YunoHost-Apps/redirect_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/redirect_ynh.git synced 2024-09-03 20:16:10 +02:00
Code Issues Activity Actions

Merge pull request #49 from YunoHost-Apps/testing

Browse source 
Testing | Packaging v2
This commit is contained in:
Alexandre Aubin 2024-01-06 18:58:47 +01:00 committed by GitHub
commit f6e9779393
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
21 changed files with 220 additions and 452 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
README.md
View file

@ -23,31 +23,10 @@ This application allows to integrate a custom tile in YunoHost's user portal. Ty
In technical terms: this app only adds a NGINX configuration snippet with either `redirect` or `proxy_pass` rule, and a YunoHost tile + appropriate SSOwat configuration.
**Shipped version:** 1.0.2~ynh2
## Disclaimers / important information
## Redirect type
### Visible redirect
The client will be redirected to another url or external website
- `your-domain.com -> another-domain.net`
- `your-domain.com/foo -> another-domain.net/bar`
### Invisible redirect (a.k.a "reverse-proxy")
Visitor's address bar will remain the same. Typically used to integrate into YunoHost a manually-installed app into the portal.
- `you-domain.com/foo -> http://172.0.0.1:8080/app`
**IMPORTANT:** you may have to further tweak the `redirect.conf` in the nginx configuration, depending on your needs!
**IMPORTANT:** Many apps do not support being redirected to a different path due to relative links! This means that some apps being hosted for example on http://127.0.0.1:5050/app/ MUST be redirected to http://domain.tld/app/ and NOT http://domain.tld/someotherapp/. For example : an Odoo Docker container runs on http://127.0.0.1:8069/. You will not be able to redirect it to http://domain.tld/odoo/ ! You have to redirect it to the root, so for example http://odoo.domain.tld/
**Shipped version:** 2.0~ynh1
## Documentation and resources
* Upstream app code repository: <https://github.com/YunoHost-Apps/redirect_ynh>
* Official app website: <https://en.wikipedia.org/wiki/Reverse_proxy>
* YunoHost Store: <https://apps.yunohost.org/app/redirect>
* Report a bug: <https://github.com/YunoHost-Apps/redirect_ynh/issues>

25
README_fr.md
View file

@ -23,31 +23,10 @@ Cette application permet d'intégrée une tuile personalisée dans le portail ut
En terme technique: cette app se contente de rajouter le morceau de configuration NGINX approprié avec soit `redirect` ou `proxy_pass`, et la tuile YunoHost + configuration SSOwat correspondante.
**Version incluse :** 1.0.2~ynh2
## Avertissements / informations importantes
## Types de redirection
### Redirection visible
Le client sera redirigé vers une autre URL ou site externe
- `votre-domaine.com -> un-autre-domaine.net`
- `votre-domaine.com/foo -> un-autre-domaine.net/bar`
### Redirection invisible (a.k.a "reverse-proxy")
L'adresse du client restera inchangé dans le navigateur. Typiquement utilisé pour intéger dans YunoHost une application installée manuellement.
- `you-domain.com/foo -> http://172.0.0.1:8080/app`
**IMPORTANT:** il vous faudra peut-être bricoler manuellement `redirect.conf` dans la configuration nginx, en fonction de vos besoins.
**IMPORTANT:** Certaines apps ne supportent pas d'être redirigées depuis un chemin différent à cause du fonctionnement des liens relatifs ... Cela signifie que par exemple une app hébergée sur `http://127.0.0.1:5050/app/` DOIT être routé sur `http://domaine.tld/app/` et PAS http://domaine.tld/unautrechemin/. Par exemple: un conteneur Docker Odoo tourne sur `http://127.0.0.1:8069/`. Il ne sera pas capable de fonctionné correctement si il est routé sur `http://domaine.tld/odoo/` ! Il faut forcément l'installer à la racine d'un domaine, par exemple `http://odoo.domaine.tld/`
**Version incluse :** 2.0~ynh1
## Documentations et ressources
* Dépôt de code officiel de lapp : <https://github.com/YunoHost-Apps/redirect_ynh>
* Site officiel de lapp : <https://en.wikipedia.org/wiki/Reverse_proxy>
* YunoHost Store: <https://apps.yunohost.org/app/redirect>
* Signaler un bug : <https://github.com/YunoHost-Apps/redirect_ynh/issues>

21
check_process
View file

@ -1,21 +0,0 @@
;; Test complet
; Manifest
domain="domain.tld"
path="/path"
redirect_type="public_302"
redirect_path="http://127.0.0.1"
; Checks
pkg_linter=1
setup_sub_dir=1
setup_root=1
setup_nourl=0
setup_private=0
setup_private=1
setup_public=1
upgrade=1
backup_restore=1
multi_instance=1
change_url=0
;;; Options
Email=
Notification=none

3
conf/nginx-redirect.conf Normal file
View file

@ -0,0 +1,3 @@
location __PATH__ {
return 302 __TARGET__$request_uri;
}

6
conf/nginx-proxy.conf → conf/nginx-reverseproxy.conf
View file

@ -1,5 +1,7 @@
location YNH_LOCATION {
proxy_pass YNH_REDIRECT_PATH;
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
location __PATH__/ {
proxy_pass __TARGET__;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;

3
conf/nginx-visible-301.conf
View file

@ -1,3 +0,0 @@
location YNH_LOCATION {
return 301 YNH_REDIRECT_PATH$request_uri;
}

3
conf/nginx-visible-302.conf
View file

@ -1,3 +0,0 @@
location YNH_LOCATION {
return 302 YNH_REDIRECT_PATH$request_uri;
}

1
doc/ADMIN.md Normal file
View file

@ -0,0 +1 @@
The nginx configuration can be further tweaked in `/etc/nginx/conf.d/__DOMAIN__.d/__APP__.conf`

1
doc/ADMIN_fr.md Normal file
View file

@ -0,0 +1 @@
La configuration nginx peut être trouvée dans `/etc/nginx/conf.d/__DOMAIN__.d/__APP__.conf`

18
doc/DISCLAIMER.md
View file

@ -1,18 +0,0 @@
## Redirect type
### Visible redirect
The client will be redirected to another url or external website
- `your-domain.com -> another-domain.net`
- `your-domain.com/foo -> another-domain.net/bar`
### Invisible redirect (a.k.a "reverse-proxy")
Visitor's address bar will remain the same. Typically used to integrate into YunoHost a manually-installed app into the portal.
- `you-domain.com/foo -> http://172.0.0.1:8080/app`
**IMPORTANT:** you may have to further tweak the `redirect.conf` in the nginx configuration, depending on your needs!
**IMPORTANT:** Many apps do not support being redirected to a different path due to relative links! This means that some apps being hosted for example on http://127.0.0.1:5050/app/ MUST be redirected to http://domain.tld/app/ and NOT http://domain.tld/someotherapp/. For example : an Odoo Docker container runs on http://127.0.0.1:8069/. You will not be able to redirect it to http://domain.tld/odoo/ ! You have to redirect it to the root, so for example http://odoo.domain.tld/

18
doc/DISCLAIMER_fr.md
View file

@ -1,18 +0,0 @@
## Types de redirection
### Redirection visible
Le client sera redirigé vers une autre URL ou site externe
- `votre-domaine.com -> un-autre-domaine.net`
- `votre-domaine.com/foo -> un-autre-domaine.net/bar`
### Redirection invisible (a.k.a "reverse-proxy")
L'adresse du client restera inchangé dans le navigateur. Typiquement utilisé pour intéger dans YunoHost une application installée manuellement.
- `you-domain.com/foo -> http://172.0.0.1:8080/app`
**IMPORTANT:** il vous faudra peut-être bricoler manuellement `redirect.conf` dans la configuration nginx, en fonction de vos besoins.
**IMPORTANT:** Certaines apps ne supportent pas d'être redirigées depuis un chemin différent à cause du fonctionnement des liens relatifs ... Cela signifie que par exemple une app hébergée sur `http://127.0.0.1:5050/app/` DOIT être routé sur `http://domaine.tld/app/` et PAS http://domaine.tld/unautrechemin/. Par exemple: un conteneur Docker Odoo tourne sur `http://127.0.0.1:8069/`. Il ne sera pas capable de fonctionné correctement si il est routé sur `http://domaine.tld/odoo/` ! Il faut forcément l'installer à la racine d'un domaine, par exemple `http://odoo.domaine.tld/`

67
manifest.json
View file

@ -1,67 +0,0 @@
{
"name": "Redirect",
"id": "redirect",
"packaging_format": 1,
"description": {
"en": "Create a redirection or a proxy to another path",
"fr": "Créer une redirection ou un proxy vers un autre emplacement"
},
"version": "1.0.2~ynh2",
"license": "AGPL-3.0-or-later",
"url": "https://github.com/YunoHost-Apps/redirect_ynh",
"upstream": {
"license": "AGPL-3.0-or-later",
"code": "https://github.com/YunoHost-Apps/redirect_ynh"
},
"maintainer": {
"name": "alexAubin",
"email": "alex.aubin@mailoo.org"
},
"requirements": {
"yunohost": ">= 11.2"
},
"multi_instance": true,
"services": [
"nginx"
],
"arguments": {
"install" : [
{
"name": "domain",
"type": "domain",
"example": "domain.org"
},
{
"name": "path",
"type": "path",
"example": "/redirect",
"default": "/redirect"
},
{
"name": "redirect_path",
"type": "string",
"ask": {
"en": "Redirect destination path",
"fr": "Emplacement de destination"
},
"example": "http://127.0.0.1:8080/app/",
"default": "http://127.0.0.1"
},
{
"name": "redirect_type",
"type": "select",
"ask": {
"en": "Redirect type",
"fr": "Type de redirection"
},
"choices": {
"public_302": "Visible redirect (302, temporary). Everybody will be able to access it.",
"public_301": "Visible redirect (301, permanent). Everybody will be able to access it.",
"public_proxy": "Proxy, invisible (NGINX proxy_pass). Everybody will be able to access it.",
"private_proxy": "Proxy, invisible (NGINX proxy_pass). Only accessible for allowed users."
},
"default": "public_302"
}
]
}
}

62
manifest.toml Normal file
View file

@ -0,0 +1,62 @@
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json
packaging_format = 2
id = "redirect"
name = "Redirect"
description.en = "Create a redirection or a proxy to another path"
description.fr = "Créer une redirection ou un proxy vers un autre emplacement"
version = "2.0~ynh1"
maintainers = []
[upstream]
license = "AGPL-3.0-or-later"
website = "https://en.wikipedia.org/wiki/Reverse_proxy"
[integration]
yunohost = ">= 11.2"
architectures = "all"
multi_instance = true
ldap = "not_relevant"
sso = "not_relevant"
disk = "50M"
ram.build = "50M"
ram.runtime = "50M"
[install]
[install.domain]
type = "domain"
[install.path]
type = "path"
default = "/redirect"
help = "Be careful when using this app in reverse-proxy mode: the target may require to be installed at the root of a domain (or subdomain), meaning the path is just '/'!"
[install.redirect_type]
ask.en = "Redirect type"
ask.fr = "Type de redirection"
type = "select"
choices.redirect = "Explicit redirection (HTTP 302). Redirect people to a different page."
choices.reverseproxy = "Reverse-proxy (nginx proxy_pass). Expose an app, typically something that you manually installed (with or without Docker) locally or an another machine."
default = "redirect"
[install.target]
ask.en = "Target"
ask.fr = "Cible"
type = "url"
help = "This may be something like https://some.other.website (for explicit redirect) or http://127.0.0.1:1234 for reverse-proxies."
[install.init_main_permission]
type = "group"
default = "visitors"
[resources]
# Meh we gotta keep this otherwise migrations from the v1 era will fail
# because they assume a system user resource existed in v1 and will want to
# delete it if not present anymore in the manifest ...
[resources.system_user]
[resources.permissions]
main.url = "/"

16
scripts/_common.sh Normal file
View file

@ -0,0 +1,16 @@
#!/bin/bash
URL_REGEX_VALID='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
URL_REGEX_SECURE='^(http://(127\.[0-9]+\.[0-9]+\.[0-9]+|localhost)|https://.*)(:[0-9]+)?(/.*)?$'
_validate_redirect_uri() {
if [[ ! $target =~ $URL_REGEX_VALID ]]; then
ynh_die --message="Invalid destination: $target" 1
fi
# Avoid uncrypted remote destination with reverse proxy mode
# Indeed the SSO send the password in all requests in HTTP headers
if [[ "$redirect_type" = "reverseproxy" ]] && [[ ! $target =~ $URL_REGEX_SECURE ]]; then
ynh_die --message="For secure reason, you can't use an unencrypted http remote destination couple with ssowat for your reverse proxy: $target" 1
fi
}

18
scripts/backup
View file

@ -8,28 +8,12 @@
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info --message="Loading installation settings..."
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
# Copy the conf files
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf"
ynh_backup --src_path="/etc/nginx/conf.d/${domain}.d/${app}.conf"
#=================================================
# END OF SCRIPT

26
scripts/change_url Normal file
View file

@ -0,0 +1,26 @@
#!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# MODIFY URL IN NGINX CONF
#=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2
mv ../conf/{"nginx-$redirect_type.conf",nginx.conf}
ynh_change_url_nginx_config
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Change of URL completed for $app" --last

75
scripts/install
View file

@ -6,85 +6,18 @@
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
redirect_type=$YNH_APP_ARG_REDIRECT_TYPE
redirect_path=$YNH_APP_ARG_REDIRECT_PATH
# Check domain/path availability
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
# Validate redirect path
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1
# Avoid uncrypted remote destination with reverse proxy mode
# Indeed the SSO send the password in all requests in HTTP headers
url_regex='^(http://(127\.[0-9]+\.[0-9]+\.[0-9]+|localhost)|https://.*)(:[0-9]+)?(/.*)?$'
[[ "$redirect_type" = "proxy" ]] && [[ ! $redirect_path =~ $url_regex ]] && ynh_die \
"For secure reason, you can't use an unencrypted http remote destination couple with ssowat for your reverse proxy: $redirect_path" 1
# Save extra settings
ynh_app_setting_set --app=$app --key=redirect_type --value=$redirect_type
ynh_app_setting_set --app=$app --key=redirect_path --value=$redirect_path
_validate_redirect_uri
#=================================================
# CONFIGURE NGINX
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
# Nginx configuration
for FILE in $(ls ../conf/nginx-*.conf)
do
ynh_replace_string "YNH_LOCATION" "$path_url" $FILE
done
if [ "$redirect_type" = "public_302" ];
then
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-302.conf
cp ../conf/nginx-visible-302.conf /etc/nginx/conf.d/$domain.d/$app.conf
elif [ "$redirect_type" = "public_301" ];
then
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-301.conf
cp ../conf/nginx-visible-301.conf /etc/nginx/conf.d/$domain.d/$app.conf
elif [ "$redirect_type" = "public_proxy" ] || [ "$redirect_type" = "private_proxy" ];
then
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-proxy.conf
cp ../conf/nginx-proxy.conf /etc/nginx/conf.d/$domain.d/$app.conf
fi
#=================================================
# CONFIGURE SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=2
# Make app public if necessary
if [ "$redirect_type" != "private_proxy" ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
mv ../conf/{"nginx-$redirect_type.conf",nginx.conf}
ynh_add_nginx_config
#=================================================
# END OF SCRIPT

20
scripts/remove
View file

@ -8,28 +8,12 @@
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
# Remove configuration files
ynh_secure_remove /etc/nginx/conf.d/$domain.d/$app.conf
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#=================================================
# END OF SCRIPT

51
scripts/restore
View file

@ -1,58 +1,11 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_restore_file --origin_path="/etc/nginx/conf.d/${domain}.d/${app}.conf"
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
redirect_type=$(ynh_app_setting_get --app=$app --key=redirect_type)
redirect_path=$(ynh_app_setting_get --app=$app --key=redirect_path)
# Validate redirect path
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1
# Check configuration files
NGINX_CONF="/etc/nginx/conf.d/${domain}.d/${app}.conf"
[[ -f $NGINX_CONF ]] && ynh_die "The NGINX configuration already exists at '${NGINX_CONF}'. You should safely delete it before restoring this app."
# Restore configuration files
ynh_restore_file "$NGINX_CONF"
#=================================================
# SETUP SSOWAT
#=================================================
# Make app public if necessary
if [ "$redirect_type" != "private_proxy" ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================

132
scripts/upgrade
View file

@ -1,137 +1,31 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
redirect_type=$(ynh_app_setting_get --app=$app --key=redirect_type)
redirect_path=$(ynh_app_setting_get --app=$app --key=redirect_path)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
# Fix is_public as a boolean value
# Default value for redirect_type if upgrading from https://github.com/scith/redirect_ynh
if [ -z "$redirect_type" ];
then
redirect_type="proxy"
ynh_app_setting_set $app 'redirect_type' $redirect_type
if [[ "${redirect_type:-}" == *"proxy"* ]]; then
redirect_type="reverseproxy"
else
redirect_type="redirect"
fi
ynh_app_setting_set --app=$app --key='redirect_type' --value=$redirect_type
# Migrate away from old stuff with 'is_public' and old redirect type names
is_public=$(ynh_app_setting_get "$app" is_public)
if [ -n "$is_public" ]
then
if [ "$is_public" = "Yes" ]; then
is_public=1
elif [ "$is_public" = "No" ]; then
is_public=0
fi
if [ "$is_public" = "0" ] && [ "$redirect_type" != "proxy" ]; then
echo "WARNING: You previously had a 'supposedly' private 301 or 302 redirection... but it was found that it was public all along and it is not easy to create such a private redirection. Your 301 or 302 redirection will be re-flagged as public..." >&2
is_public=1
fi
if [ "$redirect_type" == "proxy" ] && [ "$is_public" = "1" ]
then
redirect_type="public_proxy"
elif [ "$redirect_type" == "proxy" ] && [ "$is_public" = "0" ]
then
redirect_type="private_proxy"
elif [ "$redirect_type" == "visible_302" ]
then
redirect_type="public_302"
elif [ "$redirect_type" == "visible_301" ]
then
redirect_type="public_301"
fi
ynh_app_setting_set $app 'redirect_type' $redirect_type
if [[ -z "${target:-}" ]] && [[ -n "${redirect_path:-}" ]]; then
target="$redirect_path"
ynh_app_setting_delete --app=$app --key=redirect_path
ynh_app_setting_set --app=$app --key=target --value="$target"
fi
# Migrate legacy permissions to new system
if ynh_legacy_permissions_exists
then
ynh_legacy_permissions_delete_all
ynh_app_setting_delete --app=$app --key=is_public
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
# Validate redirect path
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1
#=================================================
# CONFIGURE NGINX
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
# Nginx configuration
for FILE in $(ls ../conf/nginx-*.conf)
do
ynh_replace_string "YNH_LOCATION" "$path_url" $FILE
done
if [ "$redirect_type" = "public_302" ];
then
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-302.conf
cp ../conf/nginx-visible-302.conf /etc/nginx/conf.d/$domain.d/$app.conf
elif [ "$redirect_type" = "public_301" ];
then
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-301.conf
cp ../conf/nginx-visible-301.conf /etc/nginx/conf.d/$domain.d/$app.conf
elif [ "$redirect_type" = "public_proxy" ] || [ "$redirect_type" = "private_proxy" ];
then
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-proxy.conf
cp ../conf/nginx-proxy.conf /etc/nginx/conf.d/$domain.d/$app.conf
fi
#=================================================
# CONFIGURE SSOWAT
#=================================================
# Make app public if necessary
if [ "$redirect_type" != "private_proxy" ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
mv ../conf/{nginx-$redirect_type.conf,nginx.conf}
ynh_add_nginx_config
ynh_script_progression --message="Upgrade of $app completed" --last

81
tests.toml Normal file
View file

@ -0,0 +1,81 @@
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/tests.v1.schema.json
test_format = 1.0
[default]
args.redirect_type = "redirect"
args.target = "https://127.0.0.1"
# Turns out 302 redirects cant be made private because they are interpreted before going through the sso ...
exclude = ["install.private"]
[default.test_upgrade_from.09cf1c6b]
name = "v1 era"
args.domain = "domain.tld"
args.path = "/"
args.redirect_type = "visible_302"
args.redirect_path = "https://127.0.0.1"
args.is_public = true
[reverseproxy]
args.redirect_type = "reverseproxy"
args.target = "http://127.0.0.1:1234"
exclude = ["install.private", "install.multi", "backup_restore", "change_url"]
preinstall = """
cat << EOF > /etc/systemd/system/whatever.service
[Unit]
Description=Whatever
After=network.target
[Service]
WorkingDirectory=/redirect/
ExecStart=python3 -m http.server -b 127.0.0.1 1234
PrivateTmp=true
[Install]
WantedBy=multi-user.target
EOF
mkdir -p /redirect
mkdir -p /redirect/path
echo "helloworld" > /redirect/index.html
echo "helloworld" > /redirect/path/index.html
systemctl daemon-reload
systemctl enable whatever --now
true
"""
preupgrade = """
cat << EOF > /etc/systemd/system/whatever.service
[Unit]
Description=Whatever
After=network.target
[Service]
WorkingDirectory=/redirect/
ExecStart=python3 -m http.server -b 127.0.0.1 1234
PrivateTmp=true
[Install]
WantedBy=multi-user.target
EOF
mkdir -p /redirect
mkdir -p /redirect/path
echo "helloworld" > /redirect/index.html
echo "helloworld" > /redirect/path/index.html
systemctl daemon-reload
systemctl enable whatever --now
true
"""
[reverseproxy.test_upgrade_from.09cf1c6b]
name = "v1 era"
args.domain = "domain.tld"
args.path = "/"
args.redirect_type = "proxy"
args.redirect_path = "http://127.0.0.1:1234"
args.is_public = true