mirror of
https://github.com/YunoHost-Apps/reverseproxy_ynh.git
synced 2024-09-03 20:16:23 +02:00
commit
e6e2ca0f6f
15 changed files with 341 additions and 85 deletions
55
.github/ISSUE_TEMPLATE.md
vendored
Normal file
55
.github/ISSUE_TEMPLATE.md
vendored
Normal file
|
@ -0,0 +1,55 @@
|
||||||
|
---
|
||||||
|
name: Bug report
|
||||||
|
about: When creating a bug report, please use the following template to provide all the relevant information and help debugging efficiently.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
**How to post a meaningful bug report**
|
||||||
|
1. *Read this whole template first.*
|
||||||
|
2. *Determine if you are on the right place:*
|
||||||
|
- *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!*
|
||||||
|
- *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.*
|
||||||
|
- *When in doubt, post here and we will figure it out together.*
|
||||||
|
3. *Delete the italic comments as you write over them below, and remove this guide.*
|
||||||
|
---
|
||||||
|
|
||||||
|
### Describe the bug
|
||||||
|
|
||||||
|
*A clear and concise description of what the bug is.*
|
||||||
|
|
||||||
|
### Context
|
||||||
|
|
||||||
|
- Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...*
|
||||||
|
- YunoHost version: x.x.x
|
||||||
|
- I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...*
|
||||||
|
- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes*
|
||||||
|
- If yes, please explain:
|
||||||
|
- Using, or trying to install package version/branch:
|
||||||
|
- If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`*
|
||||||
|
|
||||||
|
### Steps to reproduce
|
||||||
|
|
||||||
|
- *If you performed a command from the CLI, the command itself is enough. For example:*
|
||||||
|
```sh
|
||||||
|
sudo yunohost app install the_app
|
||||||
|
```
|
||||||
|
- *If you used the webadmin, please perform the equivalent command from the CLI first.*
|
||||||
|
- *If the error occurs in your browser, explain what you did:*
|
||||||
|
1. *Go to '...'*
|
||||||
|
2. *Click on '...'*
|
||||||
|
3. *Scroll down to '...'*
|
||||||
|
4. *See error*
|
||||||
|
|
||||||
|
### Expected behavior
|
||||||
|
|
||||||
|
*A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.*
|
||||||
|
|
||||||
|
### Logs
|
||||||
|
|
||||||
|
*When an operation fails, YunoHost provides a simple way to share the logs.*
|
||||||
|
- *In the webadmin, the error message contains a link to the relevant log page. On that page, you will be able to 'Share with Yunopaste'. If you missed it, the logs of previous operations are also available under Tools > Logs.*
|
||||||
|
- *In command line, the command to share the logs is displayed at the end of the operation and looks like `yunohost log display [log name] --share`. If you missed it, you can find the log ID of a previous operation using `yunohost log list`.*
|
||||||
|
|
||||||
|
*After sharing the log, please copypaste directly the link provided by YunoHost (to help readability, no need to copypaste the entire content of the log here, just the link is enough...)*
|
||||||
|
|
||||||
|
*If applicable and useful, add screenshots to help explain your problem.*
|
16
.github/PULL_REQUEST_TEMPLATE.md
vendored
Normal file
16
.github/PULL_REQUEST_TEMPLATE.md
vendored
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
## Problem
|
||||||
|
|
||||||
|
- *Description of why you made this PR*
|
||||||
|
|
||||||
|
## Solution
|
||||||
|
|
||||||
|
- *And how do you fix that problem*
|
||||||
|
|
||||||
|
## PR Status
|
||||||
|
|
||||||
|
- [ ] Code finished and ready to be reviewed/tested
|
||||||
|
- [ ] The fix/enhancement were manually tested (if applicable)
|
||||||
|
|
||||||
|
## Automatic tests
|
||||||
|
|
||||||
|
Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization)
|
80
README.md
80
README.md
|
@ -1,53 +1,67 @@
|
||||||
# Redirect App
|
<!--
|
||||||
|
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
|
||||||
|
It shall NOT be edited by hand.
|
||||||
|
-->
|
||||||
|
|
||||||
**Add a link on your user panel redirecting to another page or app, which can be protected behind your panel for some**.
|
# Redirect for YunoHost
|
||||||
|
|
||||||
It could be an invisible redirect, an external link, another app on your local network, a reverse proxy to an app or a Docker container... Some apps can be even be protected behind your panel (meaning that you will have to log-in to access them). The only limit is your imagination - and Nginx ;).
|
[![Integration level](https://dash.yunohost.org/integration/redirect.svg)](https://dash.yunohost.org/appci/app/redirect) ![](https://ci-apps.yunohost.org/ci/badges/redirect.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/redirect.maintain.svg)
|
||||||
|
[![Install Redirect with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=redirect)
|
||||||
|
|
||||||
This app only adds a Nginx configuration file with `redirect` or `proxy_pass` rule, and a YunoHost tile. Nothing more.
|
*[Lire ce readme en français.](./README_fr.md)*
|
||||||
|
|
||||||
|
> *This package allows you to install Redirect quickly and simply on a YunoHost server.
|
||||||
|
If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
|
||||||
|
|
||||||
|
## Overview
|
||||||
|
|
||||||
|
This application allows to integrate a custom tile in YunoHost's user portal. Typical use cases include:
|
||||||
|
- **visible 301/302 redirect** : having a "virtual" app tile that's just a redirection to another url or external website
|
||||||
|
- **invisible redirect / reverse-proxy** : creating an app tile for a local app listening on a specific port, or a Docker container, or an app hosted on another machine
|
||||||
|
|
||||||
|
In technical terms: this app only adds a NGINX configuration snippet with either `redirect` or `proxy_pass` rule, and a YunoHost tile + appropriate SSOwat configuration.
|
||||||
|
|
||||||
|
|
||||||
|
**Shipped version:** 1.0.0~ynh5
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## Disclaimers / important information
|
||||||
|
|
||||||
## Redirect type
|
## Redirect type
|
||||||
|
|
||||||
### Visible redirect
|
### Visible redirect
|
||||||
|
|
||||||
Visitor's address bar will change. Helpfull to add a user link to another
|
The client will be redirected to another url or external website
|
||||||
website
|
|
||||||
|
|
||||||
you-domain.com -> another-domain.net
|
- `your-domain.com -> another-domain.net`
|
||||||
you-domain.com/foo -> another-domain.net/bar
|
- `your-domain.com/foo -> another-domain.net/bar`
|
||||||
|
|
||||||
### Invisible (proxy) redirect
|
### Invisible redirect (a.k.a "reverse-proxy")
|
||||||
|
|
||||||
Visitor's address bar will remain the same. Mostly use to serve local webserver
|
Visitor's address bar will remain the same. Typically used to integrate into YunoHost a manually-installed app into the portal.
|
||||||
for a personnal application.
|
|
||||||
|
|
||||||
you-domain.com/foo -> http://172.0.0.1:8080/app
|
- `you-domain.com/foo -> http://172.0.0.1:8080/app`
|
||||||
|
|
||||||
**IMPORTANT:** the redirect.conf file might need to be updated according to your situation!
|
**IMPORTANT:** you may have to further tweak the `redirect.conf` in the nginx configuration, depending on your needs!
|
||||||
|
|
||||||
**WARNING:** Many apps do not support being redirected to a different path due to relative links! This means that some apps being hosted for example on http://127.0.0.1:5050/app/ HAVE TO be redirected to http://domain.tld/app/ and NOT http://domain.tld/someotherapp/
|
**IMPORTANT:** Many apps do not support being redirected to a different path due to relative links! This means that some apps being hosted for example on http://127.0.0.1:5050/app/ MUST be redirected to http://domain.tld/app/ and NOT http://domain.tld/someotherapp/. For example : an Odoo Docker container runs on http://127.0.0.1:8069/. You will not be able to redirect it to http://domain.tld/odoo/ ! You have to redirect it to the root, so for example http://odoo.domain.tld/
|
||||||
|
|
||||||
*Concrete example:* the Odoo Docker container runs on http://127.0.0.1:8069/. You will not be able to redirect it to http://domain.tld/odoo/ ! You have to redirect it to the root, so for example http://odoo.domain.tld/
|
## Documentation and resources
|
||||||
|
|
||||||
## Public or private redirect
|
* Official app website: https://github.com/YunoHost-Apps/redirect_ynh
|
||||||
|
* YunoHost documentation for this app: https://yunohost.org/app_redirect
|
||||||
|
* Report a bug: https://github.com/YunoHost-Apps/redirect_ynh/issues
|
||||||
|
|
||||||
In case of a private redirect, the app will be available to logged in users only. This could be useful if you want to protect behind the SSO an app from your local network or from the server (e.g., a Docker container or an app that does not have user management or password protection).
|
## Developer info
|
||||||
|
|
||||||
**IMPORTANT:** Make sure that the app you want to protect CANNOT be accessed by its port or another direct link. Otherwise, your app will only be protected in YunoHost but would still be available through its direct link. In the case of a Docker container, the port of the container will have to be local (e.g., -p 127.0.0.1:9000:9000).
|
Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/redirect_ynh/tree/testing).
|
||||||
|
|
||||||
## Case examples
|
To try the testing branch, please proceed like that.
|
||||||
|
```
|
||||||
|
sudo yunohost app install https://github.com/YunoHost-Apps/redirect_ynh/tree/testing --debug
|
||||||
|
or
|
||||||
|
sudo yunohost app upgrade redirect -u https://github.com/YunoHost-Apps/redirect_ynh/tree/testing --debug
|
||||||
|
```
|
||||||
|
|
||||||
- **Creating a tile for a Docker container** with a local port (e.g., -p 127.0.0.1:PORT:PORT): proxy redirect to http://127.0.0.1:PORT-OF-THE-CONTAINER/
|
**More info regarding app packaging:** https://yunohost.org/packaging_apps
|
||||||
|
|
||||||
- **Redirecting to an external website**: visible redirect to the URL
|
|
||||||
|
|
||||||
- [CozyCloud behind YunoHost?](https://forum.cozy.io/t/cozy-cloud-sous-yunohost/616/11)
|
|
||||||
|
|
||||||
- **Creating a tile and protecting apps that are difficult to package natively (or for prototyping)**
|
|
||||||
|
|
||||||
|
|
||||||
**_Feel free to [share your case examples and customized Nginx files on the forum](https://forum.yunohost.org/t/2182)._**
|
|
||||||
|
|
||||||
## Credits
|
|
||||||
|
|
||||||
Insprired by [scith](https://github.com/scith) work.
|
|
63
README_fr.md
Normal file
63
README_fr.md
Normal file
|
@ -0,0 +1,63 @@
|
||||||
|
# Redirect pour YunoHost
|
||||||
|
|
||||||
|
[![Niveau d'intégration](https://dash.yunohost.org/integration/redirect.svg)](https://dash.yunohost.org/appci/app/redirect) ![](https://ci-apps.yunohost.org/ci/badges/redirect.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/redirect.maintain.svg)
|
||||||
|
[![Installer Redirect avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=redirect)
|
||||||
|
|
||||||
|
*[Read this readme in english.](./README.md)*
|
||||||
|
*[Lire ce readme en français.](./README_fr.md)*
|
||||||
|
|
||||||
|
> *Ce package vous permet d'installer Redirect rapidement et simplement sur un serveur YunoHost.
|
||||||
|
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
|
||||||
|
|
||||||
|
## Vue d'ensemble
|
||||||
|
|
||||||
|
Cette application permet d'intégrée une tuile personalisée dans le portail utilisateur de YunoHost. Les cas d'usage typiques sont:
|
||||||
|
- **redirection 301/302 visible** : avoir une tuile d'app "virtuelle" qui se contente de rediriger vers une autre url ou un site externe
|
||||||
|
- **redirection invisible / reverse-proxy** : créer une tuile pour une application locale écoutant sur un port précis, ou bien un conteneur Docker, ou encore une app hébergée sur une autre machine
|
||||||
|
|
||||||
|
En terme technique: cette app se contente de rajouter le morceau de configuration NGINX approprié avec soit `redirect` ou `proxy_pass`, et la tuile YunoHost + configuration SSOwat correspondante.
|
||||||
|
|
||||||
|
|
||||||
|
**Version incluse :** 1.0.0~ynh5
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## Avertissements / informations importantes
|
||||||
|
|
||||||
|
## Types de redirection
|
||||||
|
|
||||||
|
### Redirection visible
|
||||||
|
|
||||||
|
Le client sera redirigé vers une autre URL ou site externe
|
||||||
|
|
||||||
|
- `votre-domaine.com -> un-autre-domaine.net`
|
||||||
|
- `votre-domaine.com/foo -> un-autre-domaine.net/bar`
|
||||||
|
|
||||||
|
### Redirection invisible (a.k.a "reverse-proxy")
|
||||||
|
|
||||||
|
L'adresse du client restera inchangé dans le navigateur. Typiquement utilisé pour intéger dans YunoHost une application installée manuellement.
|
||||||
|
|
||||||
|
- `you-domain.com/foo -> http://172.0.0.1:8080/app`
|
||||||
|
|
||||||
|
**IMPORTANT:** il vous faudra peut-être bricoler manuellement `redirect.conf` dans la configuration nginx, en fonction de vos besoins.
|
||||||
|
|
||||||
|
**IMPORTANT:** Certaines apps ne supportent pas d'être redirigées depuis un chemin différent à cause du fonctionnement des liens relatifs ... Cela signifie que par exemple une app hébergée sur `http://127.0.0.1:5050/app/` DOIT être routé sur `http://domaine.tld/app/` et PAS http://domaine.tld/unautrechemin/. Par exemple: un conteneur Docker Odoo tourne sur `http://127.0.0.1:8069/`. Il ne sera pas capable de fonctionné correctement si il est routé sur `http://domaine.tld/odoo/` ! Il faut forcément l'installer à la racine d'un domaine, par exemple `http://odoo.domaine.tld/`
|
||||||
|
|
||||||
|
## Documentations et ressources
|
||||||
|
|
||||||
|
* Site officiel de l'app : https://github.com/YunoHost-Apps/redirect_ynh
|
||||||
|
* Documentation YunoHost pour cette app : https://yunohost.org/app_redirect
|
||||||
|
* Signaler un bug : https://github.com/YunoHost-Apps/redirect_ynh/issues
|
||||||
|
|
||||||
|
## Informations pour les développeurs
|
||||||
|
|
||||||
|
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/redirect_ynh/tree/testing).
|
||||||
|
|
||||||
|
Pour essayer la branche testing, procédez comme suit.
|
||||||
|
```
|
||||||
|
sudo yunohost app install https://github.com/YunoHost-Apps/redirect_ynh/tree/testing --debug
|
||||||
|
ou
|
||||||
|
sudo yunohost app upgrade redirect -u https://github.com/YunoHost-Apps/redirect_ynh/tree/testing --debug
|
||||||
|
```
|
||||||
|
|
||||||
|
**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps
|
|
@ -1,12 +1,7 @@
|
||||||
# See here for more informations
|
|
||||||
# https://github.com/YunoHost/package_check#syntax-check_process-file
|
|
||||||
|
|
||||||
# Move this file from check_process.default to check_process when you have filled it.
|
|
||||||
|
|
||||||
;; Test complet
|
;; Test complet
|
||||||
; Manifest
|
; Manifest
|
||||||
domain="domain.tld" (DOMAIN)
|
domain="domain.tld"
|
||||||
path="/path" (PATH)
|
path="/path"
|
||||||
redirect_type="public_302"
|
redirect_type="public_302"
|
||||||
redirect_path="http://127.0.0.1"
|
redirect_path="http://127.0.0.1"
|
||||||
; Checks
|
; Checks
|
||||||
|
@ -15,12 +10,11 @@
|
||||||
setup_root=1
|
setup_root=1
|
||||||
setup_nourl=0
|
setup_nourl=0
|
||||||
setup_private=0
|
setup_private=0
|
||||||
|
setup_private=1
|
||||||
setup_public=1
|
setup_public=1
|
||||||
upgrade=1
|
upgrade=1
|
||||||
backup_restore=1
|
backup_restore=1
|
||||||
multi_instance=1
|
multi_instance=1
|
||||||
incorrect_path=0
|
|
||||||
port_already_use=0
|
|
||||||
change_url=0
|
change_url=0
|
||||||
;;; Options
|
;;; Options
|
||||||
Email=
|
Email=
|
||||||
|
|
5
doc/DESCRIPTION.md
Normal file
5
doc/DESCRIPTION.md
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
This application allows to integrate a custom tile in YunoHost's user portal. Typical use cases include:
|
||||||
|
- **visible 301/302 redirect** : having a "virtual" app tile that's just a redirection to another url or external website
|
||||||
|
- **invisible redirect / reverse-proxy** : creating an app tile for a local app listening on a specific port, or a Docker container, or an app hosted on another machine
|
||||||
|
|
||||||
|
In technical terms: this app only adds a NGINX configuration snippet with either `redirect` or `proxy_pass` rule, and a YunoHost tile + appropriate SSOwat configuration.
|
5
doc/DESCRIPTION_fr.md
Normal file
5
doc/DESCRIPTION_fr.md
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
Cette application permet d'intégrée une tuile personalisée dans le portail utilisateur de YunoHost. Les cas d'usage typiques sont:
|
||||||
|
- **redirection 301/302 visible** : avoir une tuile d'app "virtuelle" qui se contente de rediriger vers une autre url ou un site externe
|
||||||
|
- **redirection invisible / reverse-proxy** : créer une tuile pour une application locale écoutant sur un port précis, ou bien un conteneur Docker, ou encore une app hébergée sur une autre machine
|
||||||
|
|
||||||
|
En terme technique: cette app se contente de rajouter le morceau de configuration NGINX approprié avec soit `redirect` ou `proxy_pass`, et la tuile YunoHost + configuration SSOwat correspondante.
|
18
doc/DISCLAIMER.md
Normal file
18
doc/DISCLAIMER.md
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
## Redirect type
|
||||||
|
|
||||||
|
### Visible redirect
|
||||||
|
|
||||||
|
The client will be redirected to another url or external website
|
||||||
|
|
||||||
|
- `your-domain.com -> another-domain.net`
|
||||||
|
- `your-domain.com/foo -> another-domain.net/bar`
|
||||||
|
|
||||||
|
### Invisible redirect (a.k.a "reverse-proxy")
|
||||||
|
|
||||||
|
Visitor's address bar will remain the same. Typically used to integrate into YunoHost a manually-installed app into the portal.
|
||||||
|
|
||||||
|
- `you-domain.com/foo -> http://172.0.0.1:8080/app`
|
||||||
|
|
||||||
|
**IMPORTANT:** you may have to further tweak the `redirect.conf` in the nginx configuration, depending on your needs!
|
||||||
|
|
||||||
|
**IMPORTANT:** Many apps do not support being redirected to a different path due to relative links! This means that some apps being hosted for example on http://127.0.0.1:5050/app/ MUST be redirected to http://domain.tld/app/ and NOT http://domain.tld/someotherapp/. For example : an Odoo Docker container runs on http://127.0.0.1:8069/. You will not be able to redirect it to http://domain.tld/odoo/ ! You have to redirect it to the root, so for example http://odoo.domain.tld/
|
18
doc/DISCLAIMER_fr.md
Normal file
18
doc/DISCLAIMER_fr.md
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
## Types de redirection
|
||||||
|
|
||||||
|
### Redirection visible
|
||||||
|
|
||||||
|
Le client sera redirigé vers une autre URL ou site externe
|
||||||
|
|
||||||
|
- `votre-domaine.com -> un-autre-domaine.net`
|
||||||
|
- `votre-domaine.com/foo -> un-autre-domaine.net/bar`
|
||||||
|
|
||||||
|
### Redirection invisible (a.k.a "reverse-proxy")
|
||||||
|
|
||||||
|
L'adresse du client restera inchangé dans le navigateur. Typiquement utilisé pour intéger dans YunoHost une application installée manuellement.
|
||||||
|
|
||||||
|
- `you-domain.com/foo -> http://172.0.0.1:8080/app`
|
||||||
|
|
||||||
|
**IMPORTANT:** il vous faudra peut-être bricoler manuellement `redirect.conf` dans la configuration nginx, en fonction de vos besoins.
|
||||||
|
|
||||||
|
**IMPORTANT:** Certaines apps ne supportent pas d'être redirigées depuis un chemin différent à cause du fonctionnement des liens relatifs ... Cela signifie que par exemple une app hébergée sur `http://127.0.0.1:5050/app/` DOIT être routé sur `http://domaine.tld/app/` et PAS http://domaine.tld/unautrechemin/. Par exemple: un conteneur Docker Odoo tourne sur `http://127.0.0.1:8069/`. Il ne sera pas capable de fonctionné correctement si il est routé sur `http://domaine.tld/odoo/` ! Il faut forcément l'installer à la racine d'un domaine, par exemple `http://odoo.domaine.tld/`
|
|
@ -2,20 +2,24 @@
|
||||||
"name": "Redirect",
|
"name": "Redirect",
|
||||||
"id": "redirect",
|
"id": "redirect",
|
||||||
"packaging_format": 1,
|
"packaging_format": 1,
|
||||||
"requirements": {
|
|
||||||
"yunohost": ">= 3.8"
|
|
||||||
},
|
|
||||||
"description": {
|
"description": {
|
||||||
"en": "Create a redirection or a proxy to another path.",
|
"en": "Create a redirection or a proxy to another path",
|
||||||
"fr": "Créer une redirection ou un proxy vers un autre emplacement"
|
"fr": "Créer une redirection ou un proxy vers un autre emplacement"
|
||||||
},
|
},
|
||||||
"version": "1.0.0~ynh4",
|
"version": "1.0.0~ynh5",
|
||||||
"license": "AGPL-3.0-or-later",
|
"license": "AGPL-3.0-or-later",
|
||||||
"url": "https://github.com/YunoHost-Apps/redirect_ynh",
|
"url": "https://github.com/YunoHost-Apps/redirect_ynh",
|
||||||
|
"upstream": {
|
||||||
|
"license": "AGPL-3.0-or-later",
|
||||||
|
"website": "https://github.com/YunoHost-Apps/redirect_ynh"
|
||||||
|
},
|
||||||
"maintainer": {
|
"maintainer": {
|
||||||
"name": "alexAubin",
|
"name": "alexAubin",
|
||||||
"email": "alex.aubin@mailoo.org"
|
"email": "alex.aubin@mailoo.org"
|
||||||
},
|
},
|
||||||
|
"requirements": {
|
||||||
|
"yunohost": ">= 4.2.0"
|
||||||
|
},
|
||||||
"multi_instance": true,
|
"multi_instance": true,
|
||||||
"services": [
|
"services": [
|
||||||
"nginx"
|
"nginx"
|
||||||
|
@ -25,19 +29,11 @@
|
||||||
{
|
{
|
||||||
"name": "domain",
|
"name": "domain",
|
||||||
"type": "domain",
|
"type": "domain",
|
||||||
"ask": {
|
|
||||||
"en": "Choose a domain for your redirect",
|
|
||||||
"fr": "Choisissez un domaine pour votre redirection"
|
|
||||||
},
|
|
||||||
"example": "domain.org"
|
"example": "domain.org"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "path",
|
"name": "path",
|
||||||
"type": "path",
|
"type": "path",
|
||||||
"ask": {
|
|
||||||
"en": "Choose a path for your redirect",
|
|
||||||
"fr": "Choisissez un chemin pour votre redirection"
|
|
||||||
},
|
|
||||||
"example": "/redirect",
|
"example": "/redirect",
|
||||||
"default": "/redirect"
|
"default": "/redirect"
|
||||||
},
|
},
|
||||||
|
@ -53,15 +49,16 @@
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "redirect_type",
|
"name": "redirect_type",
|
||||||
|
"type": "string",
|
||||||
"ask": {
|
"ask": {
|
||||||
"en": "Redirect type",
|
"en": "Redirect type",
|
||||||
"fr": "Type de redirection"
|
"fr": "Type de redirection"
|
||||||
},
|
},
|
||||||
"choices": {
|
"choices": {
|
||||||
"public_302" : "Visible redirect (302, temporary). Everybody will be able to access it.",
|
"public_302": "Visible redirect (302, temporary). Everybody will be able to access it.",
|
||||||
"public_301" : "Visible redirect (301, permanent). Everybody will be able to access it.",
|
"public_301": "Visible redirect (301, permanent). Everybody will be able to access it.",
|
||||||
"public_proxy": "Proxy, invisible (nginx proxy_pass). Everybody will be able to access it.",
|
"public_proxy": "Proxy, invisible (NGINX proxy_pass). Everybody will be able to access it.",
|
||||||
"private_proxy": "Proxy, invisible (nginx proxy_pass). Only accessible for allowed users."
|
"private_proxy": "Proxy, invisible (NGINX proxy_pass). Only accessible for allowed users."
|
||||||
},
|
},
|
||||||
"default": "public_302"
|
"default": "public_302"
|
||||||
}
|
}
|
||||||
|
|
|
@ -18,10 +18,21 @@ ynh_abort_if_errors
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_print_info --message="Loading installation settings..."
|
||||||
|
|
||||||
# Retrieve arguments
|
# Retrieve arguments
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
domain=$(ynh_app_setting_get $app domain)
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# BACKUP THE NGINX CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
|
||||||
# Copy the conf files
|
# Copy the conf files
|
||||||
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf"
|
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
|
||||||
|
|
|
@ -27,19 +27,26 @@ redirect_type=$YNH_APP_ARG_REDIRECT_TYPE
|
||||||
redirect_path=$YNH_APP_ARG_REDIRECT_PATH
|
redirect_path=$YNH_APP_ARG_REDIRECT_PATH
|
||||||
|
|
||||||
# Check domain/path availability
|
# Check domain/path availability
|
||||||
ynh_webpath_register $app $domain $path_url
|
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
|
||||||
|
|
||||||
# Validate redirect path
|
# Validate redirect path
|
||||||
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
|
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
|
||||||
[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1
|
[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1
|
||||||
|
|
||||||
|
# Avoid uncrypted remote destination with reverse proxy mode
|
||||||
|
# Indeed the SSO send the password in all requests in HTTP headers
|
||||||
|
url_regex='^(http://(127\.[0-9]+\.[0-9]+\.[0-9]+|localhost)|https://.*)(:[0-9]+)?(/.*)?$'
|
||||||
|
[[ "$redirect_type" = "proxy" ]] && [[ ! $redirect_path =~ $url_regex ]] && ynh_die \
|
||||||
|
"For secure reason, you can't use an unencrypted http remote destination couple with ssowat for your reverse proxy: $redirect_path" 1
|
||||||
|
|
||||||
# Save extra settings
|
# Save extra settings
|
||||||
ynh_app_setting_set $app redirect_type "$redirect_type"
|
ynh_app_setting_set --app=$app --key=redirect_type --value=$redirect_type
|
||||||
ynh_app_setting_set $app redirect_path "$redirect_path"
|
ynh_app_setting_set --app=$app --key=redirect_path --value=$redirect_path
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CONFIGURE NGINX
|
# CONFIGURE NGINX
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
|
||||||
|
|
||||||
# Nginx configuration
|
# Nginx configuration
|
||||||
for FILE in $(ls ../conf/nginx-*.conf)
|
for FILE in $(ls ../conf/nginx-*.conf)
|
||||||
|
@ -63,13 +70,24 @@ fi
|
||||||
#=================================================
|
#=================================================
|
||||||
# CONFIGURE SSOWAT
|
# CONFIGURE SSOWAT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring permissions..." --weight=2
|
||||||
|
|
||||||
# Make app public if necessary
|
# Make app public if necessary
|
||||||
if [ "$redirect_type" != "private_proxy" ]
|
if [ "$redirect_type" != "private_proxy" ]
|
||||||
then
|
then
|
||||||
# unprotected_uris allows SSO credentials to be passed anyway.
|
# unprotected_uris allows SSO credentials to be passed anyway.
|
||||||
ynh_app_setting_set "$app" unprotected_uris "/"
|
ynh_permission_update --permission="main" --add="visitors"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Reload Nginx and regenerate SSOwat conf
|
#=================================================
|
||||||
systemctl reload nginx
|
# RELOAD NGINX
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Installation of $app completed" --last
|
||||||
|
|
|
@ -11,13 +11,28 @@ source /usr/share/yunohost/helpers
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||||
|
|
||||||
# Retrieve arguments
|
# Retrieve arguments
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
domain=$(ynh_app_setting_get $app domain)
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# REMOVE NGINX CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
|
||||||
# Remove configuration files
|
# Remove configuration files
|
||||||
ynh_secure_remove /etc/nginx/conf.d/$domain.d/$app.conf
|
ynh_secure_remove /etc/nginx/conf.d/$domain.d/$app.conf
|
||||||
|
|
||||||
# Restart services
|
#=================================================
|
||||||
systemctl reload nginx
|
# RELOAD NGINX AND PHP-FPM
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Removal of $app completed" --last
|
||||||
|
|
|
@ -21,10 +21,10 @@ ynh_abort_if_errors
|
||||||
|
|
||||||
# Retrieve arguments
|
# Retrieve arguments
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
domain=$(ynh_app_setting_get "$app" domain)
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
path_url=$(ynh_app_setting_get "$app" path)
|
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
||||||
redirect_type=$(ynh_app_setting_get "$app" redirect_type)
|
redirect_type=$(ynh_app_setting_get --app=$app --key=redirect_type)
|
||||||
redirect_path=$(ynh_app_setting_get "$app" redirect_path)
|
redirect_path=$(ynh_app_setting_get --app=$app --key=redirect_path)
|
||||||
|
|
||||||
# Validate redirect path
|
# Validate redirect path
|
||||||
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
|
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
|
||||||
|
@ -38,15 +38,25 @@ NGINX_CONF="/etc/nginx/conf.d/${domain}.d/${app}.conf"
|
||||||
ynh_restore_file "$NGINX_CONF"
|
ynh_restore_file "$NGINX_CONF"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CONFIGURE SSOWAT
|
# SETUP SSOWAT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
# Make app public if necessary
|
# Make app public if necessary
|
||||||
if [ "$redirect_type" != "private_proxy" ]
|
if [ "$redirect_type" != "private_proxy" ]
|
||||||
then
|
then
|
||||||
# unprotected_uris allows SSO credentials to be passed anyway.
|
# unprotected_uris allows SSO credentials to be passed anyway.
|
||||||
ynh_app_setting_set "$app" unprotected_uris "/"
|
ynh_permission_update --permission="main" --add="visitors"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Reload Nginx and regenerate SSOwat conf
|
#=================================================
|
||||||
systemctl reload nginx
|
# RELOAD NGINX AND PHP-FPM
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Restoration completed for $app" --last
|
||||||
|
|
|
@ -15,10 +15,10 @@ source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
# Retrieve arguments
|
# Retrieve arguments
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
domain=$(ynh_app_setting_get "$app" domain)
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
path_url=$(ynh_app_setting_get "$app" path)
|
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
||||||
redirect_type=$(ynh_app_setting_get "$app" redirect_type)
|
redirect_type=$(ynh_app_setting_get --app=$app --key=redirect_type)
|
||||||
redirect_path=$(ynh_app_setting_get "$app" redirect_path)
|
redirect_path=$(ynh_app_setting_get --app=$app --key=redirect_path)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# ENSURE DOWNWARD COMPATIBILITY
|
# ENSURE DOWNWARD COMPATIBILITY
|
||||||
|
@ -43,7 +43,7 @@ then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$is_public" = "0" ] && [ "$redirect_type" != "proxy" ]; then
|
if [ "$is_public" = "0" ] && [ "$redirect_type" != "proxy" ]; then
|
||||||
echo "WARNING: You previously had a 'supposedly' private 301 or 302 redirection ... but it was found that it was public all along and it is not easy to create such a private redirection. Your 301 or 302 redirection will be re-flagged as public..." >&2
|
echo "WARNING: You previously had a 'supposedly' private 301 or 302 redirection... but it was found that it was public all along and it is not easy to create such a private redirection. Your 301 or 302 redirection will be re-flagged as public..." >&2
|
||||||
is_public=1
|
is_public=1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -65,6 +65,13 @@ then
|
||||||
ynh_app_setting_set $app 'is_public'
|
ynh_app_setting_set $app 'is_public'
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Migrate legacy permissions to new system
|
||||||
|
if ynh_legacy_permissions_exists
|
||||||
|
then
|
||||||
|
ynh_legacy_permissions_delete_all
|
||||||
|
|
||||||
|
ynh_app_setting_delete --app=$app --key=is_public
|
||||||
|
fi
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||||
|
@ -114,8 +121,18 @@ fi
|
||||||
if [ "$redirect_type" != "private_proxy" ]
|
if [ "$redirect_type" != "private_proxy" ]
|
||||||
then
|
then
|
||||||
# unprotected_uris allows SSO credentials to be passed anyway.
|
# unprotected_uris allows SSO credentials to be passed anyway.
|
||||||
ynh_app_setting_set "$app" unprotected_uris "/"
|
ynh_permission_update --permission="main" --add="visitors"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Reload Nginx and regenerate SSOwat conf
|
#=================================================
|
||||||
systemctl reload nginx
|
# RELOAD NGINX
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Upgrade of $app completed" --last
|
||||||
|
|
Loading…
Reference in a new issue