1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/redirect_ynh.git synced 2024-09-03 20:16:10 +02:00
redirect_ynh/scripts/install

73 lines
2.8 KiB
Text
Raw Normal View History

2016-06-20 23:43:51 +02:00
#!/bin/bash
2018-05-26 10:27:01 +02:00
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
2016-06-20 23:43:51 +02:00
2018-05-26 10:27:01 +02:00
source /usr/share/yunohost/helpers
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
2016-06-20 23:43:51 +02:00
2023-09-26 21:36:36 +02:00
redirect_type=$YNH_APP_ARG_REDIRECT_TYPE
redirect_path=$YNH_APP_ARG_REDIRECT_PATH
2016-06-20 23:43:51 +02:00
# Validate redirect path
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1
2016-06-20 23:43:51 +02:00
# Avoid uncrypted remote destination with reverse proxy mode
# Indeed the SSO send the password in all requests in HTTP headers
2019-09-16 22:46:52 +02:00
url_regex='^(http://(127\.[0-9]+\.[0-9]+\.[0-9]+|localhost)|https://.*)(:[0-9]+)?(/.*)?$'
[[ "$redirect_type" = "proxy" ]] && [[ ! $redirect_path =~ $url_regex ]] && ynh_die \
"For secure reason, you can't use an unencrypted http remote destination couple with ssowat for your reverse proxy: $redirect_path" 1
2023-09-26 21:36:36 +02:00
# Save extra settings
2021-01-23 15:21:17 +01:00
ynh_app_setting_set --app=$app --key=redirect_type --value=$redirect_type
2023-09-26 21:36:36 +02:00
ynh_app_setting_set --app=$app --key=redirect_path --value=$redirect_path
2016-06-20 23:43:51 +02:00
2019-05-15 18:42:44 +02:00
#=================================================
# CONFIGURE NGINX
#=================================================
2021-01-23 15:21:17 +01:00
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
2019-05-15 18:42:44 +02:00
2016-06-20 23:43:51 +02:00
# Nginx configuration
for FILE in $(ls ../conf/nginx-*.conf)
do
2023-09-26 21:24:14 +02:00
ynh_replace_string "YNH_LOCATION" "$path" $FILE
done
if [ "$redirect_type" = "public_302" ];
2016-06-20 23:43:51 +02:00
then
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-302.conf
2018-05-26 10:01:42 +02:00
cp ../conf/nginx-visible-302.conf /etc/nginx/conf.d/$domain.d/$app.conf
elif [ "$redirect_type" = "public_301" ];
2016-06-20 23:43:51 +02:00
then
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-301.conf
2018-05-26 10:01:42 +02:00
cp ../conf/nginx-visible-301.conf /etc/nginx/conf.d/$domain.d/$app.conf
elif [ "$redirect_type" = "public_proxy" ] || [ "$redirect_type" = "private_proxy" ];
2016-06-20 23:43:51 +02:00
then
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-proxy.conf
2018-05-26 10:01:42 +02:00
cp ../conf/nginx-proxy.conf /etc/nginx/conf.d/$domain.d/$app.conf
2016-06-20 23:43:51 +02:00
fi
2018-05-26 10:27:01 +02:00
#=================================================
2019-05-15 18:42:44 +02:00
# CONFIGURE SSOWAT
2018-05-26 10:27:01 +02:00
#=================================================
2023-09-26 21:36:36 +02:00
ynh_script_progression --message="Configuring permissions..." --weight=2
2018-05-26 10:27:01 +02:00
2016-06-20 23:43:51 +02:00
# Make app public if necessary
if [ "$redirect_type" != "private_proxy" ]
2016-06-20 23:43:51 +02:00
then
2018-05-26 10:27:01 +02:00
# unprotected_uris allows SSO credentials to be passed anyway.
2023-09-26 21:36:36 +02:00
ynh_permission_update --permission="main" --add="visitors"
2016-06-20 23:43:51 +02:00
fi
2021-01-23 15:21:17 +01:00
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last