From 195fe0765497982dc2e40d952f81819ecb3f5cbb Mon Sep 17 00:00:00 2001
From: Krakinou <misterl56@hotmail.com>
Date: Tue, 13 Dec 2022 22:55:38 +0100
Subject: [PATCH] Split nginx config file

---
 conf/api_nginx.conf                        | 37 ++++++++++++++++++++
 conf/nginx.conf                            | 40 +---------------------
 manifest.json                              |  2 +-
 scripts/backup                             |  1 +
 scripts/install                            |  1 +
 scripts/remove                             |  1 +
 scripts/restore                            |  1 +
 scripts/upgrade                            |  6 ++++
 sources/hooks/conf_regen/95-nginx_domoticz |  2 +-
 9 files changed, 50 insertions(+), 41 deletions(-)
 create mode 100644 conf/api_nginx.conf

diff --git a/conf/api_nginx.conf b/conf/api_nginx.conf
new file mode 100644
index 0000000..9c9e2a5
--- /dev/null
+++ b/conf/api_nginx.conf
@@ -0,0 +1,37 @@
+#This part should be split in a second file to not be overwritten
+#sub_path_only rewrite ^api___PATH__$ api___PATH__/ permanent;
+location __API_PATH__/ {
+  #Alternative path for api, only authorized json command will be accepted
+
+  #allow only local network on IPv4
+  allow 192.168.0.0/16;
+  #allow all address in IPv6 => how to filter?
+  allow ::/1;
+  deny all;
+
+  proxy_http_version 1.1;
+  proxy_read_timeout 90;
+  proxy_set_header X-Real-IP $remote_addr;
+  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+  proxy_set_header X-Forwarded_Proto $scheme;
+  proxy_set_header X-Scheme $scheme;
+  proxy_set_header Upgrade $http_upgrade;
+  proxy_set_header Connection $connection_upgrade;
+  more_set_headers "X-Frame-Options: SAMEORIGIN";
+  proxy_pass http://localhost:__PORT__/;
+  proxy_set_header Host $host;
+  
+  set $api "0";
+  
+  #set the list of authorized json command here in regex format
+  #you may retrieve the command from https://www.domoticz.com/wiki/Domoticz_API/JSON_URL's
+  #By default, sensors updates and toggle switch are authorized
+  if ( $args ~* type=command&param=udevice&idx=[0-9]*&nvalue=[0-9]*&svalue=.*$|type=command&param=switchlight&idx=[0-9]*&switchcmd=Toggle$) {
+    set $api "1";
+  }
+
+  if ($api = 0) {
+    return 403;
+  }
+
+}
diff --git a/conf/nginx.conf b/conf/nginx.conf
index 92230a1..6a1d7db 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -18,42 +18,4 @@ location __PATH__/ {
   
   # Include SSOWAT user panel.
   include conf.d/yunohost_panel.conf.inc;
-}
-
-#This part should be split in a second file to not be overwritten
-#sub_path_only rewrite ^api___PATH__$ api___PATH__/ permanent;
-location __API_PATH__/ {
-  #Alternative path for api, only authorized json command will be accepted
-
-  #allow only local network on IPv4
-  allow 192.168.0.0/16;
-  #allow all address in IPv6 => how to filter?
-  allow ::/1;
-  deny all;
-
-  proxy_http_version 1.1;
-  proxy_read_timeout 90;
-  proxy_set_header X-Real-IP $remote_addr;
-  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-  proxy_set_header X-Forwarded_Proto $scheme;
-  proxy_set_header X-Scheme $scheme;
-  proxy_set_header Upgrade $http_upgrade;
-  proxy_set_header Connection $connection_upgrade;
-  more_set_headers "X-Frame-Options: SAMEORIGIN";
-  proxy_pass http://localhost:__PORT__/;
-  proxy_set_header Host $host;
-  
-  set $api "0";
-  
-  #set the list of authorized json command here in regex format
-  #you may retrieve the command from https://www.domoticz.com/wiki/Domoticz_API/JSON_URL's
-  #By default, sensors updates and toggle switch are authorized
-  if ( $args ~* type=command&param=udevice&idx=[0-9]*&nvalue=[0-9]*&svalue=.*$|type=command&param=switchlight&idx=[0-9]*&switchcmd=Toggle$) {
-    set $api "1";
-  }
-
-  if ($api = 0) {
-    return 403;
-  }
-
-}
+}
\ No newline at end of file
diff --git a/manifest.json b/manifest.json
index b9a0866..eb0337d 100644
--- a/manifest.json
+++ b/manifest.json
@@ -6,7 +6,7 @@
         "en": "Very light weight open sources home automation system that lets you monitor and configure miscellaneous devices",
         "fr": "Logiciel open sources et gratuit de domotique qui vous permet de configurer un grand nombre d'appareils"
     },
-    "version": "2020.2~ynh6",
+    "version": "2020.2~ynh7",
     "url": "https://www.domoticz.com",
     "upstream": {
         "license": "GPL-3.0-or-later",
diff --git a/scripts/backup b/scripts/backup
index ffa3451..ff2c423 100755
--- a/scripts/backup
+++ b/scripts/backup
@@ -47,6 +47,7 @@ ynh_backup --src_path="$final_path"
 #=================================================
 
 ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
+ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/api_"$app".conf"
 [[ ! -z "$mqtt_domain" ]] && ynh_backup --src_path="/etc/nginx/conf.d/$mqtt_domain.d/mqtt_$app.conf"  --not_mandatory
 
 #=================================================
diff --git a/scripts/install b/scripts/install
index ee581cb..23e8a5f 100755
--- a/scripts/install
+++ b/scripts/install
@@ -182,6 +182,7 @@ cp -R ../sources/hooks/conf_regen/95-nginx_domoticz /usr/share/yunohost/hooks/co
 yunohost tools regen-conf nginx
 
 # Create a dedicated NGINX config
+ynh_add_config --template="api_nginx.conf" --destination="/etc/nginx/conf.d/"$domain".d/api_"$app".conf"
 ynh_add_nginx_config
 
 
diff --git a/scripts/remove b/scripts/remove
index 1d25cb4..9304492 100755
--- a/scripts/remove
+++ b/scripts/remove
@@ -84,6 +84,7 @@ yunohost tools regen-conf postfix
 # Remove the dedicated NGINX config
 [[ ! -z "$mqtt_domain" ]] && ynh_secure_remove --file="/etc/nginx/conf.d/"$mqtt_domain".d/mqtt_"$app".conf"
 
+ynh_secure_remove --file="/etc/nginx/conf.d/"$domain".d/api_"$app".conf"
 ynh_remove_nginx_config
 
 #=================================================
diff --git a/scripts/restore b/scripts/restore
index 7928f08..d6e51db 100755
--- a/scripts/restore
+++ b/scripts/restore
@@ -56,6 +56,7 @@ test "$backup_mach" = "$mach" \
 ynh_script_progression --message="Restoring the NGINX web server configuration..."
 
 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
+ynh_restore_file --origin_path="/etc/nginx/conf.d/"$domain".d/api_"$app".conf"
 ynh_restore_file --origin_path="/etc/nginx/conf.d/$mqtt_domain.d/mqtt_$app.conf" --not_mandatory
 
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index 754e482..56df06e 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -234,6 +234,12 @@ cp -R ../sources/hooks/conf_regen/95-nginx_domoticz /usr/share/yunohost/hooks/co
 yunohost tools regen-conf nginx
 
 # Create a dedicated NGINX config
+if [[ ! -f "/etc/nginx/conf.d/"$domain".d/api_"$app".conf" ]] 
+then 
+	ynh_print_warn --message="The nginx conf file will now be splitted between standard and api related path"
+	ynh_print_warn --message="Report any manual changes on the new /etc/nginx/conf.d/$domain.d/api_$app.conf file for json command to keep working"
+fi
+ynh_add_config --template="api_nginx.conf" --destination="/etc/nginx/conf.d/"$domain".d/api_"$app".conf"
 ynh_add_nginx_config
 
 #=================================================
diff --git a/sources/hooks/conf_regen/95-nginx_domoticz b/sources/hooks/conf_regen/95-nginx_domoticz
index 72fb234..d037d49 100644
--- a/sources/hooks/conf_regen/95-nginx_domoticz
+++ b/sources/hooks/conf_regen/95-nginx_domoticz
@@ -16,7 +16,7 @@ nginx_mqtt="$nginx_conf"/conf.d/"$mqtt_domain".conf
 [[ -e $nginx_mqtt ]] || exit 0
 
 
-if [[ "$mqtt_domain" != "domain" ]]; then
+if [[ "$mqtt_domain" != "$domain" ]]; then
 #single quote pour ne pas étendre les variables du fichier de config nginx et doubles quote pour les variables à étendre
         sed -i '/map $http_upgrade $connection_upgrade {/i upstream '"${mqtt_domain}"' {\n  server localhost:'"${mqtt_port}"';\n}\n' $nginx_mqtt
 fi