YunoHost-Apps/redirect_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/redirect_ynh.git synced 2024-09-03 20:16:10 +02:00
Code Issues Activity Actions
redirect_ynh/scripts/install
ljf 8a9a2d8234 [fix] Linter
2022-06-11 14:55:12 +02:00

114 lines
4.2 KiB
Bash
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
redirect_type=$YNH_APP_ARG_REDIRECT_TYPE
redirect_path=$YNH_APP_ARG_REDIRECT_PATH
is_public=${YNH_APP_ARG_IS_PUBLIC:-1}
propagate_subpath=$(echo $YNH_APP_ARG_REDIRECT_TYPE | grep -q subpath && echo 1 || echo 0)
frame_ancestors="'none'"
client_max_body_size="1m"
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..." --weight=1
# Validate redirect path
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1
# Avoid uncrypted remote destination with reverse proxy mode
# Indeed the SSO send the password in all requests in HTTP headers
url_regex='^(http://(127\.[0-9]+\.[0-9]+\.[0-9]+|localhost)|https://.*)(:[0-9]+)?(/.*)?$'
[[ "$redirect_type" = "proxy" ]] && [[ ! $redirect_path =~ $url_regex ]] && ynh_die \
"For secure reason, you can't use an unencrypted http remote destination couple with ssowat for your reverse proxy: $redirect_path" 1
if [ $is_public -eq 0 ] && [[ $redirect_type != "proxy" ]]
then
is_public=1
YNH_APP_ARG_IS_PUBLIC=1
ynh_warn "HTTP private redirection are not supported. Your redirection has been reflagged as public."
fi
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=1
# Save extra settings
ynh_app_setting_set --app=$app --key=redirect_type --value=$redirect_type
ynh_app_setting_set --app=$app --key=redirect_path --value=$redirect_path
ynh_app_setting_set --app=$app --key=frame_ancestors --value="'none'"
ynh_app_setting_set --app=$app --key=client_max_body_size --value="1m"
#=================================================
# SPECIFIC SETUP
#=================================================
ynh_script_progression --message="Preparing NGINX web server configuration..." --weight=1
cp ../conf/nginx-$redirect_type.conf ../conf/nginx.conf
#=================================================
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
if [[ $redirect_type != "proxy" ]]
then
ynh_permission_update --permission="main" --add="visitors" --protected=1
else
ynh_permission_update --permission="main" --add="visitors"
fi
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last
Reference in a new issue View git blame Copy permalink