mirror of
https://github.com/YunoHost-Apps/redirect_ynh.git
synced 2024-09-03 20:16:10 +02:00
Moar tweaking/cleaning x_x
This commit is contained in:
Alexandre Aubin
parent
83d04b763f
commit
b0f9fe9b22
7 changed files with 22 additions and 66 deletions
|
|
@ -1,3 +1,3 @@
|
|||
location __PATH__ {
|
||||
return 302 __TARGET__;
|
||||
return 302 __TARGET__$request_uri;
|
||||
}
|
||||
|
|
|
|||
19
doc/ADMIN.md
19
doc/ADMIN.md
|
|
@ -1,18 +1 @@
|
|||
## Redirect type
|
||||
|
||||
### Visible redirect
|
||||
|
||||
The client will be redirected to another url or external website
|
||||
|
||||
- `your-domain.com -> another-domain.net`
|
||||
- `your-domain.com/foo -> another-domain.net/bar`
|
||||
|
||||
### Invisible redirect (a.k.a "reverse-proxy")
|
||||
|
||||
Visitor's address bar will remain the same. Typically used to integrate into YunoHost a manually-installed app into the portal.
|
||||
|
||||
- `you-domain.com/foo -> http://172.0.0.1:8080/app`
|
||||
|
||||
**IMPORTANT:** you may have to further tweak the `redirect.conf` in the nginx configuration, depending on your needs!
|
||||
|
||||
**IMPORTANT:** Many apps do not support being redirected to a different path due to relative links! This means that some apps being hosted for example on http://127.0.0.1:5050/app/ MUST be redirected to http://domain.tld/app/ and NOT http://domain.tld/someotherapp/. For example : an Odoo Docker container runs on http://127.0.0.1:8069/. You will not be able to redirect it to http://domain.tld/odoo/ ! You have to redirect it to the root, so for example http://odoo.domain.tld/
|
||||
The nginx configuration can be further tweaked in `/etc/nginx/conf.d/__DOMAIN__.d/__APP__.conf`
|
||||
|
|
|
|||
|
|
@ -1,18 +1 @@
|
|||
## Types de redirection
|
||||
|
||||
### Redirection visible
|
||||
|
||||
Le client sera redirigé vers une autre URL ou site externe
|
||||
|
||||
- `votre-domaine.com -> un-autre-domaine.net`
|
||||
- `votre-domaine.com/foo -> un-autre-domaine.net/bar`
|
||||
|
||||
### Redirection invisible (a.k.a "reverse-proxy")
|
||||
|
||||
L'adresse du client restera inchangé dans le navigateur. Typiquement utilisé pour intéger dans YunoHost une application installée manuellement.
|
||||
|
||||
- `you-domain.com/foo -> http://172.0.0.1:8080/app`
|
||||
|
||||
**IMPORTANT:** il vous faudra peut-être bricoler manuellement `redirect.conf` dans la configuration nginx, en fonction de vos besoins.
|
||||
|
||||
**IMPORTANT:** Certaines apps ne supportent pas d'être redirigées depuis un chemin différent à cause du fonctionnement des liens relatifs ... Cela signifie que par exemple une app hébergée sur `http://127.0.0.1:5050/app/` DOIT être routé sur `http://domaine.tld/app/` et PAS http://domaine.tld/unautrechemin/. Par exemple: un conteneur Docker Odoo tourne sur `http://127.0.0.1:8069/`. Il ne sera pas capable de fonctionné correctement si il est routé sur `http://domaine.tld/odoo/` ! Il faut forcément l'installer à la racine d'un domaine, par exemple `http://odoo.domaine.tld/`
|
||||
La configuration nginx peut être trouvée dans `/etc/nginx/conf.d/__DOMAIN__.d/__APP__.conf`
|
||||
|
|
|
|||
|
|
@ -32,20 +32,21 @@ ram.runtime = "50M"
|
|||
[install.path]
|
||||
type = "path"
|
||||
default = "/redirect"
|
||||
help = "Be careful when using this app in reverse-proxy mode: the target may require to be installed at the root of a domain (or subdomain), meaning the path is just '/'!"
|
||||
|
||||
[install.redirect_type]
|
||||
ask.en = "Redirect type"
|
||||
ask.fr = "Type de redirection"
|
||||
type = "select"
|
||||
choices.redirect = "Explicit redirection (HTTP 302). Redirect people to another URL."
|
||||
choices.reverseproxy = "Reverse-proxy (nginx proxy_pass). Expose an app, typically that you manually installed (with or without Docker) locally or an another machine."
|
||||
choices.redirect = "Explicit redirection (HTTP 302). Redirect people to a different page."
|
||||
choices.reverseproxy = "Reverse-proxy (nginx proxy_pass). Expose an app, typically something that you manually installed (with or without Docker) locally or an another machine."
|
||||
default = "redirect"
|
||||
|
||||
[install.target]
|
||||
ask.en = "Target"
|
||||
ask.fr = "Cible"
|
||||
type = "url"
|
||||
example = "http://127.0.0.1:1312/"
|
||||
help = "This may be something like https://some.other.website (for explicit redirect) or http://127.0.0.1:1234 for reverse-proxies."
|
||||
|
||||
[install.init_main_permission]
|
||||
type = "group"
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ _validate_redirect_uri() {
|
|||
|
||||
# Avoid uncrypted remote destination with reverse proxy mode
|
||||
# Indeed the SSO send the password in all requests in HTTP headers
|
||||
if [[ "$redirect_type" = "proxy" ]] && [[ ! $target =~ $URL_REGEX_SECURE ]]; then
|
||||
if [[ "$redirect_type" = "reverseproxy" ]] && [[ ! $target =~ $URL_REGEX_SECURE ]]; then
|
||||
ynh_die "For secure reason, you can't use an unencrypted http remote destination couple with ssowat for your reverse proxy: $target" 1
|
||||
fi
|
||||
}
|
||||
|
|
|
|||
|
|
@ -25,14 +25,6 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=1
|
|||
mv ../conf/{"nginx-$redirect_type.conf",nginx.conf}
|
||||
ynh_add_nginx_config
|
||||
|
||||
|
||||
if [[ ${PACKAGE_CHECK_EXEC} == "1" ]] && [[ "$redirect_type" == "reverseproxy" ]]
|
||||
then
|
||||
systemctl status whatever >&2
|
||||
sleep 3
|
||||
fi
|
||||
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
|
|
|||
31
tests.toml
31
tests.toml
|
|
@ -4,29 +4,13 @@ test_format = 1.0
|
|||
|
||||
[default]
|
||||
|
||||
args.redirect_type = "reverseproxy"
|
||||
args.target = "http://127.0.0.1:1234/"
|
||||
|
||||
exclude = ["install.private", "install.multi", "backup_restore", "change_url"]
|
||||
|
||||
[default.test_upgrade_from.09cf1c6b]
|
||||
name = "v1 era"
|
||||
args.domain = "domain.tld"
|
||||
args.path = "/"
|
||||
args.redirect_type = "proxy"
|
||||
args.redirect_path = "http://127.0.0.1:1234/"
|
||||
args.is_public = true
|
||||
|
||||
|
||||
[redirect]
|
||||
|
||||
args.redirect_type = "redirect"
|
||||
args.target = "https://127.0.0.1"
|
||||
|
||||
# Turns out 302 redirects cant be made private because they are interpreted before going through the sso ...
|
||||
exclude = ["install.private"]
|
||||
|
||||
[redirect.test_upgrade_from.09cf1c6b]
|
||||
[default.test_upgrade_from.09cf1c6b]
|
||||
name = "v1 era"
|
||||
args.domain = "domain.tld"
|
||||
args.path = "/"
|
||||
|
|
@ -34,4 +18,17 @@ test_format = 1.0
|
|||
args.redirect_path = "https://127.0.0.1"
|
||||
args.is_public = true
|
||||
|
||||
[reverseproxy]
|
||||
|
||||
args.redirect_type = "reverseproxy"
|
||||
args.target = "http://127.0.0.1:1234"
|
||||
|
||||
exclude = ["install.private", "install.multi", "backup_restore", "change_url"]
|
||||
|
||||
[reverseproxy.test_upgrade_from.09cf1c6b]
|
||||
name = "v1 era"
|
||||
args.domain = "domain.tld"
|
||||
args.path = "/"
|
||||
args.redirect_type = "proxy"
|
||||
args.redirect_path = "http://127.0.0.1:1234"
|
||||
args.is_public = true
|
||||
|
|
|
|||
Loading…
Reference in a new issue