YunoHost-Apps/reverseproxy_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/reverseproxy_ynh.git synced 2024-09-03 20:16:23 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
reverseproxy_ynh/scripts/_common.sh
selfhoster1312 c7b5b3dbee Handle edgecases gracefully 
Yunohost templating doesn't like @__NAME____proxy because `reverseproxy__2__proxy` will evaluate __2__ to $2
or @__NAME__@proxy because ynh_replace_vars uses @ as sed delimiter
and ynh_replace_vars really hates multiline blocks... Using actual newlines in string produces a sed unclosed delimiter error,
while using \n gets them double escaped to some weird output that crashed nginx.
2023-01-10 13:12:50 +01:00

54 lines
2.1 KiB
Bash
Raw Blame History

# Verify that the requested reverse proxy destination is valid:
# - protocol is http(s):// or unix: for socket file
# - plaintext http is only allowed to localhost (to avoid leaking credentials on the network)
# - http(s) destination is webroot, no additional component allowed (eg. http://localhost:1234/test is invalid)
rp_validate_proxy_path() {
if [[ ! $proxy_path =~ '^unix:/' ]]; then
url_regex='^(http://(127\.[0-9]+\.[0-9]+\.[0-9]+|localhost)|https://.*)(:[0-9]+)?(/.*)?$'
[[ ! $proxy_path =~ $url_regex ]] && ynh_die \
"For secure reason, you can't use an unencrypted http remote destination couple with ssowat for your reverse proxy: $proxy_path" 1
fi
# Don't allow trailing slash or additional URI components in proxy_path
if [[ "$proxy_path" =~ ^https?:// ]]; then
res="${proxy_path//[^\/]}"
if [[ "${#res}" != "2" ]]; then
if [[ "${#res}" = "3" ]] && [[ "$proxy_path" =~ /$ ]]; then
# If it's only one trailing slash (no more components), just remove it
proxy_path="${proxy_path::-1}"
else
ynh_die "Reverse proxy URL cannot contain additional slashes or components: $proxy_path" 1
fi
fi
fi
}
# Verify that the requested assets path is valid
# - is a local folder
# - ends with a /
rp_validate_assets_path() {
if [[ "$assets_path" = "" ]]; then
assets_path="/dev/null"
else
if [ ! -d "$assets_path" ]; then
ynh_die "Requested assets path "$assets_path" does not exist" 1
fi
if [[ ! "$assets_path" =~ /$ ]]; then
# Append missing trailing /
assets_path=""${assets_path}"/"
fi
fi
}
# When the app is not in the webroot (path_url = /), need to add a redirect block
# to app/ so relative URLs work
rp_handle_webroot() {
if [[ "$path_url" = "/" ]]; then
path_url_slash="/"
redirect_block="# Not needed for webroot"
else
path_url_slash=""$path_url"/"
redirect_block="location = "$path_url" { return 302 "$path_url_slash"; }"
fi
}
Reference in a new issue View git blame Copy permalink