jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

add secondary domains

Browse Source 
note that for updates to work, we keep the secondary domain optional,
even though they are really not.

part of #809
This commit is contained in:
Girish Ramakrishnan
2022-01-14 22:40:51 -08:00
parent d18977ccad
commit b34f66b115
9 changed files with 165 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
src/reverseproxy.js
View File

@@ -487,7 +487,9 @@ async function writeAppNginxConfig(app, fqdn, type, bundle) {
};
let nginxConfigFilenameSuffix = '';
if (type === apps.SUBDOMAIN_TYPE_PRIMARY || type === apps.SUBDOMAIN_TYPE_ALIAS) {
if (type === apps.SUBDOMAIN_TYPE_PRIMARY || type === apps.SUBDOMAIN_TYPE_ALIAS || type === apps.SUBDOMAIN_TYPE_SECONDARY) {
data.endpoint = 'app';
// maybe these should become per domain at some point
const reverseProxyConfig = app.reverseProxyConfig || {}; // some of our code uses fake app objects
if (reverseProxyConfig.robotsTxt) data.robotsTxtQuoted = JSON.stringify(app.reverseProxyConfig.robotsTxt);
if (reverseProxyConfig.csp) {
@@ -495,15 +497,23 @@ async function writeAppNginxConfig(app, fqdn, type, bundle) {
data.hideHeaders = [ 'Content-Security-Policy' ];
if (reverseProxyConfig.csp.includes('frame-ancestors ')) data.hideHeaders.push('X-Frame-Options');
}
data.proxyAuth = {
enabled: app.sso && app.manifest.addons && app.manifest.addons.proxyAuth,
id: app.id,
location: nginxLocation(safe.query(app.manifest, 'addons.proxyAuth.path') || '/')
};
data.endpoint = 'app';
data.ip = app.containerIp;
data.port = app.manifest.httpPort;
if (type === apps.SUBDOMAIN_TYPE_ALIAS) nginxConfigFilenameSuffix = `-alias-${fqdn.replace('*', '_')}`;
if (type === apps.SUBDOMAIN_TYPE_PRIMARY) {
nginxConfigFilenameSuffix = '';
data.proxyAuth = {
enabled: app.sso && app.manifest.addons && app.manifest.addons.proxyAuth,
id: app.id,
location: nginxLocation(safe.query(app.manifest, 'addons.proxyAuth.path') || '/')
};
data.ip = app.containerIp;
data.port = app.manifest.httpPort;
} else if (type === apps.SUBDOMAIN_TYPE_SECONDARY) {
nginxConfigFilenameSuffix = `-secondary-${fqdn}`;
data.ip = app.containerIp;
const secondaryDomain = app.secondaryDomains.find(sd => sd.fqdn === fqdn);
data.port = app.manifest.httpPorts[secondaryDomain.environmentVariable].containerPort;
} else if (type === apps.SUBDOMAIN_TYPE_ALIAS) {
nginxConfigFilenameSuffix = `-alias-${fqdn.replace('*', '_')}`;
}
} else if (type === apps.SUBDOMAIN_TYPE_REDIRECT) {
data.proxyAuth = { enabled: false, id: app.id, location: nginxLocation('/') };
data.endpoint = 'redirect';
@@ -528,6 +538,7 @@ async function writeAppConfig(app) {
assert.strictEqual(typeof app, 'object');
const appDomains = [{ domain: app.domain, fqdn: app.fqdn, type: apps.SUBDOMAIN_TYPE_PRIMARY }]
.concat(app.secondaryDomains.map(sd => { return { domain: sd.domain, fqdn: sd.fqdn, type: apps.SUBDOMAIN_TYPE_SECONDARY }; }))
.concat(app.redirectDomains.map(rd => { return { domain: rd.domain, fqdn: rd.fqdn, type: apps.SUBDOMAIN_TYPE_REDIRECT }; }))
.concat(app.aliasDomains.map(ad => { return { domain: ad.domain, fqdn: ad.fqdn, type: apps.SUBDOMAIN_TYPE_REDIRECT }; }));
@@ -589,6 +600,11 @@ async function renewCerts(options, auditSource, progressCallback) {
appDomains.push({ domain: app.domain, fqdn: app.fqdn, type: apps.SUBDOMAIN_TYPE_PRIMARY, app: app, nginxConfigFilename: path.join(paths.NGINX_APPCONFIG_DIR, app.id + '.conf') });
app.secondaryDomains.forEach(function (secondaryDomain) {
const nginxConfigFilename = path.join(paths.NGINX_APPCONFIG_DIR, `${app.id}-secondary-${secondaryDomain.fqdn}.conf`);
appDomains.push({ domain: secondaryDomain.domain, fqdn: secondaryDomain.fqdn, type: apps.SUBDOMAIN_TYPE_SECONDARY, app: app, nginxConfigFilename });
});
app.redirectDomains.forEach(function (redirectDomain) {
const nginxConfigFilename = path.join(paths.NGINX_APPCONFIG_DIR, `${app.id}-redirect-${redirectDomain.fqdn}.conf`);
appDomains.push({ domain: redirectDomain.domain, fqdn: redirectDomain.fqdn, type: apps.SUBDOMAIN_TYPE_REDIRECT, app: app, nginxConfigFilename });