You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

504 lines
10 KiB

  1. #!/bin/bash
  2. exname=$(basename $0)
  3. compose_core=$(which compose-core) || {
  4. echo "Requires compose-core executable to be in \$PATH." >&2
  5. exit 1
  6. }
  7. fetch-def() {
  8. local path="$1" fname="$2"
  9. ( . "$path" 1>&2 || {
  10. echo "Failed to load '$path'." >&2
  11. exit 1
  12. }
  13. declare -f "$fname"
  14. )
  15. }
  16. prefix_cmd="
  17. . /etc/shlib
  18. include common
  19. include parse
  20. . ../lib/common
  21. $(fetch-def "$compose_core" yaml_get_values)
  22. $(fetch-def "$compose_core" yaml_get_interpret)
  23. " || {
  24. echo "Couldn't build prefix cmd" >&2
  25. exit 1
  26. }
  27. # mock
  28. relation-get() {
  29. local key="$1"
  30. echo "$CFG" | shyaml get-value "$key" 2>/dev/null
  31. }
  32. export -f relation-get
  33. cfg-get-value() {
  34. local key="$1"
  35. shyaml get-value "$key" 2>/dev/null
  36. }
  37. export -f cfg-get-value
  38. get_service_relations() {
  39. printf "%s\0" "${RELATIONS[@]}"
  40. }
  41. export -f get_service_relations
  42. export state_tmpdir=$(mktemp -d -t tmp.XXXXXXXXXX)
  43. trap "rm -rf \"$state_tmpdir\"" EXIT
  44. ##
  45. ## Tests
  46. ##
  47. try "
  48. apache_vhost_statement publish_dir ,http, '\
  49. ' www.example.com"
  50. noerror
  51. is out '<VirtualHost *:80>
  52. ServerAdmin contact@www.example.com
  53. ServerName www.example.com
  54. ServerSignature Off
  55. CustomLog /var/log/apache2/www.example.com_access.log combined
  56. ErrorLog /var/log/apache2/www.example.com_error.log
  57. ErrorLog syslog:local2
  58. ##
  59. ## Publish directory /var/www/www.example.com
  60. ##
  61. DocumentRoot /var/www/www.example.com
  62. <Directory />
  63. Options FollowSymLinks
  64. AllowOverride None
  65. </Directory>
  66. <Directory /var/www/www.example.com>
  67. Options Indexes FollowSymLinks MultiViews
  68. AllowOverride all
  69. Allow from all
  70. </Directory>
  71. ## Forbid any cache, this is only usefull on dev server.
  72. #Header set Cache-Control "no-cache"
  73. #Header set Access-Control-Allow-Origin "*"
  74. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  75. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  76. </VirtualHost>' RTRIM
  77. ##
  78. ## Aliases
  79. ##
  80. try "
  81. apache_vhost_statement publish_dir ,http, '
  82. server-aliases:
  83. - toto
  84. ' www.example.com"
  85. noerror
  86. is out reg 'ServerAlias toto'
  87. try "
  88. apache_vhost_statement publish_dir ,http, '
  89. server-aliases:
  90. - toto
  91. - titi
  92. ' www.example.com"
  93. noerror
  94. is out reg 'ServerAlias toto'
  95. is out reg 'ServerAlias titi'
  96. ##
  97. ## Creds
  98. ##
  99. try "
  100. apache_vhost_statement publish_dir ,http, '' www.example.com
  101. " "credentials allow all"
  102. noerror
  103. is out reg 'Allow from all'
  104. try "
  105. apache_vhost_statement publish_dir ,http, '
  106. creds:
  107. toto: xxx
  108. titi: yyy
  109. ' www.example.com
  110. " "credentials with basic auth user/pass"
  111. noerror
  112. is out reg 'AuthType basic'
  113. is out reg 'Require valid-user'
  114. ##
  115. ## proxy
  116. ##
  117. try "
  118. apache_vhost_statement web_proxy ,http, '
  119. target: popo:3333
  120. creds:
  121. toto: titi
  122. ' www.example.com
  123. " "proxy explicit target"
  124. noerror
  125. is out reg 'ProxyPass / http://popo:3333/'
  126. is out part '
  127. <Location / >
  128. AuthType basic
  129. AuthName "private"
  130. AuthUserFile /etc/apache2/sites-enabled/www.example.com.passwd
  131. Require valid-user
  132. ProxyPassReverse /
  133. </Location>
  134. '
  135. ##
  136. ## ssl
  137. ##
  138. try "
  139. apache_vhost_statement web_proxy ,https, '
  140. ssl: true
  141. target: popo:3333
  142. ' www.example.com
  143. " "ssl default generation (ssl-cert-snakeoil)"
  144. noerror
  145. is out reg 'VirtualHost \*:443'
  146. is out reg '<IfModule mod_ssl.c>'
  147. is out reg 'SSLEngine On'
  148. is out reg 'SSLProxyEngine On'
  149. is out reg 'ssl-cert-snakeoil'
  150. is out reg 'CustomLog /var/log/apache2/s-www.example.com_access.log combined'
  151. try "
  152. RELATIONS=()
  153. apache_vhost_statement web_proxy ,https, '
  154. ssl:
  155. ca-cert: a
  156. key: b
  157. cert: c
  158. target: popo:3333
  159. ' www.example.com
  160. " "ssl providing keys inline"
  161. noerror
  162. is out reg 'SSLCertificateFile /etc/ssl/certs/www.example.com.pem'
  163. is out reg 'SSLCertificateKeyFile /etc/ssl/private/www.example.com.key'
  164. is out reg 'SSLCACertificateFile /etc/ssl/certs/www.example.com-ca.pem'
  165. ##
  166. ## CustomRules
  167. ##
  168. try "
  169. apache_vhost_statement web_proxy ,https, '
  170. ssl:
  171. ca-cert: a
  172. key: b
  173. cert: c
  174. apache-custom-rules: |
  175. RewriteEngine On
  176. RewriteCond %{QUERY_STRING} !skin=formanoo
  177. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  178. target: popo:3333
  179. ' www.example.com
  180. " "custom rules"
  181. noerror
  182. is out reg 'RewriteEngine On'
  183. ##
  184. ## double def
  185. ##
  186. try "
  187. apache_vhost_statement web_proxy ,https,http, '
  188. ssl:
  189. ca-cert: a
  190. key: b
  191. cert: c
  192. apache-custom-rules: |
  193. RewriteEngine On
  194. RewriteCond %{QUERY_STRING} !skin=formanoo
  195. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  196. target: popo:3333
  197. ' www.example.com
  198. " "both http and https"
  199. noerror
  200. is out '<VirtualHost *:80>
  201. ServerAdmin contact@www.example.com
  202. ServerName www.example.com
  203. ServerSignature Off
  204. CustomLog /var/log/apache2/www.example.com_access.log combined
  205. ErrorLog /var/log/apache2/www.example.com_error.log
  206. ErrorLog syslog:local2
  207. ##
  208. ## Custom rules
  209. ##
  210. RewriteEngine On
  211. RewriteCond %{QUERY_STRING} !skin=formanoo
  212. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  213. ##
  214. ## Proxy declaration towards popo:3333
  215. ##
  216. <IfModule mod_proxy.c>
  217. ProxyRequests Off
  218. <Proxy *>
  219. Order deny,allow
  220. Allow from all
  221. </Proxy>
  222. ProxyVia On
  223. ProxyPass / http://popo:3333/ retry=0
  224. <Location / >
  225. Allow from all
  226. ProxyPassReverse /
  227. </Location>
  228. </IfModule>
  229. RequestHeader set "X-Forwarded-Proto" "http"
  230. ## Fix IE problem (httpapache proxy dav error 408/409)
  231. SetEnv proxy-nokeepalive 1
  232. ## Forbid any cache, this is only usefull on dev server.
  233. #Header set Cache-Control "no-cache"
  234. #Header set Access-Control-Allow-Origin "*"
  235. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  236. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  237. </VirtualHost>
  238. <IfModule mod_ssl.c>
  239. <VirtualHost *:443>
  240. ServerAdmin contact@www.example.com
  241. ServerName www.example.com
  242. ServerSignature Off
  243. CustomLog /var/log/apache2/s-www.example.com_access.log combined
  244. ErrorLog /var/log/apache2/s-www.example.com_error.log
  245. ErrorLog syslog:local2
  246. ##
  247. ## Custom rules
  248. ##
  249. RewriteEngine On
  250. RewriteCond %{QUERY_STRING} !skin=formanoo
  251. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  252. ##
  253. ## Proxy declaration towards popo:3333
  254. ##
  255. <IfModule mod_proxy.c>
  256. ProxyRequests Off
  257. <Proxy *>
  258. Order deny,allow
  259. Allow from all
  260. </Proxy>
  261. ProxyVia On
  262. ProxyPass / http://popo:3333/ retry=0
  263. <Location / >
  264. Allow from all
  265. ProxyPassReverse /
  266. </Location>
  267. SSLProxyEngine On
  268. </IfModule>
  269. RequestHeader set "X-Forwarded-Proto" "https"
  270. ## Fix IE problem (httpapache proxy dav error 408/409)
  271. SetEnv proxy-nokeepalive 1
  272. ## Forbid any cache, this is only usefull on dev server.
  273. #Header set Cache-Control "no-cache"
  274. #Header set Access-Control-Allow-Origin "*"
  275. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  276. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  277. ##
  278. ## SSL Configuration
  279. ##
  280. SSLEngine On
  281. SSLCertificateFile /etc/ssl/certs/www.example.com.pem
  282. SSLCertificateKeyFile /etc/ssl/private/www.example.com.key
  283. SSLCACertificateFile /etc/ssl/certs/www.example.com-ca.pem
  284. SSLVerifyClient None
  285. </VirtualHost>
  286. </IfModule>' RTRIM
  287. ##
  288. ## single def no domain
  289. ##
  290. try "
  291. apache_vhost_statement publish_dir ,http, '
  292. apache-custom-rules: |
  293. RewriteEngine On
  294. RewriteCond %{QUERY_STRING} !skin=formanoo
  295. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  296. target: popo:3333
  297. ' ""
  298. " "http without domain"
  299. noerror
  300. is out '<VirtualHost *:80>
  301. ServerAdmin webmaster@localhost
  302. ServerSignature Off
  303. CustomLog /var/log/apache2/access.log combined
  304. ErrorLog /var/log/apache2/error.log
  305. ErrorLog syslog:local2
  306. ##
  307. ## Custom rules
  308. ##
  309. RewriteEngine On
  310. RewriteCond %{QUERY_STRING} !skin=formanoo
  311. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  312. ##
  313. ## Publish directory /var/www/html
  314. ##
  315. DocumentRoot /var/www/html
  316. <Directory />
  317. Options FollowSymLinks
  318. AllowOverride None
  319. </Directory>
  320. <Directory /var/www/html>
  321. Options Indexes FollowSymLinks MultiViews
  322. AllowOverride all
  323. Allow from all
  324. </Directory>
  325. ## Forbid any cache, this is only usefull on dev server.
  326. #Header set Cache-Control "no-cache"
  327. #Header set Access-Control-Allow-Origin "*"
  328. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  329. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  330. </VirtualHost>' RTRIM
  331. try "
  332. apache_vhost_statement ssh_tunnel ,https, '
  333. ssl: true
  334. apache-custom-rules: |
  335. RewriteEngine On
  336. RewriteCond %{QUERY_STRING} !skin=formanoo
  337. RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
  338. target: popo:3333
  339. ' 'ssh.example.com'
  340. " "ssh tunnel"
  341. noerror
  342. is out '
  343. <IfModule mod_ssl.c>
  344. <VirtualHost *:443>
  345. ServerAdmin contact@ssh.example.com
  346. ServerName ssh.example.com
  347. ServerSignature Off
  348. CustomLog /var/log/apache2/s-ssh.example.com_access.log combined
  349. ErrorLog /var/log/apache2/s-ssh.example.com_error.log
  350. ErrorLog syslog:local2
  351. ##
  352. ## Custom rules
  353. ##
  354. RewriteEngine On
  355. RewriteCond %{QUERY_STRING} !skin=formanoo
  356. RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]
  357. ##
  358. ## SSH Tunnel
  359. ##
  360. #HostnameLookups On
  361. ProxyRequests On
  362. AllowConnect 22
  363. #ProxyVia on
  364. ### Deny everything by default
  365. <Proxy *>
  366. Order deny,allow
  367. Deny from all
  368. </proxy>
  369. ### Accept redirect only to same domain
  370. <Proxy ssh.example.com>
  371. Order deny,allow
  372. Allow from all
  373. </Proxy>
  374. ## Forbid any cache, this is only usefull on dev server.
  375. #Header set Cache-Control "no-cache"
  376. #Header set Access-Control-Allow-Origin "*"
  377. #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  378. #Header set Access-Control-Allow-Headers "origin, content-type, accept"
  379. ##
  380. ## SSL Configuration
  381. ##
  382. SSLEngine On
  383. SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
  384. SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
  385. SSLVerifyClient None
  386. </VirtualHost>
  387. </IfModule>' RTRIM