diff --git a/README.md b/README.md index d2b85b7..ecfae0b 100644 --- a/README.md +++ b/README.md @@ -27,21 +27,7 @@ The supported backends are: Please be aware that SSOWat sends user credentials in plaintext to the backend, so do not use this application to reverse-proxy a service you don't trust (for example to mirror a site hosted by someone else). -**Shipped version:** 0.2~ynh2 -## Disclaimers / important information - -### Backend web path - -The request is transmitted as-is to the backend server. This usually means that the backend service shoudl be aware of the web path used to access the service. For example, if using the application is installed to `example.com/proxy`, your backend application should produce absolute links starting with `example.com/proxy/` too. - -To support relative URLs from the backend, accessing the application via `http(s)://example.com/proxy` will permanent redirect (302) to `http(s)://example.com/proxy/` (trailing slash). Otherwise, a relative link like `` would try to load `http(s)://example.com/style.css` which would fail. - -It is possible that your backend service does not support setting up a "base URL" (custom web path). In that case, you will have to install the application on a dedicated (sub)domain. - -### Plaintext localhost backend - -Plaintext HTTP backend is only allowed on localhost. For now, only 127.X.X.X is allowed. 10.X.X.X should also be supported. - +**Shipped version:** 0.2~ynh1 ## Documentation and resources * Official app website: diff --git a/README_fr.md b/README_fr.md index e7776c5..48da124 100644 --- a/README_fr.md +++ b/README_fr.md @@ -27,21 +27,7 @@ Les backends supportés sont: Attention, SSOWat envoie les identifiants des utilisateurices en clair jusqu'au backend, donc n'utilisez pas cette application pour reverse-proxy un service dans lequel vous n'avez pas confiance (par exemple pour mirrorer un site hébergé par une autre personne). -**Version incluse :** 0.2~ynh2 -## Avertissements / informations importantes - -### Chemin web du backend - -La requête est transmise telle-quelle au serveur backend. Cela veut usuellement dire que le service backend doit avoir connaissance du chemin web utilisé pour accéder au service. Par exemple, si l'application est installée sur `example.com/proxy`, votre application backend devrait produire des liens absolus commençant par `example.com/proxy/`. - -Pour supporter les URLs relatives depuis le backend, accéder à l'application via `http(s)://example.com/proxy` produit une redirection permanente (302) vers `http(s)://example.com/proxy/` (avec le slash de fin). Sinon, un lien relatif comme `` essayerait de charger `http(s)://example.com/style.css`, ce qui échouerait. - -Il est possible que votre service backend ne supporte pas de configurer une "base URL" (chemin web personnalisé). Dans ce cas, il faudra installer l'application sur un (sous-)domaine dédié. - -### Backend localhost en clair (plaintext) - -Les connexions en clair en HTTP au backend ne sont autorisées qu'en localhost sur les adresses 127.X.X.X. Il faudrait aussi supporter 10.X.X.X. - +**Version incluse :** 0.2~ynh1 ## Documentations et ressources * Site officiel de l’app : diff --git a/check_process b/check_process deleted file mode 100644 index 38d1606..0000000 --- a/check_process +++ /dev/null @@ -1,20 +0,0 @@ -;; Test complet - ; Manifest - domain="domain.tld" - path="/path" - proxy_path="http://127.0.0.1:6787" - assets_path="/usr/share/yunohost/admin" - ; Checks - pkg_linter=1 - setup_sub_dir=1 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=1 - upgrade=1 - backup_restore=1 - multi_instance=1 - change_url=1 -;;; Options -Email= -Notification=none diff --git a/conf/nginx.conf b/conf/nginx.conf index 8b49fab..efeb0e3 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -18,7 +18,7 @@ location @__NAME__--proxy { # Support relative URLs __REDIRECT_BLOCK__ -location __PATH_URL_SLASH__ { +location __PATH_SLASH__ { # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; diff --git a/doc/DISCLAIMER.md b/doc/ADMIN.md similarity index 60% rename from doc/DISCLAIMER.md rename to doc/ADMIN.md index 78a63d1..312012d 100644 --- a/doc/DISCLAIMER.md +++ b/doc/ADMIN.md @@ -1,8 +1,8 @@ ### Backend web path -The request is transmitted as-is to the backend server. This usually means that the backend service shoudl be aware of the web path used to access the service. For example, if using the application is installed to `example.com/proxy`, your backend application should produce absolute links starting with `example.com/proxy/` too. +The request is transmitted as-is to the backend server. This usually means that the backend service shoudl be aware of the web path used to access the service. For example, if using the application is installed to `__DOMAIN__/proxy`, your backend application should produce absolute links starting with `__DOMAIN__/proxy/` too. -To support relative URLs from the backend, accessing the application via `http(s)://example.com/proxy` will permanent redirect (302) to `http(s)://example.com/proxy/` (trailing slash). Otherwise, a relative link like `` would try to load `http(s)://example.com/style.css` which would fail. +To support relative URLs from the backend, accessing the application via `http(s)://__DOMAIN__/proxy` will permanent redirect (302) to `http(s)://__DOMAIN__/proxy/` (trailing slash). Otherwise, a relative link like `` would try to load `http(s)://__DOMAIN__/style.css` which would fail. It is possible that your backend service does not support setting up a "base URL" (custom web path). In that case, you will have to install the application on a dedicated (sub)domain. diff --git a/doc/DISCLAIMER_fr.md b/doc/ADMIN_fr.md similarity index 59% rename from doc/DISCLAIMER_fr.md rename to doc/ADMIN_fr.md index 4f4e535..fc2b9fb 100644 --- a/doc/DISCLAIMER_fr.md +++ b/doc/ADMIN_fr.md @@ -1,8 +1,8 @@ ### Chemin web du backend -La requête est transmise telle-quelle au serveur backend. Cela veut usuellement dire que le service backend doit avoir connaissance du chemin web utilisé pour accéder au service. Par exemple, si l'application est installée sur `example.com/proxy`, votre application backend devrait produire des liens absolus commençant par `example.com/proxy/`. +La requête est transmise telle-quelle au serveur backend. Cela veut usuellement dire que le service backend doit avoir connaissance du chemin web utilisé pour accéder au service. Par exemple, si l'application est installée sur `__DOMAIN__/proxy`, votre application backend devrait produire des liens absolus commençant par `__DOMAIN__/proxy/`. -Pour supporter les URLs relatives depuis le backend, accéder à l'application via `http(s)://example.com/proxy` produit une redirection permanente (302) vers `http(s)://example.com/proxy/` (avec le slash de fin). Sinon, un lien relatif comme `` essayerait de charger `http(s)://example.com/style.css`, ce qui échouerait. +Pour supporter les URLs relatives depuis le backend, accéder à l'application via `http(s)://__DOMAIN__/proxy` produit une redirection permanente (302) vers `http(s)://__DOMAIN__/proxy/` (avec le slash de fin). Sinon, un lien relatif comme `` essayerait de charger `http(s)://__DOMAIN__/style.css`, ce qui échouerait. Il est possible que votre service backend ne supporte pas de configurer une "base URL" (chemin web personnalisé). Dans ce cas, il faudra installer l'application sur un (sous-)domaine dédié. diff --git a/manifest.json b/manifest.json deleted file mode 100644 index 8e9fdbb..0000000 --- a/manifest.json +++ /dev/null @@ -1,63 +0,0 @@ -{ - "name": "Reverse Proxy", - "id": "reverseproxy", - "packaging_format": 1, - "description": { - "en": "Create a reverse proxy to a socket/port, optionally serve static files from folder", - "fr": "Créer un reverse proxy vers un socket/port, optionnellement servir des fichiers statiques depuis un dossier" - }, - "version": "0.2~ynh2", - "license": "AGPL-3.0-or-later", - "url": "https://en.wikipedia.org/wiki/Reverse_proxy", - "upstream": { - "website": "https://en.wikipedia.org/wiki/Reverse_proxy" - }, - "maintainer": { - "name": "selfhoster1312", - "email": "selfhoster1312@kl.netlib.re" - }, - "requirements": { - "yunohost": ">= 11.2" - }, - "multi_instance": true, - "services": [ - "nginx" - ], - "arguments": { - "install" : [ - { - "name": "domain", - "type": "domain" - }, - { - "name": "path", - "type": "path", - "example": "/proxy" - }, - { - "name": "proxy_path", - "type": "string", - "ask": { - "en": "Redirect destination path (unix:/file for socket)", - "fr": "Emplacement de destination (unix:/fichier pour socket)" - }, - "example": "http://127.0.0.1:8080" - }, - { - "name": "is_public", - "type": "boolean", - "default": false - }, - { - "name": "assets_path", - "type": "string", - "ask": { - "en": "Static assets folder", - "fr": "Dossier pour les fichiers statiques" - }, - "optional": true, - "example": "/opt/foo/www/" - } - ] - } -} diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..ddccf31 --- /dev/null +++ b/manifest.toml @@ -0,0 +1,58 @@ +packaging_format = 2 + +id = "reverseproxy" +name = "Reverse Proxy" +description.en = "Create a reverse proxy to a socket/port, optionally serve static files from folder" +description.fr = "Créer un reverse proxy vers un socket/port, optionnellement servir des fichiers statiques depuis un dossier" + +version = "0.2~ynh1" + +maintainers = ["selfhoster1312"] + +[upstream] +license = "AGPL-3.0-or-later" +website = "https://en.wikipedia.org/wiki/Reverse_proxy" + +[integration] +yunohost = ">= 11.2" +architectures = "all" +multi_instance = true + +ldap = "not_relevant" + +sso = "not_relevant" + +disk = "50M" +ram.build = "90M" +ram.runtime = "50M" + +[install] + [install.domain] + type = "domain" + + [install.path] + type = "path" + + [install.proxy_path] + ask.en = "Redirect destination path (unix:/file for socket)" + ask.fr = "Emplacement de destination (unix:/fichier pour socket)" + type = "string" + example = "http://127.0.0.1:8080" + + [install.init_main_permission] + type = "group" + + [install.assets_path] + ask.en = "Static assets folder" + ask.fr = "Dossier pour les fichiers statiques" + type = "string" + optional = true + example = "/opt/foo/www/" + +[resources] + [resources.system_user] + + [resources.install_dir] + + [resources.permissions] + main.url = "/" diff --git a/scripts/_common.sh b/scripts/_common.sh index d5b7897..d96fb6a 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -47,14 +47,14 @@ rp_validate_assets_path() { fi } -# When the app is not in the webroot (path_url = /), need to add a redirect block +# When the app is not in the webroot (path = /), need to add a redirect block # to app/ so relative URLs work rp_handle_webroot() { - if [[ "$path_url" = "/" ]]; then - path_url_slash="/" + if [[ "$path" = "/" ]]; then + path_slash="/" redirect_block="# Not needed for webroot" else - path_url_slash=""$path_url"/" - redirect_block="location = "$path_url" { return 302 "$path_url_slash"; }" + path_slash=""$path"/" + redirect_block="location = "$path" { return 302 "$path_slash"; }" fi } diff --git a/scripts/backup b/scripts/backup index 1b8acfc..3e94ec0 100644 --- a/scripts/backup +++ b/scripts/backup @@ -9,28 +9,12 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_print_info --message="Loading installation settings..." - -# Retrieve arguments -app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) - #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= # Copy the conf files -ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" +ynh_backup --src_path="/etc/nginx/conf.d/${domain}.d/${app}.conf" #================================================= # END OF SCRIPT diff --git a/scripts/change_url b/scripts/change_url index 9f8d871..e73eb60 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -8,37 +8,15 @@ source /usr/share/yunohost/helpers source _common.sh - -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================= - -app=$YNH_APP_INSTANCE_NAME -old_domain=$YNH_APP_OLD_DOMAIN -new_domain=$YNH_APP_NEW_DOMAIN -old_path=$YNH_APP_OLD_PATH -new_path=$YNH_APP_NEW_PATH - -# Path availability is already checked for - #================================================= # REVERSEPROXY_YNH #================================================= # Nginx configuration ynh_script_progression --message="Configuring NGINX web server..." --weight=1 -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -path_url="$new_path" + +path="$new_path" domain="$old_domain" -proxy_path="$(ynh_app_setting_get --app=$app --key=proxy_path)" -assets_path="$(ynh_app_setting_get --app=$app --key=assets_path)" # Validate reverse proxy destination rp_validate_proxy_path @@ -46,7 +24,7 @@ rp_validate_proxy_path # Validate assets_path rp_validate_assets_path -# Special case for "/" path_url +# Special case for "/" path rp_handle_webroot nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf @@ -56,10 +34,10 @@ ynh_add_nginx_config # Move file to new domain if domain has changed if [[ "$old_domain" != "$new_domain" ]]; then - new_nginx_conf_path=/etc/nginx/conf.d/$new_domain.d/$app.conf - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path $new_nginx_conf_path - ynh_store_file_checksum --file="$new_nginx_conf_path" + new_nginx_conf_path=/etc/nginx/conf.d/$new_domain.d/$app.conf + ynh_delete_file_checksum --file="$nginx_conf_path" + mv $nginx_conf_path $new_nginx_conf_path + ynh_store_file_checksum --file="$new_nginx_conf_path" fi diff --git a/scripts/install b/scripts/install index da62af9..6b28dd2 100644 --- a/scripts/install +++ b/scripts/install @@ -9,55 +9,23 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================= - -# Retrieve arguments -app=$YNH_APP_INSTANCE_NAME -domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH -proxy_path=$YNH_APP_ARG_PROXY_PATH -assets_path=$YNH_APP_ARG_ASSETS_PATH -is_public=$YNH_APP_ARG_IS_PUBLIC - #================================================= # REVERSEPROXY_YNH #================================================= -# Check domain/path availability -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url - # Validate reverse proxy destination rp_validate_proxy_path # Validate assets_path rp_validate_assets_path -# Special case for "/" path_url +# Special case for "/" path rp_handle_webroot -# Save extra settings -ynh_app_setting_set --app=$app --key=proxy_path --value=$proxy_path -ynh_app_setting_set --app=$app --key=assets_path --value=$assets_path - # Configure nginx ynh_script_progression --message="Configuring NGINX web server..." --weight=1 -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -ynh_add_nginx_config -# Make app public if necessary (yunohost setting boolean is 1 when true) -ynh_script_progression --message="Configuring permissions..." --weight=2 -if [ $is_public -eq 1 ]; then - ynh_permission_update --permission="main" --add="visitors" -fi +ynh_add_nginx_config #================================================= # END OF SCRIPT diff --git a/scripts/remove b/scripts/remove index 6a2cff8..984660f 100644 --- a/scripts/remove +++ b/scripts/remove @@ -9,15 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -# Retrieve arguments -app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) - #================================================= # REVERSEPROXY_YNH #================================================= @@ -25,10 +16,6 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) # Remove configuration files ynh_secure_remove /etc/nginx/conf.d/$domain.d/$app.conf -# Reload nginx -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index a8bb89f..47cf284 100644 --- a/scripts/restore +++ b/scripts/restore @@ -9,24 +9,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= - -# Retrieve arguments -app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -proxy_path=$(ynh_app_setting_get --app=$app --key=proxy_path) -assets_path=$(ynh_app_setting_get --app=$app --key=assets_path) - #================================================= # REVERSEPROXY_YNH #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 2c21e32..3030cdc 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -10,30 +10,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= - -# Retrieve arguments -app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -proxy_path=$(ynh_app_setting_get --app=$app --key=proxy_path) -assets_path=$(ynh_app_setting_get --app=$app --key=assets_path) - -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # REVERSEPROXY_YNH #================================================= @@ -44,12 +20,12 @@ rp_validate_proxy_path # Validate assets_path rp_validate_assets_path -# Special case for "/" path_url +# Special case for "/" path rp_handle_webroot # Configure nginx ynh_script_progression --message="Configuring NGINX web server..." --weight=1 -final_path=$(ynh_app_setting_get --app=$app --key=final_path) + ynh_add_nginx_config #================================================= diff --git a/tests.toml b/tests.toml new file mode 100644 index 0000000..ec288a8 --- /dev/null +++ b/tests.toml @@ -0,0 +1,7 @@ +test_format = 1.0 + +[default] + + + args.proxy_path="http://127.0.0.1:6787" + args.assets_path="/usr/share/yunohost/admin" \ No newline at end of file