YunoHost-Apps/reverseproxy_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/reverseproxy_ynh.git synced 2024-09-03 20:16:23 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #28 from YunoHost-Apps/enh-testing

Browse source 
Enh testing
This commit is contained in:
Éric Gaspar 2021-06-10 14:55:39 +02:00 committed by GitHub
commit a42766ca97
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 434 additions and 235 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
.github/ISSUE_TEMPLATE.md vendored Normal file
View file

@ -0,0 +1,55 @@
---
name: Bug report
about: When creating a bug report, please use the following template to provide all the relevant information and help debugging efficiently.
---
**How to post a meaningful bug report**
1. *Read this whole template first.*
2. *Determine if you are on the right place:*
- *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!*
- *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.*
- *When in doubt, post here and we will figure it out together.*
3. *Delete the italic comments as you write over them below, and remove this guide.*
---
### Describe the bug
*A clear and concise description of what the bug is.*
### Context
- Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...*
- YunoHost version: x.x.x
- I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...*
- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes*
- If yes, please explain:
- Using, or trying to install package version/branch:
- If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`*
### Steps to reproduce
- *If you performed a command from the CLI, the command itself is enough. For example:*
```sh
sudo yunohost app install the_app
```
- *If you used the webadmin, please perform the equivalent command from the CLI first.*
- *If the error occurs in your browser, explain what you did:*
1. *Go to '...'*
2. *Click on '...'*
3. *Scroll down to '...'*
4. *See error*
### Expected behavior
*A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.*
### Logs
*When an operation fails, YunoHost provides a simple way to share the logs.*
- *In the webadmin, the error message contains a link to the relevant log page. On that page, you will be able to 'Share with Yunopaste'. If you missed it, the logs of previous operations are also available under Tools > Logs.*
- *In command line, the command to share the logs is displayed at the end of the operation and looks like `yunohost log display [log name] --share`. If you missed it, you can find the log ID of a previous operation using `yunohost log list`.*
*After sharing the log, please copypaste directly the link provided by YunoHost (to help readability, no need to copypaste the entire content of the log here, just the link is enough...)*
*If applicable and useful, add screenshots to help explain your problem.*

16
.github/PULL_REQUEST_TEMPLATE.md vendored Normal file
View file

@ -0,0 +1,16 @@
## Problem
- *Description of why you made this PR*
## Solution
- *And how do you fix that problem*
## PR Status
- [ ] Code finished and ready to be reviewed/tested
- [ ] The fix/enhancement were manually tested (if applicable)
## Automatic tests
Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization)

54
README.md
View file

@ -1,8 +1,31 @@
# Redirect App
<!--
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
It shall NOT be edited by hand.
-->
# Redirect for YunoHost
[![Integration level](https://dash.yunohost.org/integration/redirect.svg)](https://dash.yunohost.org/appci/app/redirect) ![](https://ci-apps.yunohost.org/ci/badges/redirect.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/redirect.maintain.svg)
[![Install Redirect with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=redirect)
*[Lire ce readme en français.](./README_fr.md)*
> *This package allows you to install Redirect quickly and simply on a YunoHost server.
If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
## Overview
Create a redirection or a proxy to another path.
**Shipped version:** 1.0.0~ynh5
## Disclaimers / important information
**Add a link on your user panel redirecting to another page or app, which can be protected behind your panel for some**.
It could be an invisible redirect, an external link, another app on your local network, a reverse proxy to an app or a Docker container... Some apps can be even be protected behind your panel (meaning that you will have to log-in to access them). The only limit is your imagination - and Nginx ;).
It could be an invisible redirect, an external link, another app on your local network, a reverse proxy to an app or a Docker container... Some apps can be even be protected behind your panel (meaning that you will have to log-in to access them). The only limit is your imagination - and NGINX ;).
This app only adds a Nginx configuration file with `redirect` or `proxy_pass` rule, and a YunoHost tile. Nothing more.
@ -10,20 +33,18 @@ This app only adds a Nginx configuration file with `redirect` or `proxy_pass` ru
### Visible redirect
Visitor's address bar will change. Helpfull to add a user link to another
website
Visitor's address bar will change. Helpfull to add a user link to another website
you-domain.com -> another-domain.net
you-domain.com/foo -> another-domain.net/bar
### Invisible (proxy) redirect
Visitor's address bar will remain the same. Mostly use to serve local webserver
for a personnal application.
Visitor's address bar will remain the same. Mostly use to serve local webserver for a personnal application.
you-domain.com/foo -> http://172.0.0.1:8080/app
**IMPORTANT:** the redirect.conf file might need to be updated according to your situation!
**IMPORTANT:** the `redirect.conf` file might need to be updated according to your situation!
**WARNING:** Many apps do not support being redirected to a different path due to relative links! This means that some apps being hosted for example on http://127.0.0.1:5050/app/ HAVE TO be redirected to http://domain.tld/app/ and NOT http://domain.tld/someotherapp/
@ -51,3 +72,22 @@ In case of a private redirect, the app will be available to logged in users only
## Credits
Insprired by [scith](https://github.com/scith) work.
## Documentation and resources
* Official app website: https://github.com/YunoHost-Apps/redirect_ynh
* YunoHost documentation for this app: https://yunohost.org/app_redirect
* Report a bug: https://github.com/YunoHost-Apps/redirect_ynh/issues
## Developer info
Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/redirect_ynh/tree/testing).
To try the testing branch, please proceed like that.
```
sudo yunohost app install https://github.com/YunoHost-Apps/redirect_ynh/tree/testing --debug
or
sudo yunohost app upgrade redirect -u https://github.com/YunoHost-Apps/redirect_ynh/tree/testing --debug
```
**More info regarding app packaging:** https://yunohost.org/packaging_apps

89
README_fr.md Normal file
View file

@ -0,0 +1,89 @@
# Redirect pour YunoHost
[![Niveau d'intégration](https://dash.yunohost.org/integration/redirect.svg)](https://dash.yunohost.org/appci/app/redirect) ![](https://ci-apps.yunohost.org/ci/badges/redirect.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/redirect.maintain.svg)
[![Installer Redirect avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=redirect)
*[Read this readme in english.](./README.md)*
*[Lire ce readme en français.](./README_fr.md)*
> *Ce package vous permet d'installer Redirect rapidement et simplement sur un serveur YunoHost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
## Vue d'ensemble
Créer une redirection ou un proxy vers un autre emplacement
**Version incluse :** 1.0.0~ynh5
## Avertissements / informations importantes
**Add a link on your user panel redirecting to another page or app, which can be protected behind your panel for some**.
It could be an invisible redirect, an external link, another app on your local network, a reverse proxy to an app or a Docker container... Some apps can be even be protected behind your panel (meaning that you will have to log-in to access them). The only limit is your imagination - and NGINX ;).
This app only adds a Nginx configuration file with `redirect` or `proxy_pass` rule, and a YunoHost tile. Nothing more.
## Redirect type
### Visible redirect
Visitor's address bar will change. Helpfull to add a user link to another website
you-domain.com -> another-domain.net
you-domain.com/foo -> another-domain.net/bar
### Invisible (proxy) redirect
Visitor's address bar will remain the same. Mostly use to serve local webserver for a personnal application.
you-domain.com/foo -> http://172.0.0.1:8080/app
**IMPORTANT:** the `redirect.conf` file might need to be updated according to your situation!
**WARNING:** Many apps do not support being redirected to a different path due to relative links! This means that some apps being hosted for example on http://127.0.0.1:5050/app/ HAVE TO be redirected to http://domain.tld/app/ and NOT http://domain.tld/someotherapp/
*Concrete example:* the Odoo Docker container runs on http://127.0.0.1:8069/. You will not be able to redirect it to http://domain.tld/odoo/ ! You have to redirect it to the root, so for example http://odoo.domain.tld/
## Public or private redirect
In case of a private redirect, the app will be available to logged in users only. This could be useful if you want to protect behind the SSO an app from your local network or from the server (e.g., a Docker container or an app that does not have user management or password protection).
**IMPORTANT:** Make sure that the app you want to protect CANNOT be accessed by its port or another direct link. Otherwise, your app will only be protected in YunoHost but would still be available through its direct link. In the case of a Docker container, the port of the container will have to be local (e.g., -p 127.0.0.1:9000:9000).
## Case examples
- **Creating a tile for a Docker container** with a local port (e.g., -p 127.0.0.1:PORT:PORT): proxy redirect to http://127.0.0.1:PORT-OF-THE-CONTAINER/
- **Redirecting to an external website**: visible redirect to the URL
- [CozyCloud behind YunoHost?](https://forum.cozy.io/t/cozy-cloud-sous-yunohost/616/11)
- **Creating a tile and protecting apps that are difficult to package natively (or for prototyping)**
**_Feel free to [share your case examples and customized Nginx files on the forum](https://forum.yunohost.org/t/2182)._**
## Credits
Insprired by [scith](https://github.com/scith) work.
## Documentations et ressources
* Site officiel de l'app : https://github.com/YunoHost-Apps/redirect_ynh
* Documentation YunoHost pour cette app : https://yunohost.org/app_redirect
* Signaler un bug : https://github.com/YunoHost-Apps/redirect_ynh/issues
## Informations pour les développeurs
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/redirect_ynh/tree/testing).
Pour essayer la branche testing, procédez comme suit.
```
sudo yunohost app install https://github.com/YunoHost-Apps/redirect_ynh/tree/testing --debug
ou
sudo yunohost app upgrade redirect -u https://github.com/YunoHost-Apps/redirect_ynh/tree/testing --debug
```
**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps

30
check_process
View file

@ -1,41 +1,21 @@
# See here for more informations
# https://github.com/YunoHost/package_check#syntax-check_process-file
# Move this file from check_process.default to check_process when you have filled it.
;; Test complet
; Manifest
domain="domain.tld" (DOMAIN)
path="/path" (PATH)
is_public=1 (PUBLIC|public=1|private=0)
redirect_type="visible_302"
domain="domain.tld"
path="/path"
redirect_type="public_302"
redirect_path="http://127.0.0.1"
; Checks
pkg_linter=1
setup_sub_dir=1
setup_root=1
setup_nourl=0
setup_private=0
setup_private=1
setup_public=1
upgrade=1
backup_restore=1
multi_instance=1
incorrect_path=1
port_already_use=0
change_url=0
;;; Levels
Level 1=auto
Level 2=auto
Level 3=auto
# Level 4:
Level 4=0
# Level 5:
Level 5=auto
Level 6=auto
Level 7=auto
Level 8=0
Level 9=0
Level 10=0
;;; Options
Email=
Notification=none
Notification=none

49
doc/DISCLAIMER.md Normal file
View file

@ -0,0 +1,49 @@
**Add a link on your user panel redirecting to another page or app, which can be protected behind your panel for some**.
It could be an invisible redirect, an external link, another app on your local network, a reverse proxy to an app or a Docker container... Some apps can be even be protected behind your panel (meaning that you will have to log-in to access them). The only limit is your imagination - and NGINX ;).
This app only adds a Nginx configuration file with `redirect` or `proxy_pass` rule, and a YunoHost tile. Nothing more.
## Redirect type
### Visible redirect
Visitor's address bar will change. Helpfull to add a user link to another website
you-domain.com -> another-domain.net
you-domain.com/foo -> another-domain.net/bar
### Invisible (proxy) redirect
Visitor's address bar will remain the same. Mostly use to serve local webserver for a personnal application.
you-domain.com/foo -> http://172.0.0.1:8080/app
**IMPORTANT:** the `redirect.conf` file might need to be updated according to your situation!
**WARNING:** Many apps do not support being redirected to a different path due to relative links! This means that some apps being hosted for example on http://127.0.0.1:5050/app/ HAVE TO be redirected to http://domain.tld/app/ and NOT http://domain.tld/someotherapp/
*Concrete example:* the Odoo Docker container runs on http://127.0.0.1:8069/. You will not be able to redirect it to http://domain.tld/odoo/ ! You have to redirect it to the root, so for example http://odoo.domain.tld/
## Public or private redirect
In case of a private redirect, the app will be available to logged in users only. This could be useful if you want to protect behind the SSO an app from your local network or from the server (e.g., a Docker container or an app that does not have user management or password protection).
**IMPORTANT:** Make sure that the app you want to protect CANNOT be accessed by its port or another direct link. Otherwise, your app will only be protected in YunoHost but would still be available through its direct link. In the case of a Docker container, the port of the container will have to be local (e.g., -p 127.0.0.1:9000:9000).
## Case examples
- **Creating a tile for a Docker container** with a local port (e.g., -p 127.0.0.1:PORT:PORT): proxy redirect to http://127.0.0.1:PORT-OF-THE-CONTAINER/
- **Redirecting to an external website**: visible redirect to the URL
- [CozyCloud behind YunoHost?](https://forum.cozy.io/t/cozy-cloud-sous-yunohost/616/11)
- **Creating a tile and protecting apps that are difficult to package natively (or for prototyping)**
**_Feel free to [share your case examples and customized Nginx files on the forum](https://forum.yunohost.org/t/2182)._**
## Credits
Insprired by [scith](https://github.com/scith) work.

46
manifest.json
View file

@ -2,19 +2,23 @@
"name": "Redirect",
"id": "redirect",
"packaging_format": 1,
"requirements": {
"yunohost": ">= 2.7.12"
},
"description": {
"en": "Create a redirection or a proxy to another path.",
"fr": "Créer une redirection ou un proxy vers un autre emplacement"
},
"version": "1.0.0~ynh2",
"url": "https://github.com/YunoHost-Apps/redirect_ynh",
"version": "1.0.0~ynh5",
"license": "AGPL-3.0-or-later",
"url": "https://github.com/YunoHost-Apps/redirect_ynh",
"upstream": {
"license": "AGPL-3.0-or-later",
"website": "https://github.com/YunoHost-Apps/redirect_ynh"
},
"maintainer": {
"name": "opi",
"email": "opi@zeropi.net"
"name": "alexAubin",
"email": "alex.aubin@mailoo.org"
},
"requirements": {
"yunohost": ">= 4.2.0"
},
"multi_instance": true,
"services": [
@ -25,24 +29,17 @@
{
"name": "domain",
"type": "domain",
"ask": {
"en": "Choose a domain for your redirect",
"fr": "Choisissez un domaine pour votre redirection"
},
"example": "domain.org"
},
{
"name": "path",
"type": "path",
"ask": {
"en": "Choose a path for your redirect",
"fr": "Choisissez un chemin pour votre redirection"
},
"example": "/redirect",
"default": "/redirect"
},
{
"name": "redirect_path",
"type": "string",
"ask": {
"en": "Redirect destination path",
"fr": "Emplacement de destination"
@ -50,27 +47,20 @@
"example": "http://127.0.0.1:8080/app/",
"default": "http://127.0.0.1"
},
{
"name": "is_public",
"type": "boolean",
"ask": {
"en": "Is it a public redirect?",
"fr": "Est-ce une redirection publique ?"
},
"default": false
},
{
"name": "redirect_type",
"type": "string",
"ask": {
"en": "Redirect type",
"fr": "Type de redirection"
},
"choices": {
"visible_302" : "Visible (302, temporary redirect)",
"visible_301" : "Visible (301, permanent redirect)",
"proxy": "Proxy, invisible (Nginx proxy_pass)"
"public_302" : "Visible redirect (302, temporary). Everybody will be able to access it.",
"public_301" : "Visible redirect (301, permanent). Everybody will be able to access it.",
"public_proxy": "Proxy, invisible (nginx proxy_pass). Everybody will be able to access it.",
"private_proxy": "Proxy, invisible (nginx proxy_pass). Only accessible for allowed users."
},
"default": "visible_302"
"default": "public_302"
}
]
}

35
scripts/backup
View file

@ -6,12 +6,6 @@
# IMPORT GENERIC HELPERS
#=================================================
# if [ ! -e _common.sh ]; then
# Get the _common.sh file if it's not in the current directory
# cp ../settings/scripts/_common.sh ./_common.sh
# chmod a+rx _common.sh
# fi
# source _common.sh
source /usr/share/yunohost/helpers
#=================================================
@ -24,22 +18,21 @@ ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
# This is a multi-instance app, meaning it can be installed several times independently
# The id of the app as stated in the manifest is available as $YNH_APP_ID
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
# The app instance name is available as $YNH_APP_INSTANCE_NAME
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
# The app instance name is probably what you are interested the most, since this is
# guaranteed to be unique. This is a good unique identifier to define installation path,
# db names, ...
app=$YNH_APP_INSTANCE_NAME
ynh_print_info --message="Loading installation settings..."
# Retrieve arguments
domain=$(yunohost app setting $app domain)
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
# Copy the conf files
mkdir -p ./conf
cp -a "/etc/nginx/conf.d/${domain}.d/${app}.conf" ./conf/nginx.conf
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf"
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

80
scripts/install
View file

@ -6,7 +6,6 @@
# IMPORT GENERIC HELPERS
#=================================================
# source _common.sh
source /usr/share/yunohost/helpers
#=================================================
@ -20,38 +19,19 @@ ynh_abort_if_errors
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
# This is a multi-instance app, meaning it can be installed several times independently
# The id of the app as stated in the manifest is available as $YNH_APP_ID
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
# The app instance name is available as $YNH_APP_INSTANCE_NAME
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
# The app instance name is probably what you are interested the most, since this is
# guaranteed to be unique. This is a good unique identifier to define installation path,
# db names, ...
app=$YNH_APP_INSTANCE_NAME
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$YNH_APP_ARG_DOMAIN
path=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC
path_url=$YNH_APP_ARG_PATH
redirect_type=$YNH_APP_ARG_REDIRECT_TYPE
redirect_path=$YNH_APP_ARG_REDIRECT_PATH
# Remove trailing slash to path
path=${path%/}
#force location to be / or /foo
location=${path:-/}
# Check domain/path availability
yunohost app checkurl $domain$path -a $app \
|| ynh_die "Path not available: $domain$path"
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
# Validate redirect path
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
[[ ! $redirect_path =~ $url_regex ]] && ynh_die \
"Invalid destination: $redirect_path" 1
[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1
# Avoid uncrypted remote destination with reverse proxy mode
# Indeed the SSO send the password in all requests in HTTP headers
@ -60,42 +40,54 @@ url_regex='^(http://(127\.[0-9]+\.[0-9]+\.[0-9]+|localhost)|https://.*)(:[0-9]+)
"For secure reason, you can't use an unencrypted http remote destination couple with ssowat for your reverse proxy: $redirect_path" 1
# Save extra settings
yunohost app setting $app is_public -v "$is_public"
yunohost app setting $app redirect_type -v "$redirect_type"
yunohost app setting $app redirect_path -v "$redirect_path"
ynh_app_setting_set --app=$app --key=redirect_type --value=$redirect_type
ynh_app_setting_set --app=$app --key=redirect_path --value=$redirect_path
#=================================================
# CONFIGURE NGINX
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
# Nginx configuration
sed -i "s@YNH_LOCATION@$location@g" ../conf/nginx-*.conf
if [ "$redirect_type" = "visible_302" ];
for FILE in $(ls ../conf/nginx-*.conf)
do
ynh_replace_string "YNH_LOCATION" "$path_url" $FILE
done
if [ "$redirect_type" = "public_302" ];
then
sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-visible-302.conf
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-302.conf
cp ../conf/nginx-visible-302.conf /etc/nginx/conf.d/$domain.d/$app.conf
elif [ "$redirect_type" = "visible_301" ];
elif [ "$redirect_type" = "public_301" ];
then
sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-visible-301.conf
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-301.conf
cp ../conf/nginx-visible-301.conf /etc/nginx/conf.d/$domain.d/$app.conf
elif [ "$redirect_type" = "proxy" ];
elif [ "$redirect_type" = "public_proxy" ] || [ "$redirect_type" = "private_proxy" ];
then
sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-proxy.conf
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-proxy.conf
cp ../conf/nginx-proxy.conf /etc/nginx/conf.d/$domain.d/$app.conf
fi
#=================================================
# SETUP SSOWAT
# CONFIGURE SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=2
if [[ "$is_public" -eq 0 ]]
then # Remove the public access
ynh_app_setting_delete "$app" skipped_uris
fi
# Make app public if necessary
if [[ "$is_public" -eq 1 ]]
if [ "$redirect_type" != "private_proxy" ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set "$app" unprotected_uris "/"
ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
# Reload Nginx and regenerate SSOwat conf
service nginx reload
yunohost app ssowatconf
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last

38
scripts/remove
View file

@ -6,31 +6,33 @@
# IMPORT GENERIC HELPERS
#=================================================
# source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
# This is a multi-instance app, meaning it can be installed several times independently
# The id of the app as stated in the manifest is available as $YNH_APP_ID
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
# The app instance name is available as $YNH_APP_INSTANCE_NAME
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
# The app instance name is probably what you are interested the most, since this is
# guaranteed to be unique. This is a good unique identifier to define installation path,
# db names, ...
app=$YNH_APP_INSTANCE_NAME
ynh_script_progression --message="Loading installation settings..." --weight=1
# Retrieve arguments
domain=$(yunohost app setting $app domain)
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
# Remove configuration files
rm -f /etc/nginx/conf.d/$domain.d/$app.conf
ynh_secure_remove /etc/nginx/conf.d/$domain.d/$app.conf
# Restart services
service nginx reload
yunohost app ssowatconf
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Removal of $app completed" --last

57
scripts/restore
View file

@ -6,12 +6,6 @@
# IMPORT GENERIC HELPERS
#=================================================
# if [ ! -e _common.sh ]; then
# Get the _common.sh file if it's not in the current directory
# cp ../settings/scripts/_common.sh ./_common.sh
# chmod a+rx _common.sh
# fi
# source _common.sh
source /usr/share/yunohost/helpers
#=================================================
@ -25,45 +19,23 @@ ynh_abort_if_errors
# LOAD SETTINGS
#=================================================
# This is a multi-instance app, meaning it can be installed several times independently
# The id of the app as stated in the manifest is available as $YNH_APP_ID
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
# The app instance name is available as $YNH_APP_INSTANCE_NAME
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
# The app instance name is probably what you are interested the most, since this is
# guaranteed to be unique. This is a good unique identifier to define installation path,
# db names, ...
app=$YNH_APP_INSTANCE_NAME
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get "$app" domain)
path=$(ynh_app_setting_get "$app" path)
is_public=$(ynh_app_setting_get "$app" is_public)
path_url=$(ynh_app_setting_get "$app" path)
redirect_type=$(ynh_app_setting_get "$app" redirect_type)
redirect_path=$(ynh_app_setting_get "$app" redirect_path)
# Remove trailing slash to path
path=${path%/}
# Check domain/path availability
yunohost app checkurl $domain$path -a $app \
|| die "The path ${domain}${path} is not available for app installation."
# Validate redirect path
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
[[ ! $redirect_path =~ $url_regex ]] && ynh_die \
"Invalid destination: $redirect_path" 1
[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1
# Check configuration files
NGINX_CONF="/etc/nginx/conf.d/${domain}.d/${app}.conf"
[[ -f $NGINX_CONF ]] && die \
"The NGINX configuration already exists at '${NGINX_CONF}'.
You should safely delete it before restoring this app."
[[ -f $NGINX_CONF ]] && ynh_die "The NGINX configuration already exists at '${NGINX_CONF}'. You should safely delete it before restoring this app."
# Restore configuration files
cp -a ./conf/nginx.conf "$NGINX_CONF"
ynh_restore_file "$NGINX_CONF"
#=================================================
# SETUP SSOWAT
@ -74,12 +46,21 @@ then # Remove the public access
ynh_app_setting_delete "$app" skipped_uris
fi
# Make app public if necessary
if [[ "$is_public" -eq 1 ]]
if [ "$redirect_type" != "private_proxy" ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set "$app" unprotected_uris "/"
ynh_permission_update --permission="main" --add="visitors"
fi
# Reload Nginx and regenerate SSOwat conf
service nginx reload
yunohost app ssowatconf
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Restoration completed for $app" --last

120
scripts/upgrade
View file

@ -7,32 +7,16 @@
# IMPORT GENERIC HELPERS
#=================================================
# source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
# This is a multi-instance app, meaning it can be installed several times independently
# The id of the app as stated in the manifest is available as $YNH_APP_ID
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
# The app instance name is available as $YNH_APP_INSTANCE_NAME
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
# The app instance name is probably what you are interested the most, since this is
# guaranteed to be unique. This is a good unique identifier to define installation path,
# db names, ...
app=$YNH_APP_INSTANCE_NAME
# Source app helpers
. /usr/share/yunohost/helpers
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get "$app" domain)
path=$(ynh_app_setting_get "$app" path)
is_public=$(ynh_app_setting_get "$app" is_public)
path_url=$(ynh_app_setting_get "$app" path)
redirect_type=$(ynh_app_setting_get "$app" redirect_type)
redirect_path=$(ynh_app_setting_get "$app" redirect_path)
@ -41,14 +25,6 @@ redirect_path=$(ynh_app_setting_get "$app" redirect_path)
#=================================================
# Fix is_public as a boolean value
if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set $app is_public 1
is_public=1
elif [ "$is_public" = "No" ]; then
ynh_app_setting_set $app is_public 0
is_public=0
fi
# Default value for redirect_type if upgrading from https://github.com/scith/redirect_ynh
if [ -z "$redirect_type" ];
then
@ -56,6 +32,40 @@ then
ynh_app_setting_set $app 'redirect_type' $redirect_type
fi
# Migrate away from old stuff with 'is_public' and old redirect type names
is_public=$(ynh_app_setting_get "$app" is_public)
if [ -n "$is_public" ]
then
if [ "$is_public" = "Yes" ]; then
is_public=1
elif [ "$is_public" = "No" ]; then
is_public=0
fi
if [ "$is_public" = "0" ] && [ "$redirect_type" != "proxy" ]; then
echo "WARNING: You previously had a 'supposedly' private 301 or 302 redirection ... but it was found that it was public all along and it is not easy to create such a private redirection. Your 301 or 302 redirection will be re-flagged as public..." >&2
is_public=1
fi
if [ "$redirect_type" == "proxy" ] && [ "$is_public" = "1" ]
then
redirect_type="public_proxy"
elif [ "$redirect_type" == "proxy" ] && [ "$is_public" = "0" ]
then
redirect_type="private_proxy"
elif [ "$redirect_type" == "visible_302" ]
then
redirect_type="public_302"
elif [ "$redirect_type" == "visible_301" ]
then
redirect_type="public_301"
fi
ynh_app_setting_set $app 'redirect_type' $redirect_type
ynh_app_setting_set $app 'is_public'
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
@ -69,51 +79,53 @@ ynh_clean_setup () {
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
# Remove trailing slash to path
path=${path%/}
#force location to be / or /foo
location=${path:-/}
# Check domain/path availability
yunohost app checkurl $domain$path -a $app \
|| ynh_die "Path not available: $domain$path"
# Validate redirect path
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
[[ ! $redirect_path =~ $url_regex ]] && ynh_die \
"Invalid destination: $redirect_path" 1
[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1
#=================================================
# CONFIGURE NGINX
#=================================================
# Nginx configuration
sed -i "s@YNH_LOCATION@$location@g" ../conf/nginx-*.conf
if [ "$redirect_type" = "visible_302" ];
for FILE in $(ls ../conf/nginx-*.conf)
do
ynh_replace_string "YNH_LOCATION" "$path_url" $FILE
done
if [ "$redirect_type" = "public_302" ];
then
sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-visible-302.conf
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-302.conf
cp ../conf/nginx-visible-302.conf /etc/nginx/conf.d/$domain.d/$app.conf
elif [ "$redirect_type" = "visible_301" ];
elif [ "$redirect_type" = "public_301" ];
then
sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-visible-301.conf
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-301.conf
cp ../conf/nginx-visible-301.conf /etc/nginx/conf.d/$domain.d/$app.conf
elif [ "$redirect_type" = "proxy" ];
elif [ "$redirect_type" = "public_proxy" ] || [ "$redirect_type" = "private_proxy" ];
then
sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-proxy.conf
ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-proxy.conf
cp ../conf/nginx-proxy.conf /etc/nginx/conf.d/$domain.d/$app.conf
fi
#=================================================
# SETUP SSOWAT
# CONFIGURE SSOWAT
#=================================================
if [[ "$is_public" -eq 0 ]]
then # Remove the public access
ynh_app_setting_delete "$app" skipped_uris
fi
# Make app public if necessary
if [[ "$is_public" -eq 1 ]]
if [ "$redirect_type" != "private_proxy" ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set "$app" unprotected_uris -v "/"
ynh_permission_update --permission="main" --add="visitors"
fi
# Reload Nginx and regenerate SSOwat conf
service nginx reload
yunohost app ssowatconf
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last