2015-02-02 00:05:09 +01:00
|
|
|
--
|
|
|
|
-- config.lua
|
|
|
|
--
|
|
|
|
-- This file loads the configuration from config files or default values.
|
|
|
|
--
|
|
|
|
|
2015-02-15 13:03:01 +01:00
|
|
|
module('config', package.seeall)
|
2015-02-02 00:05:09 +01:00
|
|
|
|
2023-07-13 16:41:17 +02:00
|
|
|
local lfs = require("lfs")
|
|
|
|
local json = require("json")
|
2021-12-26 17:01:56 +01:00
|
|
|
|
2020-09-02 12:57:16 +02:00
|
|
|
local config_attributes = nil
|
|
|
|
local config_persistent_attributes = nil
|
|
|
|
|
|
|
|
local conf = {}
|
|
|
|
|
2023-07-15 19:51:31 +02:00
|
|
|
local conf_path = "/etc/ssowat/conf.json"
|
|
|
|
|
|
|
|
|
2021-12-26 17:01:56 +01:00
|
|
|
function get_cookie_secret()
|
|
|
|
|
|
|
|
local conf_file = assert(io.open(conf_path, "r"), "Configuration file is missing")
|
|
|
|
local conf_ = json.decode(conf_file:read("*all"))
|
|
|
|
conf_file:close()
|
|
|
|
|
2023-07-11 22:41:09 +02:00
|
|
|
local cookie_secret_path = conf_["cookie_secret_file"] or "/etc/yunohost/.ssowat_cookie_secret"
|
2021-12-26 17:01:56 +01:00
|
|
|
local cookie_secret_file = assert(io.open(cookie_secret_path, "r"), "Cookie secret file is missing")
|
|
|
|
local cookie_secret = cookie_secret_file:read("*all")
|
|
|
|
cookie_secret_file:close()
|
|
|
|
|
|
|
|
return cookie_secret
|
|
|
|
end
|
|
|
|
|
2020-09-02 12:57:16 +02:00
|
|
|
function compare_attributes(file_attributes1, file_attributes2)
|
|
|
|
if file_attributes1 == nil and file_attributes2 == nil then
|
|
|
|
return true
|
|
|
|
elseif file_attributes1 == nil and file_attributes2 ~= nil or file_attributes1 ~= nil and file_attributes2 == nil then
|
|
|
|
return false
|
|
|
|
end
|
|
|
|
return file_attributes1["modification"] == file_attributes2["modification"] and file_attributes1["size"] == file_attributes2["size"]
|
|
|
|
end
|
|
|
|
|
2016-04-30 12:40:59 +02:00
|
|
|
function get_config()
|
2015-02-12 12:08:52 +01:00
|
|
|
|
2020-09-02 12:57:16 +02:00
|
|
|
-- Get config files attributes (timestamp modification and size)
|
|
|
|
local new_config_attributes = lfs.attributes(conf_path, {"modification", "size"})
|
|
|
|
local new_config_persistent_attributes = lfs.attributes(conf_path..".persistent", {"modification", "size"})
|
|
|
|
|
|
|
|
if compare_attributes(new_config_attributes, config_attributes) and compare_attributes(new_config_persistent_attributes, config_persistent_attributes) then
|
|
|
|
return conf
|
|
|
|
-- If the file is being written, its size may be 0 and reloading fails, return the last valid config
|
|
|
|
elseif new_config_attributes == nil or new_config_attributes["size"] == 0 then
|
|
|
|
return conf
|
2020-07-27 15:44:58 +02:00
|
|
|
end
|
2015-02-12 12:08:52 +01:00
|
|
|
|
2020-09-02 12:57:16 +02:00
|
|
|
-- If the timestamp of the modification or the size is different, reload the configuration.
|
|
|
|
config_attributes = new_config_attributes
|
|
|
|
config_persistent_attributes = new_config_persistent_attributes
|
|
|
|
|
|
|
|
local conf_file = assert(io.open(conf_path, "r"), "Configuration file is missing")
|
|
|
|
conf = json.decode(conf_file:read("*all"))
|
|
|
|
conf_file:close()
|
|
|
|
|
2015-02-12 12:08:52 +01:00
|
|
|
-- Load additional rules from the `.persistent` configuration file.
|
|
|
|
-- The `.persistent` file contains rules that will overwrite previous rules.
|
|
|
|
-- It typically enables you to set custom rules.
|
|
|
|
local persistent_conf_file = io.open(conf_path..".persistent", "r")
|
|
|
|
if persistent_conf_file ~= nil then
|
2020-03-29 19:39:25 +02:00
|
|
|
perm_conf = json.decode(persistent_conf_file:read("*all"))
|
|
|
|
persistent_conf_file:close()
|
|
|
|
for k, v in pairs(perm_conf) do
|
2015-02-12 12:08:52 +01:00
|
|
|
|
2020-09-02 12:57:16 +02:00
|
|
|
-- If the configuration key already exists and is a table, merge it
|
|
|
|
if conf[k] and type(v) == "table" then
|
|
|
|
for subk, subv in pairs(v) do
|
|
|
|
if type(subk) == "number" then
|
|
|
|
table.insert(conf[k], subv)
|
|
|
|
else
|
|
|
|
conf[k][subk] = subv
|
|
|
|
end
|
|
|
|
end
|
2015-02-02 00:05:09 +01:00
|
|
|
|
2015-02-12 12:08:52 +01:00
|
|
|
-- Else just take the persistent rule's value
|
|
|
|
else
|
2020-09-02 12:57:16 +02:00
|
|
|
conf[k] = v
|
2017-09-16 18:49:37 +02:00
|
|
|
end
|
2015-02-12 12:08:52 +01:00
|
|
|
end
|
|
|
|
end
|
2015-02-02 00:05:09 +01:00
|
|
|
|
|
|
|
|
2015-02-12 12:08:52 +01:00
|
|
|
-- Default configuration values
|
|
|
|
default_conf = {
|
2017-09-16 18:49:37 +02:00
|
|
|
portal_path = "/ssowat/",
|
2015-02-12 12:08:52 +01:00
|
|
|
local_portal_domain = "yunohost.local",
|
|
|
|
domains = { conf["portal_domain"], "yunohost.local" },
|
2020-09-20 17:57:23 +02:00
|
|
|
logging = "fatal", -- Only log fatal messages by default (so apriori nothing)
|
|
|
|
permissions = {}
|
2015-02-12 12:08:52 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
-- Load default values unless they are set in the configuration file.
|
|
|
|
for param, default_value in pairs(default_conf) do
|
|
|
|
conf[param] = conf[param] or default_value
|
|
|
|
end
|
2015-02-02 00:05:09 +01:00
|
|
|
|
|
|
|
|
2015-02-12 12:08:52 +01:00
|
|
|
-- If you access the SSO by a local domain, change the portal domain to
|
|
|
|
-- avoid unwanted redirections.
|
|
|
|
if ngx.var.host == conf["local_portal_domain"] then
|
|
|
|
conf["portal_domain"] = conf["local_portal_domain"]
|
2015-02-02 00:05:09 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
2015-02-12 12:08:52 +01:00
|
|
|
-- Build portal full URL out of the configuration values
|
2021-12-26 17:01:56 +01:00
|
|
|
conf.portal_url = "https://"..
|
2015-02-12 12:08:52 +01:00
|
|
|
conf["portal_domain"]..
|
|
|
|
conf["portal_path"]
|
2015-02-02 00:05:09 +01:00
|
|
|
|
|
|
|
|
2015-02-12 12:08:52 +01:00
|
|
|
-- Always skip the portal to avoid redirection looping.
|
2020-05-21 21:51:55 +02:00
|
|
|
table.insert(conf["permissions"]["core_skipped"]["uris"], conf["portal_domain"]..conf["portal_path"])
|
2015-02-02 00:05:09 +01:00
|
|
|
|
2015-02-12 12:08:52 +01:00
|
|
|
return conf
|
|
|
|
end
|