514 lines
11 KiB

  1. #!/bin/bash
  2. exname=$(basename $0)
  3. compose_core=$(which compose-core) || {
  4. echo "Requires compose-core executable to be in \$PATH." >&2
  5. exit 1
  6. }
  7. fetch-def() {
  8. local path="$1" fname="$2"
  9. ( . "$path" 1>&2 || {
  10. echo "Failed to load '$path'." >&2
  11. exit 1
  12. }
  13. declare -f "$fname"
  14. )
  15. }
  16. prefix_cmd="
  17. . /etc/shlib
  18. include common
  19. include parse
  20. . ../lib/common
  21. $(fetch-def "$compose_core" yaml_get_values)
  22. $(fetch-def "$compose_core" yaml_get_interpret)
  23. " || {
  24. echo "Couldn't build prefix cmd" >&2
  25. exit 1
  26. }
  27. # mock
  28. relation-get() {
  29. local key="$1"
  30. echo "$CFG" | shyaml get-value "$key" 2>/dev/null
  31. }
  32. export -f relation-get
  33. cfg-get-value() {
  34. local key="$1"
  35. shyaml get-value "$key" 2>/dev/null
  36. }
  37. export -f cfg-get-value
  38. get_service_relations() {
  39. printf "%s\0" "${RELATIONS[@]}"
  40. }
  41. export -f get_service_relations
  42. export state_tmpdir=$(mktemp -d -t tmp.XXXXXXXXXX)
  43. trap "rm -rf \"$state_tmpdir\"" EXIT
  44. ##
  45. ## Tests
  46. ##
  47. try "
  48. apache_vhost_statement publish_dir ,http, '\
  49. ' www.example.com"
  50. noerror
  51. is out '<VirtualHost *:80>
  52. ServerAdmin contact@www.example.com
  53. ServerName www.example.com
  54. ServerSignature Off
  55. CustomLog /var/log/apache2/www.example.com_access.log combined
  56. ErrorLog /var/log/apache2/www.example.com_error.log
  57. ErrorLog syslog:local2
  58. ##
  59. ## Publish directory /var/www/www.example.com
  60. ##
  61. DocumentRoot /var/www/www.example.com
  62. <Directory />
  63. Options FollowSymLinks
  64. AllowOverride None
  65. </Directory>
  66. <Directory /var/www/www.example.com>
  67. Options Indexes FollowSymLinks MultiViews
  68. AllowOverride all
  69. Allow from all
  70. </Directory>
  71. ## Forbid any cache, this is only usefull on dev server.
  72. #Header set Cache-Control "no-cache"
  73. #Header set Access-Control-Allow-Origin "*"
  74. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  75. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  76. </VirtualHost>' RTRIM
  77. ##
  78. ## Aliases
  79. ##
  80. try "
  81. apache_vhost_statement publish_dir ,http, '
  82. server-aliases:
  83. - toto
  84. ' www.example.com"
  85. noerror
  86. is out reg 'ServerAlias toto'
  87. try "
  88. apache_vhost_statement publish_dir ,http, '
  89. server-aliases:
  90. - toto
  91. - titi
  92. ' www.example.com"
  93. noerror
  94. is out reg 'ServerAlias toto'
  95. is out reg 'ServerAlias titi'
  96. ##
  97. ## Creds
  98. ##
  99. try "
  100. apache_vhost_statement publish_dir ,http, '' www.example.com
  101. " "credentials allow all"
  102. noerror
  103. is out reg 'Allow from all'
  104. try "
  105. apache_vhost_statement publish_dir ,http, '
  106. creds:
  107. toto: xxx
  108. titi: yyy
  109. ' www.example.com
  110. " "credentials with basic auth user/pass"
  111. noerror
  112. is out reg 'AuthType basic'
  113. is out reg 'Require valid-user'
  114. ##
  115. ## proxy
  116. ##
  117. try "
  118. apache_vhost_statement web_proxy ,http, '
  119. target: popo:3333
  120. creds:
  121. toto: titi
  122. ' www.example.com
  123. " "proxy explicit target"
  124. noerror
  125. is out reg 'ProxyPass / http://popo:3333/'
  126. is out part '
  127. <Location / >
  128. AuthType basic
  129. AuthName "private"
  130. AuthUserFile /etc/apache2/sites-enabled/www.example.com.passwd
  131. Require valid-user
  132. ProxyPassReverse http://popo:3333/
  133. </Location>
  134. '
  135. try "
  136. apache_vhost_statement web_proxy ,http, '
  137. target: popo:3333
  138. apache-proxy-pass-options: nocanon
  139. ' www.example.com
  140. " "proxy proxy-pass options"
  141. noerror
  142. is out reg 'ProxyPass / http://popo:3333/ nocanon'
  143. ##
  144. ## ssl
  145. ##
  146. try "
  147. apache_vhost_statement web_proxy ,https, '
  148. ssl: true
  149. target: popo:3333
  150. ' www.example.com
  151. " "ssl default generation (ssl-cert-snakeoil)"
  152. noerror
  153. is out reg 'VirtualHost \*:443'
  154. is out reg '<IfModule mod_ssl.c>'
  155. is out reg 'SSLEngine On'
  156. is out reg 'SSLProxyEngine On'
  157. is out reg 'ssl-cert-snakeoil'
  158. is out reg 'CustomLog /var/log/apache2/s-www.example.com_access.log combined'
  159. try "
  160. RELATIONS=()
  161. apache_vhost_statement web_proxy ,https, '
  162. ssl:
  163. ca-cert: a
  164. key: b
  165. cert: c
  166. target: popo:3333
  167. ' www.example.com
  168. " "ssl providing keys inline"
  169. noerror
  170. is out reg 'SSLCertificateFile /etc/ssl/certs/www.example.com.pem'
  171. is out reg 'SSLCertificateKeyFile /etc/ssl/private/www.example.com.key'
  172. is out reg 'SSLCACertificateFile /etc/ssl/certs/www.example.com-ca.pem'
  173. ##
  174. ## CustomRules
  175. ##
  176. try "
  177. apache_vhost_statement web_proxy ,https, '
  178. ssl:
  179. ca-cert: a
  180. key: b
  181. cert: c
  182. apache-custom-rules: |
  183. RewriteEngine On
  184. RewriteCond %{QUERY_STRING} !skin=formanoo
  185. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  186. target: popo:3333
  187. ' www.example.com
  188. " "custom rules"
  189. noerror
  190. is out reg 'RewriteEngine On'
  191. ##
  192. ## double def
  193. ##
  194. try "
  195. apache_vhost_statement web_proxy ,https,http, '
  196. ssl:
  197. ca-cert: a
  198. key: b
  199. cert: c
  200. apache-custom-rules: |
  201. RewriteEngine On
  202. RewriteCond %{QUERY_STRING} !skin=formanoo
  203. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  204. target: popo:3333
  205. ' www.example.com
  206. " "both http and https"
  207. noerror
  208. is out '<VirtualHost *:80>
  209. ServerAdmin contact@www.example.com
  210. ServerName www.example.com
  211. ServerSignature Off
  212. CustomLog /var/log/apache2/www.example.com_access.log combined
  213. ErrorLog /var/log/apache2/www.example.com_error.log
  214. ErrorLog syslog:local2
  215. ##
  216. ## Custom rules
  217. ##
  218. RewriteEngine On
  219. RewriteCond %{QUERY_STRING} !skin=formanoo
  220. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  221. ##
  222. ## Proxy declaration towards popo:3333
  223. ##
  224. <IfModule mod_proxy.c>
  225. ProxyRequests Off
  226. <Proxy *>
  227. Order deny,allow
  228. Allow from all
  229. </Proxy>
  230. ProxyVia On
  231. ProxyPass / http://popo:3333/ retry=0
  232. <Location / >
  233. Allow from all
  234. ProxyPassReverse http://popo:3333/
  235. </Location>
  236. </IfModule>
  237. RequestHeader set "X-Forwarded-Proto" "http"
  238. ## Fix IE problem (httpapache proxy dav error 408/409)
  239. SetEnv proxy-nokeepalive 1
  240. ## Forbid any cache, this is only usefull on dev server.
  241. #Header set Cache-Control "no-cache"
  242. #Header set Access-Control-Allow-Origin "*"
  243. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  244. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  245. </VirtualHost>
  246. <IfModule mod_ssl.c>
  247. <VirtualHost *:443>
  248. ServerAdmin contact@www.example.com
  249. ServerName www.example.com
  250. ServerSignature Off
  251. CustomLog /var/log/apache2/s-www.example.com_access.log combined
  252. ErrorLog /var/log/apache2/s-www.example.com_error.log
  253. ErrorLog syslog:local2
  254. ##
  255. ## Custom rules
  256. ##
  257. RewriteEngine On
  258. RewriteCond %{QUERY_STRING} !skin=formanoo
  259. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  260. ##
  261. ## Proxy declaration towards popo:3333
  262. ##
  263. <IfModule mod_proxy.c>
  264. ProxyRequests Off
  265. <Proxy *>
  266. Order deny,allow
  267. Allow from all
  268. </Proxy>
  269. ProxyVia On
  270. ProxyPass / http://popo:3333/ retry=0
  271. <Location / >
  272. Allow from all
  273. ProxyPassReverse http://popo:3333/
  274. </Location>
  275. SSLProxyEngine On
  276. </IfModule>
  277. RequestHeader set "X-Forwarded-Proto" "https"
  278. ## Fix IE problem (httpapache proxy dav error 408/409)
  279. SetEnv proxy-nokeepalive 1
  280. ## Forbid any cache, this is only usefull on dev server.
  281. #Header set Cache-Control "no-cache"
  282. #Header set Access-Control-Allow-Origin "*"
  283. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  284. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  285. ##
  286. ## SSL Configuration
  287. ##
  288. SSLEngine On
  289. SSLCertificateFile /etc/ssl/certs/www.example.com.pem
  290. SSLCertificateKeyFile /etc/ssl/private/www.example.com.key
  291. SSLCACertificateFile /etc/ssl/certs/www.example.com-ca.pem
  292. SSLVerifyClient None
  293. </VirtualHost>
  294. </IfModule>' RTRIM
  295. ##
  296. ## single def no domain
  297. ##
  298. try "
  299. apache_vhost_statement publish_dir ,http, '
  300. apache-custom-rules: |
  301. RewriteEngine On
  302. RewriteCond %{QUERY_STRING} !skin=formanoo
  303. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  304. target: popo:3333
  305. ' ""
  306. " "http without domain"
  307. noerror
  308. is out '<VirtualHost *:80>
  309. ServerAdmin webmaster@localhost
  310. ServerSignature Off
  311. CustomLog /var/log/apache2/access.log combined
  312. ErrorLog /var/log/apache2/error.log
  313. ErrorLog syslog:local2
  314. ##
  315. ## Custom rules
  316. ##
  317. RewriteEngine On
  318. RewriteCond %{QUERY_STRING} !skin=formanoo
  319. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  320. ##
  321. ## Publish directory /var/www/html
  322. ##
  323. DocumentRoot /var/www/html
  324. <Directory />
  325. Options FollowSymLinks
  326. AllowOverride None
  327. </Directory>
  328. <Directory /var/www/html>
  329. Options Indexes FollowSymLinks MultiViews
  330. AllowOverride all
  331. Allow from all
  332. </Directory>
  333. ## Forbid any cache, this is only usefull on dev server.
  334. #Header set Cache-Control "no-cache"
  335. #Header set Access-Control-Allow-Origin "*"
  336. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  337. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  338. </VirtualHost>' RTRIM
  339. try "
  340. apache_vhost_statement ssh_tunnel ,https, '
  341. ssl: true
  342. apache-custom-rules: |
  343. RewriteEngine On
  344. RewriteCond %{QUERY_STRING} !skin=formanoo
  345. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  346. target: popo:3333
  347. ' 'ssh.example.com'
  348. " "ssh tunnel"
  349. noerror
  350. is out '
  351. <IfModule mod_ssl.c>
  352. <VirtualHost *:443>
  353. ServerAdmin contact@ssh.example.com
  354. ServerName ssh.example.com
  355. ServerSignature Off
  356. CustomLog /var/log/apache2/s-ssh.example.com_access.log combined
  357. ErrorLog /var/log/apache2/s-ssh.example.com_error.log
  358. ErrorLog syslog:local2
  359. ##
  360. ## Custom rules
  361. ##
  362. RewriteEngine On
  363. RewriteCond %{QUERY_STRING} !skin=formanoo
  364. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  365. ##
  366. ## SSH Tunnel
  367. ##
  368. #HostnameLookups On
  369. ProxyRequests On
  370. AllowConnect 22
  371. #ProxyVia on
  372. ### Deny everything by default
  373. <Proxy *>
  374. Order deny,allow
  375. Deny from all
  376. </proxy>
  377. ### Accept redirect only to same domain
  378. <Proxy ssh.example.com>
  379. Order deny,allow
  380. Allow from all
  381. </Proxy>
  382. ## Forbid any cache, this is only usefull on dev server.
  383. #Header set Cache-Control "no-cache"
  384. #Header set Access-Control-Allow-Origin "*"
  385. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  386. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  387. ##
  388. ## SSL Configuration
  389. ##
  390. SSLEngine On
  391. SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
  392. SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
  393. SSLVerifyClient None
  394. </VirtualHost>
  395. </IfModule>' RTRIM