mirror of
https://github.com/YunoHost-Apps/redirect_ynh.git
synced 2024-09-03 20:16:10 +02:00
is_public was a lie. Only reverse proxy can be private.
This commit is contained in:
parent
238eeb8f57
commit
650d69514d
4 changed files with 49 additions and 52 deletions
|
@ -51,19 +51,6 @@
|
|||
"example": "http://127.0.0.1:8080/app/",
|
||||
"default": "http://127.0.0.1"
|
||||
},
|
||||
{
|
||||
"name": "is_public",
|
||||
"type": "boolean",
|
||||
"ask": {
|
||||
"en": "Is it a public redirect?",
|
||||
"fr": "Est-ce une redirection publique ?"
|
||||
},
|
||||
"help": {
|
||||
"en": "A private redirection will only be effective for logged-in users.",
|
||||
"fr": "Une redirection privée ne fonctionnera que pour les utilisateurs identifiés."
|
||||
},
|
||||
"default": false
|
||||
},
|
||||
{
|
||||
"name": "redirect_type",
|
||||
"ask": {
|
||||
|
@ -71,11 +58,12 @@
|
|||
"fr": "Type de redirection"
|
||||
},
|
||||
"choices": {
|
||||
"visible_302" : "Visible (302, temporary redirect)",
|
||||
"visible_301" : "Visible (301, permanent redirect)",
|
||||
"proxy": "Proxy, invisible (Nginx proxy_pass)"
|
||||
"public_302" : "Visible redirect (302, temporary). Everybody will be able to access it.",
|
||||
"public_301" : "Visible redirect (301, permanent). Everybody will be able to access it.",
|
||||
"public_proxy": "Proxy, invisible (nginx proxy_pass). Everybody will be able to access it.",
|
||||
"private_proxy": "Proxy, invisible (nginx proxy_pass). Only accessible for allowed users."
|
||||
},
|
||||
"default": "visible_302"
|
||||
"default": "public_302"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
|
@ -35,7 +35,6 @@ app=$YNH_APP_INSTANCE_NAME
|
|||
# Retrieve arguments
|
||||
domain=$YNH_APP_ARG_DOMAIN
|
||||
path_url=$YNH_APP_ARG_PATH
|
||||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||||
redirect_type=$YNH_APP_ARG_REDIRECT_TYPE
|
||||
redirect_path=$YNH_APP_ARG_REDIRECT_PATH
|
||||
|
||||
|
@ -47,7 +46,6 @@ url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=
|
|||
[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1
|
||||
|
||||
# Save extra settings
|
||||
ynh_app_setting_set $app is_public "$is_public"
|
||||
ynh_app_setting_set $app redirect_type "$redirect_type"
|
||||
ynh_app_setting_set $app redirect_path "$redirect_path"
|
||||
|
||||
|
@ -56,15 +54,15 @@ for FILE in $(ls ../conf/nginx-*.conf)
|
|||
do
|
||||
ynh_replace_string "YNH_LOCATION" "$path_url" $FILE
|
||||
done
|
||||
if [ "$redirect_type" = "visible_302" ];
|
||||
if [ "$redirect_type" = "public_302" ];
|
||||
then
|
||||
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-302.conf
|
||||
cp ../conf/nginx-visible-302.conf /etc/nginx/conf.d/$domain.d/$app.conf
|
||||
elif [ "$redirect_type" = "visible_301" ];
|
||||
elif [ "$redirect_type" = "public_301" ];
|
||||
then
|
||||
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-301.conf
|
||||
cp ../conf/nginx-visible-301.conf /etc/nginx/conf.d/$domain.d/$app.conf
|
||||
elif [ "$redirect_type" = "proxy" ];
|
||||
elif [ "$redirect_type" = "public_proxy" ] || [ "$redirect_type" = "private_proxy" ];
|
||||
then
|
||||
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-proxy.conf
|
||||
cp ../conf/nginx-proxy.conf /etc/nginx/conf.d/$domain.d/$app.conf
|
||||
|
@ -74,17 +72,12 @@ fi
|
|||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
|
||||
if [ $is_public -eq 0 ]
|
||||
then # Remove the public access
|
||||
ynh_app_setting_delete "$app" skipped_uris
|
||||
fi
|
||||
# Make app public if necessary
|
||||
if [ $is_public -eq 1 ]
|
||||
if [ "$redirect_type" != "private_proxy" ]
|
||||
then
|
||||
# unprotected_uris allows SSO credentials to be passed anyway.
|
||||
ynh_app_setting_set "$app" unprotected_uris "/"
|
||||
fi
|
||||
|
||||
|
||||
# Reload Nginx and regenerate SSOwat conf
|
||||
service nginx reload
|
||||
|
|
|
@ -40,7 +40,6 @@ app=$YNH_APP_INSTANCE_NAME
|
|||
# Retrieve arguments
|
||||
domain=$(ynh_app_setting_get "$app" domain)
|
||||
path_url=$(ynh_app_setting_get "$app" path)
|
||||
is_public=$(ynh_app_setting_get "$app" is_public)
|
||||
redirect_type=$(ynh_app_setting_get "$app" redirect_type)
|
||||
redirect_path=$(ynh_app_setting_get "$app" redirect_path)
|
||||
|
||||
|
@ -59,12 +58,8 @@ cp -a ./conf/nginx.conf "$NGINX_CONF"
|
|||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
|
||||
if [ "$is_public" -eq 0 ]
|
||||
then # Remove the public access
|
||||
ynh_app_setting_delete "$app" skipped_uris
|
||||
fi
|
||||
# Make app public if necessary
|
||||
if [ "$is_public" -eq 1 ]
|
||||
if [ "$redirect_type" != "private_proxy" ]
|
||||
then
|
||||
# unprotected_uris allows SSO credentials to be passed anyway.
|
||||
ynh_app_setting_set "$app" unprotected_uris "/"
|
||||
|
|
|
@ -32,7 +32,6 @@ app=$YNH_APP_INSTANCE_NAME
|
|||
# Retrieve arguments
|
||||
domain=$(ynh_app_setting_get "$app" domain)
|
||||
path_url=$(ynh_app_setting_get "$app" path)
|
||||
is_public=$(ynh_app_setting_get "$app" is_public)
|
||||
redirect_type=$(ynh_app_setting_get "$app" redirect_type)
|
||||
redirect_path=$(ynh_app_setting_get "$app" redirect_path)
|
||||
|
||||
|
@ -41,14 +40,6 @@ redirect_path=$(ynh_app_setting_get "$app" redirect_path)
|
|||
#=================================================
|
||||
|
||||
# Fix is_public as a boolean value
|
||||
if [ "$is_public" = "Yes" ]; then
|
||||
ynh_app_setting_set $app is_public 1
|
||||
is_public=1
|
||||
elif [ "$is_public" = "No" ]; then
|
||||
ynh_app_setting_set $app is_public 0
|
||||
is_public=0
|
||||
fi
|
||||
|
||||
# Default value for redirect_type if upgrading from https://github.com/scith/redirect_ynh
|
||||
if [ -z "$redirect_type" ];
|
||||
then
|
||||
|
@ -56,6 +47,40 @@ then
|
|||
ynh_app_setting_set $app 'redirect_type' $redirect_type
|
||||
fi
|
||||
|
||||
# Migrate away from old stuff with 'is_public' and old redirect type names
|
||||
is_public=$(ynh_app_setting_get "$app" is_public)
|
||||
if [ -n "$is_public" ]
|
||||
then
|
||||
if [ "$is_public" = "Yes" ]; then
|
||||
is_public=1
|
||||
elif [ "$is_public" = "No" ]; then
|
||||
is_public=0
|
||||
fi
|
||||
|
||||
if [ "$is_public" = "0" ] && [ "$redirect_type" != "proxy" ]; then
|
||||
echo "WARNING: You previously had a 'supposedly' private 301 or 302 redirection ... but it was found that it was public all along and it is not easy to create such a private redirection. Your 301 or 302 redirection will be re-flagged as public..." >&2
|
||||
is_public=1
|
||||
fi
|
||||
|
||||
if [ "$redirect_type" == "proxy" ] && [ "$is_public" = "1" ]
|
||||
then
|
||||
redirect_type="public_proxy"
|
||||
elif [ "$redirect_type" == "proxy" ] && [ "$is_public" = "0" ]
|
||||
then
|
||||
redirect_type="private_proxy"
|
||||
elif [ "$redirect_type" == "visible_302" ]
|
||||
then
|
||||
redirect_type="public_302"
|
||||
elif [ "$redirect_type" == "visible_301" ]
|
||||
then
|
||||
redirect_type="public_301"
|
||||
fi
|
||||
|
||||
ynh_app_setting_set $app 'redirect_type' $redirect_type
|
||||
ynh_app_setting_set $app 'is_public'
|
||||
fi
|
||||
|
||||
|
||||
#=================================================
|
||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||
#=================================================
|
||||
|
@ -78,15 +103,15 @@ for FILE in $(ls ../conf/nginx-*.conf)
|
|||
do
|
||||
ynh_replace_string "YNH_LOCATION" "$path_url" $FILE
|
||||
done
|
||||
if [ "$redirect_type" = "visible_302" ];
|
||||
if [ "$redirect_type" = "public_302" ];
|
||||
then
|
||||
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-302.conf
|
||||
cp ../conf/nginx-visible-302.conf /etc/nginx/conf.d/$domain.d/$app.conf
|
||||
elif [ "$redirect_type" = "visible_301" ];
|
||||
elif [ "$redirect_type" = "public_301" ];
|
||||
then
|
||||
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-301.conf
|
||||
cp ../conf/nginx-visible-301.conf /etc/nginx/conf.d/$domain.d/$app.conf
|
||||
elif [ "$redirect_type" = "proxy" ];
|
||||
elif [ "$redirect_type" = "public_proxy" ] || [ "$redirect_type" = "private_proxy" ];
|
||||
then
|
||||
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-proxy.conf
|
||||
cp ../conf/nginx-proxy.conf /etc/nginx/conf.d/$domain.d/$app.conf
|
||||
|
@ -96,15 +121,11 @@ fi
|
|||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
|
||||
if [ "$is_public" -eq 0 ]
|
||||
then # Remove the public access
|
||||
ynh_app_setting_delete "$app" skipped_uris
|
||||
fi
|
||||
# Make app public if necessary
|
||||
if [ "$is_public" -eq 1 ]
|
||||
if [ "$redirect_type" != "private_proxy" ]
|
||||
then
|
||||
# unprotected_uris allows SSO credentials to be passed anyway.
|
||||
ynh_app_setting_set "$app" unprotected_uris -v "/"
|
||||
ynh_app_setting_set "$app" unprotected_uris "/"
|
||||
fi
|
||||
|
||||
# Reload Nginx and regenerate SSOwat conf
|
||||
|
|
Loading…
Reference in a new issue