YunoHost-Apps/redirect_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/redirect_ynh.git synced 2024-09-03 20:16:10 +02:00
Code Issues Activity Actions

v2

Browse source
This commit is contained in:
Éric Gaspar 2023-09-26 21:24:14 +02:00
parent 4547e24b8c
commit 3a06bf6c0b
6 changed files with 115 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

64
manifest.toml Normal file
View file

@ -0,0 +1,64 @@
packaging_format = 2
id = "redirect"
name = "Redirect"
description.en = "Create a redirection or a proxy to another path"
description.fr = "Créer une redirection ou un proxy vers un autre emplacement"
version = "1.0.2~ynh1"
maintainers = ["alexAubin"]
[upstream]
license = "AGPL-3.0-or-later"
code = "https://github.com/YunoHost-Apps/redirect_ynh"
website = "https://github.com/YunoHost-Apps/redirect_ynh"
cpe = "???" # FIXME: optional but recommended if relevant, this is meant to contain the Common Platform Enumeration, which is sort of a standard id for applications defined by the NIST. In particular, Yunohost may use this is in the future to easily track CVE (=security reports) related to apps. The CPE may be obtained by searching here: https://nvd.nist.gov/products/cpe/search. For example, for Nextcloud, the CPE is 'cpe:2.3:a:nextcloud:nextcloud' (no need to include the version number)
fund = "???" # FIXME: optional but recommended (or remove if irrelevant / not applicable). This is meant to be an URL where people can financially support this app, especially when its development is based on volunteers and/or financed by its community. YunoHost may later advertise it in the webadmin.
[integration]
yunohost = ">= 4.2.0"
architectures = "all" # FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"]
multi_instance = true
ldap = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "sso" key : the "ldap" key corresponds to wether or not a user *can* login on the app using its YunoHost credentials.
sso = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "ldap" key : the "sso" key corresponds to wether or not a user is *automatically logged-in* on the app when logged-in on the YunoHost portal.
disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ...
ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ...
ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ...
[install]
[install.domain]
# this is a generic question - ask strings are automatically handled by Yunohost's core
type = "domain"
[install.path]
# this is a generic question - ask strings are automatically handled by Yunohost's core
type = "path"
default = "/redirect"
[install.redirect_path]
ask.en = "Redirect destination path"
ask.fr = "Emplacement de destination"
type = "string"
example = "http://127.0.0.1:8080/app/"
default = "http://127.0.0.1"
[install.redirect_type]
ask.en = "Redirect type"
ask.fr = "Type de redirection"
type = "string"
default = "public_302"
[install.redirect_type.choices]
public_302 = "Visible redirect (302, temporary). Everybody will be able to access it."
public_301 = "Visible redirect (301, permanent). Everybody will be able to access it."
public_proxy = "Proxy, invisible (NGINX proxy_pass). Everybody will be able to access it."
private_proxy = "Proxy, invisible (NGINX proxy_pass). Only accessible for allowed users."
[resources]
[resources.system_user]
[resources.install_dir]
[resources.permissions]
main.url = "/"

8
scripts/backup
View file

@ -13,16 +13,16 @@ source /usr/share/yunohost/helpers
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#REMOVEME? ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info --message="Loading installation settings..."
#REMOVEME? ynh_print_info --message="Loading installation settings..."
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
#REMOVEME? app=$YNH_APP_INSTANCE_NAME
#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain)
#=================================================
# BACKUP THE NGINX CONFIGURATION

26
scripts/install
View file

@ -13,21 +13,21 @@ source /usr/share/yunohost/helpers
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#REMOVEME? ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
redirect_type=$YNH_APP_ARG_REDIRECT_TYPE
redirect_path=$YNH_APP_ARG_REDIRECT_PATH
#REMOVEME? app=$YNH_APP_INSTANCE_NAME
#REMOVEME? domain=$YNH_APP_ARG_DOMAIN
#REMOVEME? path=$YNH_APP_ARG_PATH
#REMOVEME? redirect_type=$YNH_APP_ARG_REDIRECT_TYPE
#REMOVEME? redirect_path=$YNH_APP_ARG_REDIRECT_PATH
# Check domain/path availability
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#REMOVEME? ynh_webpath_register --app=$app --domain=$domain --path=$path
# Validate redirect path
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
@ -41,7 +41,7 @@ url_regex='^(http://(127\.[0-9]+\.[0-9]+\.[0-9]+|localhost)|https://.*)(:[0-9]+)
# Save extra settings
ynh_app_setting_set --app=$app --key=redirect_type --value=$redirect_type
ynh_app_setting_set --app=$app --key=redirect_path --value=$redirect_path
#REMOVEME? ynh_app_setting_set --app=$app --key=redirect_path --value=$redirect_path
#=================================================
# CONFIGURE NGINX
@ -51,7 +51,7 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=1
# Nginx configuration
for FILE in $(ls ../conf/nginx-*.conf)
do
ynh_replace_string "YNH_LOCATION" "$path_url" $FILE
ynh_replace_string "YNH_LOCATION" "$path" $FILE
done
if [ "$redirect_type" = "public_302" ];
then
@ -70,21 +70,21 @@ fi
#=================================================
# CONFIGURE SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=2
#REMOVEME? ynh_script_progression --message="Configuring permissions..." --weight=2
# Make app public if necessary
if [ "$redirect_type" != "private_proxy" ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_permission_update --permission="main" --add="visitors"
#REMOVEME? ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT

10
scripts/remove
View file

@ -11,11 +11,11 @@ source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
#REMOVEME? ynh_script_progression --message="Loading installation settings..." --weight=1
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
#REMOVEME? app=$YNH_APP_INSTANCE_NAME
#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain)
#=================================================
# REMOVE NGINX CONFIGURATION
@ -27,9 +27,9 @@ ynh_secure_remove /etc/nginx/conf.d/$domain.d/$app.conf
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT

14
scripts/restore
View file

@ -13,18 +13,18 @@ source /usr/share/yunohost/helpers
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#REMOVEME? ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
redirect_type=$(ynh_app_setting_get --app=$app --key=redirect_type)
redirect_path=$(ynh_app_setting_get --app=$app --key=redirect_path)
#REMOVEME? app=$YNH_APP_INSTANCE_NAME
#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain)
#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path)
#REMOVEME? redirect_type=$(ynh_app_setting_get --app=$app --key=redirect_type)
#REMOVEME? redirect_path=$(ynh_app_setting_get --app=$app --key=redirect_path)
# Validate redirect path
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
@ -45,7 +45,7 @@ ynh_restore_file "$NGINX_CONF"
if [ "$redirect_type" != "private_proxy" ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_permission_update --permission="main" --add="visitors"
#REMOVEME? ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================

44
scripts/upgrade
View file

@ -14,11 +14,11 @@ source /usr/share/yunohost/helpers
#=================================================
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
redirect_type=$(ynh_app_setting_get --app=$app --key=redirect_type)
redirect_path=$(ynh_app_setting_get --app=$app --key=redirect_path)
#REMOVEME? app=$YNH_APP_INSTANCE_NAME
#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain)
#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path)
#REMOVEME? redirect_type=$(ynh_app_setting_get --app=$app --key=redirect_type)
#REMOVEME? redirect_path=$(ynh_app_setting_get --app=$app --key=redirect_path)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
@ -33,24 +33,24 @@ then
fi
# Migrate away from old stuff with 'is_public' and old redirect type names
is_public=$(ynh_app_setting_get "$app" is_public)
if [ -n "$is_public" ]
#REMOVEME? #REMOVEME? is_public=$(ynh_app_setting_get "$app" is_public)
#REMOVEME? if [ -n "$is_public" ]
then
if [ "$is_public" = "Yes" ]; then
#REMOVEME? if [ "$is_public" = "Yes" ]; then
is_public=1
elif [ "$is_public" = "No" ]; then
#REMOVEME? elif [ "$is_public" = "No" ]; then
is_public=0
fi
if [ "$is_public" = "0" ] && [ "$redirect_type" != "proxy" ]; then
#REMOVEME? if [ "$is_public" = "0" ] && [ "$redirect_type" != "proxy" ]; then
echo "WARNING: You previously had a 'supposedly' private 301 or 302 redirection... but it was found that it was public all along and it is not easy to create such a private redirection. Your 301 or 302 redirection will be re-flagged as public..." >&2
is_public=1
fi
if [ "$redirect_type" == "proxy" ] && [ "$is_public" = "1" ]
#REMOVEME? if [ "$redirect_type" == "proxy" ] && [ "$is_public" = "1" ]
then
redirect_type="public_proxy"
elif [ "$redirect_type" == "proxy" ] && [ "$is_public" = "0" ]
#REMOVEME? elif [ "$redirect_type" == "proxy" ] && [ "$is_public" = "0" ]
then
redirect_type="private_proxy"
elif [ "$redirect_type" == "visible_302" ]
@ -65,9 +65,9 @@ then
fi
# Migrate legacy permissions to new system
if ynh_legacy_permissions_exists
#REMOVEME? if ynh_legacy_permissions_exists
then
ynh_legacy_permissions_delete_all
#REMOVEME? ynh_legacy_permissions_delete_all
ynh_app_setting_delete --app=$app --key=is_public
fi
@ -77,13 +77,13 @@ fi
#=================================================
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
#REMOVEME? ynh_backup_before_upgrade
#REMOVEME? ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
#REMOVEME? ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#REMOVEME? ynh_abort_if_errors
# Validate redirect path
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
@ -96,7 +96,7 @@ url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=
# Nginx configuration
for FILE in $(ls ../conf/nginx-*.conf)
do
ynh_replace_string "YNH_LOCATION" "$path_url" $FILE
ynh_replace_string "YNH_LOCATION" "$path" $FILE
done
if [ "$redirect_type" = "public_302" ];
then
@ -120,15 +120,15 @@ fi
if [ "$redirect_type" != "private_proxy" ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_permission_update --permission="main" --add="visitors"
#REMOVEME? ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT