YunoHost-Apps/redirect_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/redirect_ynh.git synced 2024-09-03 20:16:10 +02:00
Code Issues Activity Actions
redirect_ynh/scripts/install

101 lines
3.7 KiB
Bash
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
# This is a multi-instance app, meaning it can be installed several times independently
# The id of the app as stated in the manifest is available as $YNH_APP_ID
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
# The app instance name is available as $YNH_APP_INSTANCE_NAME
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
# The app instance name is probably what you are interested the most, since this is
# guaranteed to be unique. This is a good unique identifier to define installation path,
# db names, ...
app=$YNH_APP_INSTANCE_NAME
# Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN
path=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC
redirect_type=$YNH_APP_ARG_REDIRECT_TYPE
redirect_path=$YNH_APP_ARG_REDIRECT_PATH
# Remove trailing slash to path
path=${path%/}
#force location to be / or /foo
location=${path:-/}
# Check domain/path availability
yunohost app checkurl $domain$path -a $app \
|| ynh_die "Path not available: $domain$path"
# Validate redirect path
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
[[ ! $redirect_path =~ $url_regex ]] && ynh_die \
"Invalid destination: $redirect_path" 1
# Avoid uncrypted remote destination with reverse proxy mode
# Indeed the SSO send the password in all requests in HTTP headers
url_regex='(http://(127.\d+.\d+.\d+|localhost)(:\d+)?/|https://)[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
[[ "$redirect_type" = "proxy" ]] && [[ ! $redirect_path =~ $url_regex ]] && ynh_die \
"For secure reason, you can't use an unencrypted http remote destination couple with ssowat for your reverse proxy: $redirect_path" 1
# Save extra settings
yunohost app setting $app is_public -v "$is_public"
yunohost app setting $app redirect_type -v "$redirect_type"
yunohost app setting $app redirect_path -v "$redirect_path"
# Nginx configuration
sed -i "s@YNH_LOCATION@$location@g" ../conf/nginx-*.conf
if [ "$redirect_type" = "visible_302" ];
then
sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-visible-302.conf
cp ../conf/nginx-visible-302.conf /etc/nginx/conf.d/$domain.d/$app.conf
elif [ "$redirect_type" = "visible_301" ];
then
sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-visible-301.conf
cp ../conf/nginx-visible-301.conf /etc/nginx/conf.d/$domain.d/$app.conf
elif [ "$redirect_type" = "proxy" ];
then
sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-proxy.conf
cp ../conf/nginx-proxy.conf /etc/nginx/conf.d/$domain.d/$app.conf
fi
#=================================================
# SETUP SSOWAT
#=================================================
if [[ "$is_public" -eq 0 ]]
then # Remove the public access
ynh_app_setting_delete "$app" skipped_uris
fi
# Make app public if necessary
if [[ "$is_public" -eq 1 ]]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set "$app" unprotected_uris "/"
fi
# Reload Nginx and regenerate SSOwat conf
service nginx reload
yunohost app ssowatconf
Reference in a new issue View git blame Copy permalink