jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

LOCATION_TYPE can move into location.js

Browse Source
This commit is contained in:
Girish Ramakrishnan
2023-08-17 16:05:19 +05:30
parent 5c98b6f080
commit 28bfab6700
3 changed files with 59 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
src/reverseproxy.js
View File

@@ -287,14 +287,13 @@ function needsRenewalSync(cert, options) {
async function getCertificate(location) {
assert.strictEqual(typeof location, 'object');
const { domain, fqdn } = location;
const domainObject = await domains.get(domain);
if (!domainObject) throw new BoxError(BoxError.NOT_FOUND, `${domain} not found`);
const domainObject = await domains.get(location.domain);
if (!domainObject) throw new BoxError(BoxError.NOT_FOUND, `${location.domain} not found`);
if (location.certificate) return location.certificate;
if (domainObject.tlsConfig.provider === 'fallback') return domainObject.fallbackCertificate;
const certName = getAcmeCertificateNameSync(fqdn, domainObject);
const certName = getAcmeCertificateNameSync(location.fqdn, domainObject);
const cert = await blobs.getString(`${blobs.CERT_PREFIX}-${certName}.cert`);
const key = await blobs.getString(`${blobs.CERT_PREFIX}-${certName}.key`);
if (!key || !cert) return domainObject.fallbackCertificate;
@@ -303,13 +302,13 @@ async function getCertificate(location) {
}
async function getMailCertificate() {
const { domain, fqdn } = await mailServer.getLocation();
return await getCertificate({ domain, fqdn, certificate: null, type: apps.LOCATION_TYPE_MAIL });
const mailLocation = await mailServer.getLocation();
return await getCertificate(mailLocation);
}
async function getDirectoryServerCertificate() {
const { domain, fqdn } = await dashboard.getLocation();
return await getCertificate({ domain, fqdn, certificate: null, type: apps.LOCATION_TYPE_DIRECTORY_SERVER });
const dashboardLocation = await dashboard.getLocation();
return await getCertificate(dashboardLocation);
}
// write if contents mismatch (thus preserving mtime)
@@ -329,13 +328,13 @@ async function setupTlsAddon(app) {
const certificateDir = `${paths.PLATFORM_DATA_DIR}/tls/${app.id}`;
const contents = [];
for (const location of getAppLocationsSync(app)) {
if (location.type === apps.LOCATION_TYPE_REDIRECT) continue;
if (location.type === Location.TYPE_REDIRECT) continue;
const certificate = await getCertificate(location);
contents.push({ filename: `${location.fqdn.replace('*', '_')}.cert`, data: certificate.cert });
contents.push({ filename: `${location.fqdn.replace('*', '_')}.key`, data: certificate.key });
if (location.type === apps.LOCATION_TYPE_PRIMARY) { // backward compat
if (location.type === Location.TYPE_PRIMARY) { // backward compat
contents.push({ filename: 'tls_cert.pem', data: certificate.cert });
contents.push({ filename: 'tls_key.pem', data: certificate.key });
}
@@ -487,11 +486,11 @@ async function writeAppLocationNginxConfig(app, location, certificatePath) {
assert.strictEqual(typeof location, 'object');
assert.strictEqual(typeof certificatePath, 'object');
const type = location.type, vhost = location.fqdn;
const { type, fqdn} = location;
const data = {
sourceDir: path.resolve(__dirname, '..'),
vhost,
vhost: fqdn,
hasIPv6: network.hasIPv6(),
ip: null,
port: null,
@@ -508,7 +507,7 @@ async function writeAppLocationNginxConfig(app, location, certificatePath) {
hstsPreload: !!app.reverseProxyConfig?.hstsPreload
};
if (type === apps.LOCATION_TYPE_PRIMARY || type === apps.LOCATION_TYPE_ALIAS || type === apps.LOCATION_TYPE_SECONDARY) {
if (type === Location.TYPE_PRIMARY || type === Location.TYPE_ALIAS || type === Location.TYPE_SECONDARY) {
data.endpoint = 'app';
if (app.manifest.id === constants.PROXY_APP_APPSTORE_ID) {
@@ -524,7 +523,7 @@ async function writeAppLocationNginxConfig(app, location, certificatePath) {
data.hideHeaders = [ 'Content-Security-Policy' ];
if (reverseProxyConfig.csp.includes('frame-ancestors ')) data.hideHeaders.push('X-Frame-Options');
}
if (type === apps.LOCATION_TYPE_PRIMARY || type == apps.LOCATION_TYPE_ALIAS) {
if (type === Location.TYPE_PRIMARY || type == Location.TYPE_ALIAS) {
data.proxyAuth = {
enabled: app.sso && app.manifest.addons && app.manifest.addons.proxyAuth,
id: app.id,
@@ -532,20 +531,20 @@ async function writeAppLocationNginxConfig(app, location, certificatePath) {
};
data.ip = app.containerIp;
data.port = app.manifest.httpPort;
} else if (type === apps.LOCATION_TYPE_SECONDARY) {
} else if (type === Location.TYPE_SECONDARY) {
data.ip = app.containerIp;
const secondaryDomain = app.secondaryDomains.find(sd => sd.fqdn === vhost);
const secondaryDomain = app.secondaryDomains.find(sd => sd.fqdn === fqdn);
data.port = app.manifest.httpPorts[secondaryDomain.environmentVariable].containerPort;
}
} else if (type === apps.LOCATION_TYPE_REDIRECT) {
} else if (type === Location.TYPE_REDIRECT) {
data.proxyAuth = { enabled: false, id: app.id, location: nginxLocation('/') };
data.endpoint = 'redirect';
data.redirectTo = app.fqdn;
}
const nginxConf = ejs.render(NGINX_APPCONFIG_EJS, data);
const filename = path.join(paths.NGINX_APPCONFIG_DIR, app.id, `${vhost.replace('*', '_')}.conf`);
debug(`writeAppLocationNginxConfig: writing config for "${vhost}" to ${filename} with options ${JSON.stringify(data)}`);
const filename = path.join(paths.NGINX_APPCONFIG_DIR, app.id, `${fqdn.replace('*', '_')}.conf`);
debug(`writeAppLocationNginxConfig: writing config for "${fqdn}" to ${filename} with options ${JSON.stringify(data)}`);
writeFileSync(filename, nginxConf);
}