You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

516 lines
11 KiB

  1. #!/bin/bash
  2. exname=$(basename $0)
  3. compose_core=$(which compose-core) || {
  4. echo "Requires compose-core executable to be in \$PATH." >&2
  5. exit 1
  6. }
  7. fetch-def() {
  8. local path="$1" fname="$2"
  9. ( . "$path" 1>&2 || {
  10. echo "Failed to load '$path'." >&2
  11. exit 1
  12. }
  13. declare -f "$fname"
  14. )
  15. }
  16. prefix_cmd="
  17. . /etc/shlib
  18. include common
  19. include parse
  20. . ../lib/common
  21. $(fetch-def "$compose_core" yaml_get_values)
  22. $(fetch-def "$compose_core" yaml_get_interpret)
  23. " || {
  24. echo "Couldn't build prefix cmd" >&2
  25. exit 1
  26. }
  27. # mock
  28. relation-get() {
  29. local key="$1"
  30. echo "$CFG" | shyaml get-value "$key" 2>/dev/null
  31. }
  32. export -f relation-get
  33. cfg-get-value() {
  34. local key="$1"
  35. shyaml get-value "$key" 2>/dev/null
  36. }
  37. export -f cfg-get-value
  38. get_service_relations() {
  39. printf "%s\0" "${RELATIONS[@]}"
  40. }
  41. export -f get_service_relations
  42. export state_tmpdir=$(mktemp -d -t tmp.XXXXXXXXXX)
  43. trap "rm -rf \"$state_tmpdir\"" EXIT
  44. ##
  45. ## Tests
  46. ##
  47. try "
  48. apache_vhost_statement publish_dir ,http, '\
  49. ' www.example.com"
  50. noerror
  51. is out '<VirtualHost *:80>
  52. ServerAdmin contact@www.example.com
  53. ServerName www.example.com
  54. ServerSignature Off
  55. CustomLog /var/log/apache2/www.example.com_access.log combined
  56. ErrorLog /var/log/apache2/www.example.com_error.log
  57. ErrorLog syslog:local2
  58. ##
  59. ## Publish directory /var/www/www.example.com
  60. ##
  61. DocumentRoot /var/www/www.example.com
  62. <Directory />
  63. Options FollowSymLinks
  64. AllowOverride None
  65. </Directory>
  66. <Directory /var/www/www.example.com>
  67. Options Indexes FollowSymLinks MultiViews
  68. AllowOverride all
  69. Allow from all
  70. </Directory>
  71. ## Forbid any cache, this is only usefull on dev server.
  72. #Header set Cache-Control "no-cache"
  73. #Header set Access-Control-Allow-Origin "*"
  74. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  75. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  76. </VirtualHost>' RTRIM
  77. ##
  78. ## Aliases
  79. ##
  80. try "
  81. apache_vhost_statement publish_dir ,http, '
  82. server-aliases:
  83. - toto
  84. ' www.example.com"
  85. noerror
  86. is out reg 'ServerAlias toto'
  87. try "
  88. apache_vhost_statement publish_dir ,http, '
  89. server-aliases:
  90. - toto
  91. - titi
  92. ' www.example.com"
  93. noerror
  94. is out reg 'ServerAlias toto'
  95. is out reg 'ServerAlias titi'
  96. ##
  97. ## Creds
  98. ##
  99. try "
  100. apache_vhost_statement publish_dir ,http, '' www.example.com
  101. " "credentials allow all"
  102. noerror
  103. is out reg 'Allow from all'
  104. try "
  105. apache_vhost_statement publish_dir ,http, '
  106. creds:
  107. toto: xxx
  108. titi: yyy
  109. ' www.example.com
  110. " "credentials with basic auth user/pass"
  111. noerror
  112. is out reg 'AuthType basic'
  113. is out reg 'Require valid-user'
  114. ##
  115. ## proxy
  116. ##
  117. try "
  118. apache_vhost_statement web_proxy ,http, '
  119. target: popo:3333
  120. creds:
  121. toto: titi
  122. ' www.example.com
  123. " "proxy explicit target"
  124. noerror
  125. is out reg 'ProxyPass / http://popo:3333/'
  126. is out part '
  127. <Location / >
  128. AuthType basic
  129. AuthName "private"
  130. AuthUserFile /etc/apache2/sites-enabled/www.example.com.passwd
  131. Require valid-user
  132. ProxyPassReverse http://popo:3333/
  133. </Location>
  134. '
  135. try "
  136. apache_vhost_statement web_proxy ,http, '
  137. target: popo:3333
  138. apache-proxy-pass-options: nocanon
  139. ' www.example.com
  140. " "proxy proxy-pass options"
  141. noerror
  142. is out reg 'ProxyPass / http://popo:3333/ nocanon'
  143. ##
  144. ## ssl
  145. ##
  146. try "
  147. apache_vhost_statement web_proxy ,https, '
  148. ssl: true
  149. target: popo:3333
  150. ' www.example.com
  151. " "ssl default generation (ssl-cert-snakeoil)"
  152. noerror
  153. is out reg 'VirtualHost \*:443'
  154. is out reg '<IfModule mod_ssl.c>'
  155. is out reg 'SSLEngine On'
  156. is out reg 'SSLProxyEngine On'
  157. is out reg 'ssl-cert-snakeoil'
  158. is out reg 'CustomLog /var/log/apache2/s-www.example.com_access.log combined'
  159. try "
  160. RELATIONS=()
  161. apache_vhost_statement web_proxy ,https, '
  162. ssl:
  163. ca-cert: a
  164. key: b
  165. cert: c
  166. target: popo:3333
  167. ' www.example.com
  168. " "ssl providing keys inline"
  169. noerror
  170. is out reg 'SSLCertificateFile /etc/ssl/certs/www.example.com.pem'
  171. is out reg 'SSLCertificateKeyFile /etc/ssl/private/www.example.com.key'
  172. is out reg 'SSLCACertificateFile /etc/ssl/certs/www.example.com-ca.pem'
  173. ##
  174. ## CustomRules
  175. ##
  176. try "
  177. apache_vhost_statement web_proxy ,https, '
  178. ssl:
  179. ca-cert: a
  180. key: b
  181. cert: c
  182. apache-custom-rules: |
  183. RewriteEngine On
  184. RewriteCond %{QUERY_STRING} !skin=formanoo
  185. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  186. target: popo:3333
  187. ' www.example.com
  188. " "custom rules"
  189. noerror
  190. is out reg 'RewriteEngine On'
  191. ##
  192. ## double def
  193. ##
  194. try "
  195. apache_vhost_statement web_proxy ,https,http, '
  196. ssl:
  197. ca-cert: a
  198. key: b
  199. cert: c
  200. apache-custom-rules: |
  201. RewriteEngine On
  202. RewriteCond %{QUERY_STRING} !skin=formanoo
  203. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  204. target: popo:3333
  205. ' www.example.com
  206. " "both http and https"
  207. noerror
  208. is out '<VirtualHost *:80>
  209. ServerAdmin contact@www.example.com
  210. ServerName www.example.com
  211. ServerSignature Off
  212. CustomLog /var/log/apache2/www.example.com_access.log combined
  213. ErrorLog /var/log/apache2/www.example.com_error.log
  214. ErrorLog syslog:local2
  215. ##
  216. ## Custom rules
  217. ##
  218. RewriteEngine On
  219. RewriteCond %{QUERY_STRING} !skin=formanoo
  220. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  221. ##
  222. ## Proxy declaration towards popo:3333
  223. ##
  224. <IfModule mod_proxy.c>
  225. ProxyRequests Off
  226. <Proxy *>
  227. Order deny,allow
  228. Allow from all
  229. </Proxy>
  230. ProxyVia On
  231. ProxyPass / http://popo:3333/ retry=0
  232. <Location / >
  233. Allow from all
  234. ProxyPassReverse http://popo:3333/
  235. </Location>
  236. </IfModule>
  237. SetEnvIf X-Forwarded-Proto "^$" forwarded_proto_not_set=true
  238. RequestHeader set "X-Forwarded-Proto" "http" env=forwarded_proto_not_set
  239. ## Fix IE problem (httpapache proxy dav error 408/409)
  240. SetEnv proxy-nokeepalive 1
  241. ## Forbid any cache, this is only usefull on dev server.
  242. #Header set Cache-Control "no-cache"
  243. #Header set Access-Control-Allow-Origin "*"
  244. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  245. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  246. </VirtualHost>
  247. <IfModule mod_ssl.c>
  248. <VirtualHost *:443>
  249. ServerAdmin contact@www.example.com
  250. ServerName www.example.com
  251. ServerSignature Off
  252. CustomLog /var/log/apache2/s-www.example.com_access.log combined
  253. ErrorLog /var/log/apache2/s-www.example.com_error.log
  254. ErrorLog syslog:local2
  255. ##
  256. ## Custom rules
  257. ##
  258. RewriteEngine On
  259. RewriteCond %{QUERY_STRING} !skin=formanoo
  260. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  261. ##
  262. ## Proxy declaration towards popo:3333
  263. ##
  264. <IfModule mod_proxy.c>
  265. ProxyRequests Off
  266. <Proxy *>
  267. Order deny,allow
  268. Allow from all
  269. </Proxy>
  270. ProxyVia On
  271. ProxyPass / http://popo:3333/ retry=0
  272. <Location / >
  273. Allow from all
  274. ProxyPassReverse http://popo:3333/
  275. </Location>
  276. SSLProxyEngine On
  277. </IfModule>
  278. SetEnvIf X-Forwarded-Proto "^$" forwarded_proto_not_set=true
  279. RequestHeader set "X-Forwarded-Proto" "https" env=forwarded_proto_not_set
  280. ## Fix IE problem (httpapache proxy dav error 408/409)
  281. SetEnv proxy-nokeepalive 1
  282. ## Forbid any cache, this is only usefull on dev server.
  283. #Header set Cache-Control "no-cache"
  284. #Header set Access-Control-Allow-Origin "*"
  285. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  286. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  287. ##
  288. ## SSL Configuration
  289. ##
  290. SSLEngine On
  291. SSLCertificateFile /etc/ssl/certs/www.example.com.pem
  292. SSLCertificateKeyFile /etc/ssl/private/www.example.com.key
  293. SSLCACertificateFile /etc/ssl/certs/www.example.com-ca.pem
  294. SSLVerifyClient None
  295. </VirtualHost>
  296. </IfModule>' RTRIM
  297. ##
  298. ## single def no domain
  299. ##
  300. try "
  301. apache_vhost_statement publish_dir ,http, '
  302. apache-custom-rules: |
  303. RewriteEngine On
  304. RewriteCond %{QUERY_STRING} !skin=formanoo
  305. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  306. target: popo:3333
  307. ' ""
  308. " "http without domain"
  309. noerror
  310. is out '<VirtualHost *:80>
  311. ServerAdmin webmaster@localhost
  312. ServerSignature Off
  313. CustomLog /var/log/apache2/access.log combined
  314. ErrorLog /var/log/apache2/error.log
  315. ErrorLog syslog:local2
  316. ##
  317. ## Custom rules
  318. ##
  319. RewriteEngine On
  320. RewriteCond %{QUERY_STRING} !skin=formanoo
  321. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  322. ##
  323. ## Publish directory /var/www/html
  324. ##
  325. DocumentRoot /var/www/html
  326. <Directory />
  327. Options FollowSymLinks
  328. AllowOverride None
  329. </Directory>
  330. <Directory /var/www/html>
  331. Options Indexes FollowSymLinks MultiViews
  332. AllowOverride all
  333. Allow from all
  334. </Directory>
  335. ## Forbid any cache, this is only usefull on dev server.
  336. #Header set Cache-Control "no-cache"
  337. #Header set Access-Control-Allow-Origin "*"
  338. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  339. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  340. </VirtualHost>' RTRIM
  341. try "
  342. apache_vhost_statement ssh_tunnel ,https, '
  343. ssl: true
  344. apache-custom-rules: |
  345. RewriteEngine On
  346. RewriteCond %{QUERY_STRING} !skin=formanoo
  347. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  348. target: popo:3333
  349. ' 'ssh.example.com'
  350. " "ssh tunnel"
  351. noerror
  352. is out '
  353. <IfModule mod_ssl.c>
  354. <VirtualHost *:443>
  355. ServerAdmin contact@ssh.example.com
  356. ServerName ssh.example.com
  357. ServerSignature Off
  358. CustomLog /var/log/apache2/s-ssh.example.com_access.log combined
  359. ErrorLog /var/log/apache2/s-ssh.example.com_error.log
  360. ErrorLog syslog:local2
  361. ##
  362. ## Custom rules
  363. ##
  364. RewriteEngine On
  365. RewriteCond %{QUERY_STRING} !skin=formanoo
  366. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  367. ##
  368. ## SSH Tunnel
  369. ##
  370. #HostnameLookups On
  371. ProxyRequests On
  372. AllowConnect 22
  373. #ProxyVia on
  374. ### Deny everything by default
  375. <Proxy *>
  376. Order deny,allow
  377. Deny from all
  378. </proxy>
  379. ### Accept redirect only to same domain
  380. <Proxy ssh.example.com>
  381. Order deny,allow
  382. Allow from all
  383. </Proxy>
  384. ## Forbid any cache, this is only usefull on dev server.
  385. #Header set Cache-Control "no-cache"
  386. #Header set Access-Control-Allow-Origin "*"
  387. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  388. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  389. ##
  390. ## SSL Configuration
  391. ##
  392. SSLEngine On
  393. SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
  394. SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
  395. SSLVerifyClient None
  396. </VirtualHost>
  397. </IfModule>' RTRIM