyFilter</filter-class>
|
||||
</filter>
|
||||
<filter-mapping>
|
||||
<filter-name>OfyFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
</web-app>
|
||||
7
java/com/google/domain/registry/env/common/tools/BUILD
vendored
Normal file
7
java/com/google/domain/registry/env/common/tools/BUILD
vendored
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
package(
|
||||
default_visibility = ["//java/com/google/domain/registry:registry_project"],
|
||||
)
|
||||
|
||||
exports_files(glob(["WEB-INF/*"]))
|
||||
|
||||
|
||||
13
java/com/google/domain/registry/env/common/tools/WEB-INF/logging.properties
vendored
Normal file
13
java/com/google/domain/registry/env/common/tools/WEB-INF/logging.properties
vendored
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
# A default java.util.logging configuration.
|
||||
# (All App Engine logging is through java.util.logging by default).
|
||||
#
|
||||
# To use this configuration, copy it into your application's WEB-INF
|
||||
# folder and add the following to your appengine-web.xml:
|
||||
#
|
||||
# <system-properties>
|
||||
# <property name="java.util.logging.config.file" value="WEB-INF/logging.properties"/>
|
||||
# </system-properties>
|
||||
#
|
||||
|
||||
# Set the default logging level for all loggers to INFO.
|
||||
.level = INFO
|
||||
284
java/com/google/domain/registry/env/common/tools/WEB-INF/web.xml
vendored
Normal file
284
java/com/google/domain/registry/env/common/tools/WEB-INF/web.xml
vendored
Normal file
|
|
@ -0,0 +1,284 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee" version="2.5"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
|
||||
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
|
||||
<!-- Servlets -->
|
||||
|
||||
<servlet>
|
||||
<display-name>Verify OTE</display-name>
|
||||
<servlet-name>verify-ote</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.ui.server.admin.VerifyOteServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>verify-ote</servlet-name>
|
||||
<url-pattern>/_dr/admin/verifyOte</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<display-name>Create Groups for Registrar</display-name>
|
||||
<servlet-name>create-groups</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.tools.ToolsServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>create-groups</servlet-name>
|
||||
<url-pattern>/_dr/admin/createGroups</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<display-name>Create Premium List</display-name>
|
||||
<servlet-name>create-premium-list</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.tools.ToolsServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>create-premium-list</servlet-name>
|
||||
<url-pattern>/_dr/admin/createPremiumList</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<display-name>List Entities</display-name>
|
||||
<servlet-name>list-entities</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.tools.ToolsServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>list-entities</servlet-name>
|
||||
<url-pattern>/_dr/admin/list/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<display-name>Delete Entity</display-name>
|
||||
<servlet-name>delete-entity</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.tools.ToolsServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>delete-entity</servlet-name>
|
||||
<url-pattern>/_dr/admin/deleteEntity</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<display-name>Update Premium List</display-name>
|
||||
<servlet-name>update-premium-list</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.tools.ToolsServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>update-premium-list</servlet-name>
|
||||
<url-pattern>/_dr/admin/updatePremiumList</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<description>Backend endpoint to initate loadtests.</description>
|
||||
<display-name>Load Test</display-name>
|
||||
<servlet-name>loadtest</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.tools.ToolsServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>loadtest</servlet-name>
|
||||
<url-pattern>/_dr/loadtest</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Command line tool uses this endpoint to modify the datastore. -->
|
||||
<servlet>
|
||||
<display-name>Remote API Servlet</display-name>
|
||||
<servlet-name>RemoteApiServlet</servlet-name>
|
||||
<servlet-class>com.google.apphosting.utils.remoteapi.RemoteApiServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>RemoteApiServlet</servlet-name>
|
||||
<url-pattern>/remote_api</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- ExecuteEppCommand uses this to execute remotely. -->
|
||||
<servlet>
|
||||
<description>
|
||||
Execute epp from the registry tool.
|
||||
</description>
|
||||
<display-name>Registry tool EPP endpoint</display-name>
|
||||
<servlet-name>epptool</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.flows.EppToolServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>epptool</servlet-name>
|
||||
<url-pattern>/_dr/epptool</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Mapreduce to delete all prober data. -->
|
||||
<servlet>
|
||||
<description>
|
||||
Deletes all billing events, history entries, domains, poll messages, foreign key indexes, and eCatcher entities in prober namespaces.
|
||||
</description>
|
||||
<display-name>Delete Prober Data Mapreduce</display-name>
|
||||
<servlet-name>delete-prober-data</servlet-name>
|
||||
<!-- TODO(b/27309488): maybe move this to the backend module + BackendServlet. -->
|
||||
<servlet-class>com.google.domain.registry.module.tools.ToolsServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>delete-prober-data</servlet-name>
|
||||
<url-pattern>/_dr/task/deleteProberData</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Mapreduce to delete all entities in non-default namespaces. -->
|
||||
<servlet>
|
||||
<description>
|
||||
Deletes entities in non-default namespaces.
|
||||
</description>
|
||||
<display-name>Annihilate Non-Default Namespaces Mapreduce</display-name>
|
||||
<servlet-name>annihilate-non-default-namespaces</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.tools.ToolsServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>annihilate-non-default-namespaces</servlet-name>
|
||||
<url-pattern>/_dr/task/annihilateNonDefaultNamespaces</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Mapreduce to re-save all EppResources. -->
|
||||
<servlet>
|
||||
<description>
|
||||
Re-saves all EppResources.
|
||||
</description>
|
||||
<display-name>Re-Save All EPP Resources</display-name>
|
||||
<servlet-name>resave-all-eppresources</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.tools.ToolsServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>resave-all-eppresources</servlet-name>
|
||||
<url-pattern>/_dr/task/resaveAllEppResources</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- This path serves up the App Engine results page for mapreduce runs. -->
|
||||
<servlet>
|
||||
<servlet-name>mapreduce</servlet-name>
|
||||
<servlet-class>com.google.appengine.tools.mapreduce.MapReduceServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>mapreduce</servlet-name>
|
||||
<url-pattern>/_dr/mapreduce/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Pipeline GUI servlets. -->
|
||||
<servlet>
|
||||
<servlet-name>pipeline</servlet-name>
|
||||
<servlet-class>com.google.appengine.tools.pipeline.impl.servlets.PipelineServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>pipeline</servlet-name>
|
||||
<url-pattern>/_ah/pipeline/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Registrar detail report publishing action. -->
|
||||
<servlet>
|
||||
<servlet-name>publish-detail-report</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.tools.ToolsServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>publish-detail-report</servlet-name>
|
||||
<url-pattern>/_dr/publishDetailReport</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>generate-zone-files</servlet-name>
|
||||
<servlet-class>com.google.domain.registry.module.tools.ToolsServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>generate-zone-files</servlet-name>
|
||||
<url-pattern>/_dr/task/generateZoneFiles</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Security config -->
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Internal</web-resource-name>
|
||||
<description>
|
||||
Any request path starting with `/_dr/` will be restricted to requests originating
|
||||
from the backend or by anyone authenticated to a Google account that's listed in
|
||||
the AppEngine control panel settings for this project as a Viewer/Owner/Developer.
|
||||
The `_dr` is short for Domain Registry to follow AppEngine naming conventions.
|
||||
</description>
|
||||
<url-pattern>/_dr/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
<user-data-constraint>
|
||||
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
||||
</user-data-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<!-- Require TLS on all requests. -->
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Secure</web-resource-name>
|
||||
<description>
|
||||
Require encryption for all paths. http URLs will be redirected to https.
|
||||
</description>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<user-data-constraint>
|
||||
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
||||
</user-data-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<!-- Shut down external access to registrar console. -->
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Internal</web-resource-name>
|
||||
<description>
|
||||
Go home rogue registrar!
|
||||
</description>
|
||||
<url-pattern>/registrar*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
<user-data-constraint>
|
||||
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
||||
</user-data-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<!-- Restrict access to source code. -->
|
||||
<!-- These are only included in the default module war, but restricting here too for safety. -->
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Internal</web-resource-name>
|
||||
<description>No soup for you!</description>
|
||||
<url-pattern>/assets/sources/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>admin</role-name>
|
||||
</auth-constraint>
|
||||
<user-data-constraint>
|
||||
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
||||
</user-data-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<!-- See: https://code.google.com/p/objectify-appengine/wiki/Setup -->
|
||||
<filter>
|
||||
<filter-name>ObjectifyFilter</filter-name>
|
||||
<filter-class>com.googlecode.objectify.ObjectifyFilter</filter-class>
|
||||
</filter>
|
||||
<filter-mapping>
|
||||
<filter-name>ObjectifyFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<!-- Register types with Objectify. -->
|
||||
<filter>
|
||||
<filter-name>OfyFilter</filter-name>
|
||||
<filter-class>com.google.domain.registry.model.ofy.OfyFilter</filter-class>
|
||||
</filter>
|
||||
<filter-mapping>
|
||||
<filter-name>OfyFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
</web-app>
|
||||
Loading…
Add table
Add a link
Reference in a new issue