nginx: add separate endpoint for ip/setup screens
'setup' endpoint for setup/restore. we show the setup wizard. 'ip' endpoint is post activation. we show a splash screen here. Also, the https://ip will not respond to any api calls anymore (since this will leak the admin fqdn otherwise). We should probably make this customizable at some point. Fixes #739
This commit is contained in:
Girish Ramakrishnan
@@ -21,8 +21,6 @@ exports = module.exports = {
|
||||
|
||||
// these only generate nginx config
|
||||
writeDefaultConfig,
|
||||
removeDefaultConfig,
|
||||
|
||||
writeDashboardConfig,
|
||||
writeAppConfig,
|
||||
|
||||
@@ -376,7 +374,7 @@ function writeDashboardNginxConfig(bundle, configFileName, vhost, callback) {
|
||||
var data = {
|
||||
sourceDir: path.resolve(__dirname, '..'),
|
||||
adminOrigin: settings.adminOrigin(),
|
||||
vhost: vhost, // if vhost is empty it will become the default_server
|
||||
vhost: vhost,
|
||||
hasIPv6: sysinfo.hasIPv6(),
|
||||
endpoint: 'admin',
|
||||
certFilePath: bundle.certFilePath,
|
||||
@@ -648,35 +646,37 @@ function removeAppConfigs() {
|
||||
}
|
||||
}
|
||||
|
||||
function writeDefaultConfig(callback) {
|
||||
function writeDefaultConfig(options, callback) {
|
||||
assert.strictEqual(typeof options, 'object');
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
var certFilePath = path.join(paths.NGINX_CERT_DIR, 'default.cert');
|
||||
var keyFilePath = path.join(paths.NGINX_CERT_DIR, 'default.key');
|
||||
const certFilePath = path.join(paths.NGINX_CERT_DIR, 'default.cert');
|
||||
const keyFilePath = path.join(paths.NGINX_CERT_DIR, 'default.key');
|
||||
|
||||
if (!fs.existsSync(certFilePath) || !fs.existsSync(keyFilePath)) {
|
||||
debug('writeDefaultConfig: create new cert');
|
||||
|
||||
var cn = 'cloudron-' + (new Date()).toISOString(); // randomize date a bit to keep firefox happy
|
||||
const cn = 'cloudron-' + (new Date()).toISOString(); // randomize date a bit to keep firefox happy
|
||||
if (!safe.child_process.execSync(`openssl req -x509 -newkey rsa:2048 -keyout ${keyFilePath} -out ${certFilePath} -days 3650 -subj /CN=${cn} -nodes`)) {
|
||||
debug(`writeDefaultConfig: could not generate certificate: ${safe.error.message}`);
|
||||
return callback(new BoxError(BoxError.OPENSSL_ERROR, safe.error));
|
||||
}
|
||||
}
|
||||
|
||||
writeDashboardNginxConfig({ certFilePath, keyFilePath }, constants.NGINX_DEFAULT_CONFIG_FILE_NAME, '', function (error) {
|
||||
if (error) return callback(error);
|
||||
const data = {
|
||||
sourceDir: path.resolve(__dirname, '..'),
|
||||
adminOrigin: settings.adminOrigin(),
|
||||
vhost: '',
|
||||
hasIPv6: sysinfo.hasIPv6(),
|
||||
endpoint: options.activated ? 'ip' : 'setup',
|
||||
certFilePath,
|
||||
keyFilePath,
|
||||
robotsTxtQuoted: JSON.stringify('User-agent: *\nDisallow: /\n')
|
||||
};
|
||||
const nginxConf = ejs.render(NGINX_APPCONFIG_EJS, data);
|
||||
const nginxConfigFilename = path.join(paths.NGINX_APPCONFIG_DIR, constants.NGINX_DEFAULT_CONFIG_FILE_NAME);
|
||||
|
||||
debug('writeDefaultConfig: done');
|
||||
|
||||
reload(callback);
|
||||
});
|
||||
}
|
||||
|
||||
function removeDefaultConfig(callback) {
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
safe.fs.unlinkSync(path.join(paths.NGINX_APPCONFIG_DIR, constants.NGINX_DEFAULT_CONFIG_FILE_NAME));
|
||||
if (!safe.fs.writeFileSync(nginxConfigFilename, nginxConf)) return callback(new BoxError(BoxError.FS_ERROR, safe.error));
|
||||
|
||||
reload(callback);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user