You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

509 lines
11 KiB

  1. #!/bin/bash
  2. exname=$(basename $0)
  3. compose_core=$(which compose-core) || {
  4. echo "Requires compose-core executable to be in \$PATH." >&2
  5. exit 1
  6. }
  7. fetch-def() {
  8. local path="$1" fname="$2"
  9. ( . "$path" 1>&2 || {
  10. echo "Failed to load '$path'." >&2
  11. exit 1
  12. }
  13. declare -f "$fname"
  14. )
  15. }
  16. prefix_cmd="
  17. . /etc/shlib
  18. include common
  19. include parse
  20. . ../lib/common
  21. $(fetch-def "$compose_core" yaml_get_values)
  22. $(fetch-def "$compose_core" yaml_get_interpret)
  23. " || {
  24. echo "Couldn't build prefix cmd" >&2
  25. exit 1
  26. }
  27. # mock
  28. relation-get() {
  29. local key="$1"
  30. echo "$CFG" | shyaml get-value "$key" 2>/dev/null
  31. }
  32. export -f relation-get
  33. cfg-get-value() {
  34. local key="$1"
  35. shyaml get-value "$key" 2>/dev/null
  36. }
  37. export -f cfg-get-value
  38. get_service_relations() {
  39. printf "%s\0" "${RELATIONS[@]}"
  40. }
  41. export -f get_service_relations
  42. export state_tmpdir=$(mktemp -d -t tmp.XXXXXXXXXX)
  43. trap "rm -rf \"$state_tmpdir\"" EXIT
  44. ##
  45. ## Tests
  46. ##
  47. try "
  48. apache_vhost_statement publish_dir ,http, '\
  49. ' www.example.com"
  50. noerror
  51. is out '<VirtualHost *:80>
  52. ServerAdmin contact@www.example.com
  53. ServerName www.example.com
  54. ServerSignature Off
  55. CustomLog /var/log/apache2/www.example.com_access.log combined
  56. ErrorLog /var/log/apache2/www.example.com_error.log
  57. ErrorLog syslog:local2
  58. ##
  59. ## Publish directory /var/www/www.example.com
  60. ##
  61. DocumentRoot /var/www/www.example.com
  62. <Directory />
  63. Options FollowSymLinks
  64. AllowOverride None
  65. </Directory>
  66. <Directory /var/www/www.example.com>
  67. Options Indexes FollowSymLinks MultiViews
  68. AllowOverride all
  69. Allow from all
  70. </Directory>
  71. ## Forbid any cache, this is only usefull on dev server.
  72. #Header set Cache-Control "no-cache"
  73. #Header set Access-Control-Allow-Origin "*"
  74. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  75. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  76. </VirtualHost>' RTRIM
  77. ##
  78. ## Aliases
  79. ##
  80. try "
  81. apache_vhost_statement publish_dir ,http, '' 'www.example.com toto'"
  82. noerror
  83. is out reg 'ServerAlias toto'
  84. try "
  85. apache_vhost_statement publish_dir ,http, '' 'www.example.com toto titi'"
  86. noerror
  87. is out reg 'ServerAlias toto'
  88. is out reg 'ServerAlias titi'
  89. ##
  90. ## Creds
  91. ##
  92. try "
  93. apache_vhost_statement publish_dir ,http, '' www.example.com
  94. " "credentials allow all"
  95. noerror
  96. is out reg 'Allow from all'
  97. try "
  98. apache_vhost_statement publish_dir ,http, '
  99. creds:
  100. toto: xxx
  101. titi: yyy
  102. ' www.example.com
  103. " "credentials with basic auth user/pass"
  104. noerror
  105. is out reg 'AuthType basic'
  106. is out reg 'Require valid-user'
  107. ##
  108. ## proxy
  109. ##
  110. try "
  111. apache_vhost_statement web_proxy ,http, '
  112. target: popo:3333
  113. creds:
  114. toto: titi
  115. ' www.example.com
  116. " "proxy explicit target"
  117. noerror
  118. is out reg 'ProxyPass / http://popo:3333/'
  119. is out part '
  120. <Location / >
  121. AuthType basic
  122. AuthName "private"
  123. AuthUserFile /etc/apache2/sites-enabled/www.example.com.passwd
  124. Require valid-user
  125. ProxyPassReverse http://popo:3333/
  126. </Location>
  127. '
  128. try "
  129. apache_vhost_statement web_proxy ,http, '
  130. target: popo:3333
  131. apache-proxy-pass-options: nocanon
  132. ' www.example.com
  133. " "proxy proxy-pass options"
  134. noerror
  135. is out reg 'ProxyPass / http://popo:3333/ nocanon'
  136. ##
  137. ## ssl
  138. ##
  139. try "
  140. apache_vhost_statement web_proxy ,https, '
  141. ssl: true
  142. target: popo:3333
  143. ' www.example.com
  144. " "ssl default generation (ssl-cert-snakeoil)"
  145. noerror
  146. is out reg 'VirtualHost \*:443'
  147. is out reg '<IfModule mod_ssl.c>'
  148. is out reg 'SSLEngine On'
  149. is out reg 'SSLProxyEngine On'
  150. is out reg 'ssl-cert-snakeoil'
  151. is out reg 'CustomLog /var/log/apache2/s-www.example.com_access.log combined'
  152. try "
  153. RELATIONS=()
  154. apache_vhost_statement web_proxy ,https, '
  155. ssl:
  156. ca-cert: a
  157. key: b
  158. cert: c
  159. target: popo:3333
  160. ' www.example.com
  161. " "ssl providing keys inline"
  162. noerror
  163. is out reg 'SSLCertificateFile /etc/ssl/certs/www.example.com.pem'
  164. is out reg 'SSLCertificateKeyFile /etc/ssl/private/www.example.com.key'
  165. is out reg 'SSLCACertificateFile /etc/ssl/certs/www.example.com-ca.pem'
  166. ##
  167. ## CustomRules
  168. ##
  169. try "
  170. apache_vhost_statement web_proxy ,https, '
  171. ssl:
  172. ca-cert: a
  173. key: b
  174. cert: c
  175. apache-custom-rules: |
  176. RewriteEngine On
  177. RewriteCond %{QUERY_STRING} !skin=formanoo
  178. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  179. target: popo:3333
  180. ' www.example.com
  181. " "custom rules"
  182. noerror
  183. is out reg 'RewriteEngine On'
  184. ##
  185. ## double def
  186. ##
  187. try "
  188. apache_vhost_statement web_proxy ,https,http, '
  189. ssl:
  190. ca-cert: a
  191. key: b
  192. cert: c
  193. apache-custom-rules: |
  194. RewriteEngine On
  195. RewriteCond %{QUERY_STRING} !skin=formanoo
  196. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  197. target: popo:3333
  198. ' www.example.com
  199. " "both http and https"
  200. noerror
  201. is out '<VirtualHost *:80>
  202. ServerAdmin contact@www.example.com
  203. ServerName www.example.com
  204. ServerSignature Off
  205. CustomLog /var/log/apache2/www.example.com_access.log combined
  206. ErrorLog /var/log/apache2/www.example.com_error.log
  207. ErrorLog syslog:local2
  208. ##
  209. ## Custom rules
  210. ##
  211. RewriteEngine On
  212. RewriteCond %{QUERY_STRING} !skin=formanoo
  213. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  214. ##
  215. ## Proxy declaration towards popo:3333
  216. ##
  217. <IfModule mod_proxy.c>
  218. ProxyRequests Off
  219. <Proxy *>
  220. Order deny,allow
  221. Allow from all
  222. </Proxy>
  223. ProxyVia On
  224. ProxyPass / http://popo:3333/ retry=0
  225. <Location / >
  226. Allow from all
  227. ProxyPassReverse http://popo:3333/
  228. </Location>
  229. </IfModule>
  230. SetEnvIf X-Forwarded-Proto "^$" forwarded_proto_not_set=true
  231. RequestHeader set "X-Forwarded-Proto" "http" env=forwarded_proto_not_set
  232. ## Fix IE problem (httpapache proxy dav error 408/409)
  233. SetEnv proxy-nokeepalive 1
  234. ## Forbid any cache, this is only usefull on dev server.
  235. #Header set Cache-Control "no-cache"
  236. #Header set Access-Control-Allow-Origin "*"
  237. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  238. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  239. </VirtualHost>
  240. <IfModule mod_ssl.c>
  241. <VirtualHost *:443>
  242. ServerAdmin contact@www.example.com
  243. ServerName www.example.com
  244. ServerSignature Off
  245. CustomLog /var/log/apache2/s-www.example.com_access.log combined
  246. ErrorLog /var/log/apache2/s-www.example.com_error.log
  247. ErrorLog syslog:local2
  248. ##
  249. ## Custom rules
  250. ##
  251. RewriteEngine On
  252. RewriteCond %{QUERY_STRING} !skin=formanoo
  253. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  254. ##
  255. ## Proxy declaration towards popo:3333
  256. ##
  257. <IfModule mod_proxy.c>
  258. ProxyRequests Off
  259. <Proxy *>
  260. Order deny,allow
  261. Allow from all
  262. </Proxy>
  263. ProxyVia On
  264. ProxyPass / http://popo:3333/ retry=0
  265. <Location / >
  266. Allow from all
  267. ProxyPassReverse http://popo:3333/
  268. </Location>
  269. SSLProxyEngine On
  270. </IfModule>
  271. SetEnvIf X-Forwarded-Proto "^$" forwarded_proto_not_set=true
  272. RequestHeader set "X-Forwarded-Proto" "https" env=forwarded_proto_not_set
  273. ## Fix IE problem (httpapache proxy dav error 408/409)
  274. SetEnv proxy-nokeepalive 1
  275. ## Forbid any cache, this is only usefull on dev server.
  276. #Header set Cache-Control "no-cache"
  277. #Header set Access-Control-Allow-Origin "*"
  278. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  279. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  280. ##
  281. ## SSL Configuration
  282. ##
  283. SSLEngine On
  284. SSLCertificateFile /etc/ssl/certs/www.example.com.pem
  285. SSLCertificateKeyFile /etc/ssl/private/www.example.com.key
  286. SSLCACertificateFile /etc/ssl/certs/www.example.com-ca.pem
  287. SSLVerifyClient None
  288. </VirtualHost>
  289. </IfModule>' RTRIM
  290. ##
  291. ## single def no domain
  292. ##
  293. try "
  294. apache_vhost_statement publish_dir ,http, '
  295. apache-custom-rules: |
  296. RewriteEngine On
  297. RewriteCond %{QUERY_STRING} !skin=formanoo
  298. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  299. target: popo:3333
  300. ' ""
  301. " "http without domain"
  302. noerror
  303. is out '<VirtualHost *:80>
  304. ServerAdmin webmaster@localhost
  305. ServerSignature Off
  306. CustomLog /var/log/apache2/access.log combined
  307. ErrorLog /var/log/apache2/error.log
  308. ErrorLog syslog:local2
  309. ##
  310. ## Custom rules
  311. ##
  312. RewriteEngine On
  313. RewriteCond %{QUERY_STRING} !skin=formanoo
  314. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  315. ##
  316. ## Publish directory /var/www/html
  317. ##
  318. DocumentRoot /var/www/html
  319. <Directory />
  320. Options FollowSymLinks
  321. AllowOverride None
  322. </Directory>
  323. <Directory /var/www/html>
  324. Options Indexes FollowSymLinks MultiViews
  325. AllowOverride all
  326. Allow from all
  327. </Directory>
  328. ## Forbid any cache, this is only usefull on dev server.
  329. #Header set Cache-Control "no-cache"
  330. #Header set Access-Control-Allow-Origin "*"
  331. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  332. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  333. </VirtualHost>' RTRIM
  334. try "
  335. apache_vhost_statement ssh_tunnel ,https, '
  336. ssl: true
  337. apache-custom-rules: |
  338. RewriteEngine On
  339. RewriteCond %{QUERY_STRING} !skin=formanoo
  340. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  341. target: popo:3333
  342. ' 'ssh.example.com'
  343. " "ssh tunnel"
  344. noerror
  345. is out '
  346. <IfModule mod_ssl.c>
  347. <VirtualHost *:443>
  348. ServerAdmin contact@ssh.example.com
  349. ServerName ssh.example.com
  350. ServerSignature Off
  351. CustomLog /var/log/apache2/s-ssh.example.com_access.log combined
  352. ErrorLog /var/log/apache2/s-ssh.example.com_error.log
  353. ErrorLog syslog:local2
  354. ##
  355. ## Custom rules
  356. ##
  357. RewriteEngine On
  358. RewriteCond %{QUERY_STRING} !skin=formanoo
  359. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  360. ##
  361. ## SSH Tunnel
  362. ##
  363. #HostnameLookups On
  364. ProxyRequests On
  365. AllowConnect 22
  366. #ProxyVia on
  367. ### Deny everything by default
  368. <Proxy *>
  369. Order deny,allow
  370. Deny from all
  371. </proxy>
  372. ### Accept redirect only to same domain
  373. <Proxy ssh.example.com>
  374. Order deny,allow
  375. Allow from all
  376. </Proxy>
  377. ## Forbid any cache, this is only usefull on dev server.
  378. #Header set Cache-Control "no-cache"
  379. #Header set Access-Control-Allow-Origin "*"
  380. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  381. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  382. ##
  383. ## SSL Configuration
  384. ##
  385. SSLEngine On
  386. SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
  387. SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
  388. SSLVerifyClient None
  389. </VirtualHost>
  390. </IfModule>' RTRIM