fic
/
server
2
0
Fork 0
Code Issues Pull Requests 10 Releases Wiki Activity

New env variable FIC_BASEURL to change the base URL

This commit is contained in:
nemunaire 2021-07-21 12:30:51 +02:00
parent 74ae52ef41
commit 8f1b44e3dd
12 changed files with 165 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Dockerfile-dashboard
View File

@ -28,4 +28,5 @@ COPY dashboard/static/index.html /srv/htdocs-dashboard/
COPY dashboard/static/css/bootstrap.min.css frontend/static/css/fic.css frontend/static/css/glyphicon.css /srv/htdocs-dashboard/css/
COPY frontend/static/fonts /srv/htdocs-dashboard/fonts
COPY frontend/static/img/ dashboard/static/img/logo-epita-bw.png /srv/htdocs-dashboard/img/
COPY dashboard/static/js/dashboard.js frontend/static/js/angular.min.js dashboard/static/js/angular-animate.min.js frontend/static/js/angular-route.min.js frontend/static/js/angular-sanitize.min.js frontend/static/js/bootstrap.min.js frontend/static/js/common.js frontend/static/js/d3.v3.min.js frontend/static/js/i18n frontend/static/js/jquery.min.js /srv/htdocs-dashboard/js/
COPY dashboard/static/js/dashboard.js frontend/static/js/angular.min.js dashboard/static/js/angular-animate.min.js frontend/static/js/angular-route.min.js frontend/static/js/angular-sanitize.min.js frontend/static/js/bootstrap.min.js frontend/static/js/common.js frontend/static/js/d3.v3.min.js frontend/static/js/jquery.min.js /srv/htdocs-dashboard/js/
COPY admin/static/js/i18n/* /srv/htdocs-dashboard/js/i18n/

5
Dockerfile-frontend
View File

@ -28,3 +28,8 @@ VOLUME /srv/htdocs-frontend/
COPY --from=gobuild /go/src/srs.epita.fr/fic-server/frontend/frontend /srv/frontend
COPY frontend/static /srv/htdocs-frontend
COPY frontend/static/css/glyphicon.css /srv/htdocs-frontend/css/
COPY admin/static/fonts/* /srv/htdocs-frontend/fonts/
COPY frontend/static/js/angular.min.js frontend/static/js/angular-route.min.js frontend/static/js/angular-sanitize.min.js frontend/static/js/bootstrap.min.js frontend/static/js/common.js frontend/static/js/d3.v3.min.js frontend/static/js/jquery.min.js /srv/htdocs-frontend/js/
COPY admin/static/js/i18n/* /srv/htdocs-frontend/js/i18n/

15
Dockerfile-nginx
View File

@ -1,11 +1,20 @@
FROM nginx:stable-alpine
ENV HOST_FRONTEND=frontend:8080 HOST_ADMIN=admin:8081 HOST_DASHBOARD=dashboard:8082 HOST_QA=qa:8083 \
PATH_FILES=/srv/FILES PATH_STATIC=/srv/htdocs-frontend PATH_SETTINGS=/srv/SETTINGS PATH_TEAMS=/srv/TEAMS
ENV FIC_BASEURL=/ \
HOST_FRONTEND=frontend:8080 HOST_ADMIN=admin:8081 HOST_DASHBOARD=dashboard:8082 HOST_QA=qa:8083 \
PATH_FILES=/srv/FILES PATH_STARTINGBLOCK=/srv/STARTINGBLOCK PATH_STATIC=/srv/htdocs-frontend PATH_SETTINGS=/srv/SETTINGS PATH_SYNC=/srv/SYNC PATH_TEAMS=/srv/TEAMS
EXPOSE 80
COPY configs/fic-auth-docker.conf /etc/nginx/auth.conf
COPY configs/nginx-chbase.sh /docker-entrypoint.d/40-update-baseurl.sh
COPY configs/fic-auth-docker.conf /etc/nginx/fic-auth.conf
COPY configs/nginx-docker.conf /etc/nginx/templates/default.conf.template
COPY frontend/static /srv/htdocs-frontend
# Dereference symlink
COPY frontend/static/css/glyphicon.css /srv/htdocs-frontend/css/
COPY admin/static/fonts/* /srv/htdocs-frontend/fonts/
COPY frontend/static/js/angular.min.js frontend/static/js/angular-route.min.js frontend/static/js/angular-sanitize.min.js frontend/static/js/bootstrap.min.js frontend/static/js/common.js frontend/static/js/d3.v3.min.js frontend/static/js/jquery.min.js /srv/htdocs-frontend/js/
COPY admin/static/js/i18n/* /srv/htdocs-frontend/js/i18n/

1
Dockerfile-qa
View File

@ -29,3 +29,4 @@ COPY qa/static/css/bootstrap.min.css frontend/static/css/fic.css frontend/static
COPY frontend/static/fonts /srv/htdocs-qa/fonts
COPY frontend/static/img/ /srv/htdocs-qa/img/
COPY qa/static/js/qa.js frontend/static/js/angular.min.js qa/static/js/angular-resource.min.js frontend/static/js/angular-route.min.js frontend/static/js/angular-sanitize.min.js frontend/static/js/bootstrap.min.js frontend/static/js/common.js frontend/static/js/i18n frontend/static/js/jquery.min.js /srv/htdocs-qa/js/
COPY qa/static/views/ /srv/htdocs-qa/views/

10
admin/index.go
View File

@ -117,13 +117,13 @@ const indextpl = `<!DOCTYPE html>
<toast ng-repeat="toast in toasts" yes-no="toast.yesFunc || toast.noFunc" onyes="toast.yesFunc" onno="toast.noFunc" date="toast.date" msg="toast.msg" timeout="toast.timeout" title="toast.title" variant="toast.variant"></toast>
</div>
<script src="/js/jquery.min.js"></script>
<script src="js/jquery.min.js"></script>
<script src="js/popper.min.js"></script>
<script src="/js/bootstrap.min.js"></script>
<script src="/js/angular.min.js"></script>
<script src="js/bootstrap.min.js"></script>
<script src="js/angular.min.js"></script>
<script src="js/angular-resource.min.js"></script>
<script src="/js/angular-route.min.js"></script>
<script src="/js/angular-sanitize.min.js"></script>
<script src="js/angular-route.min.js"></script>
<script src="js/angular-sanitize.min.js"></script>
<script src="js/app.js"></script>
<script src="js/common.js"></script>
</body>

21
admin/main.go
View File

@ -68,6 +68,7 @@ func main() {
cloudPassword := ""
localImporterDirectory := ""
localImporterSymlink := false
baseURL := "/"
// Read paremeters from environment
if v, exists := os.LookupEnv("FICCA_PASS"); exists {
@ -85,11 +86,14 @@ func main() {
if v, exists := os.LookupEnv("FICCLOUD_PASS"); exists {
cloudPassword = v
}
if v, exists := os.LookupEnv("FIC_BASEURL"); exists {
baseURL = v
}
// Read parameters from command line
var bind = flag.String("bind", "127.0.0.1:8081", "Bind port/socket")
var dsn = flag.String("dsn", fic.DSNGenerator(), "DSN to connect to the MySQL server")
var baseURL = flag.String("baseurl", "/", "URL prepended to each URL")
flag.StringVar(&baseURL, "baseurl", baseURL, "URL prepended to each URL")
flag.StringVar(&api.TimestampCheck, "timestampCheck", api.TimestampCheck, "Path regularly touched by frontend to check time synchronisation")
flag.StringVar(&pki.PKIDir, "pki", "./PKI", "Base directory where found PKI scripts")
var staticDir = flag.String("static", "", "Directory containing static files (default if not provided: use embedded files)")
@ -140,6 +144,7 @@ func main() {
log.Fatal("Unable to cd to static/ directory:", err)
}
staticFS = http.FS(sub)
sync.DeepReportPath = path.Join("SYNC", sync.DeepReportPath)
}
if fic.FilesDir, err = filepath.Abs(fic.FilesDir); err != nil {
log.Fatal(err)
@ -159,12 +164,10 @@ func main() {
if settings.SettingsDir, err = filepath.Abs(settings.SettingsDir); err != nil {
log.Fatal(err)
}
if *baseURL != "/" {
tmp := path.Clean(*baseURL)
baseURL = &tmp
if baseURL != "/" {
baseURL = path.Clean(baseURL)
} else {
tmp := ""
baseURL = &tmp
baseURL = ""
}
// Creating minimal directories structure
@ -201,8 +204,8 @@ func main() {
}
// Update base URL on main page
log.Println("Changing base URL to", *baseURL+"/", "...")
genIndex(*baseURL)
log.Println("Changing base URL to", baseURL+"/", "...")
genIndex(baseURL)
// Prepare graceful shutdown
interrupt := make(chan os.Signal, 1)
@ -210,7 +213,7 @@ func main() {
srv := &http.Server{
Addr: *bind,
Handler: StripPrefix(*baseURL, api.Router()),
Handler: StripPrefix(baseURL, api.Router()),
}
// Serve content

8
backend/main.go
View File

@ -101,11 +101,17 @@ func reloadSettings(config settings.FICSettings) {
}
func main() {
if v, exists := os.LookupEnv("FIC_BASEURL"); exists {
fic.FilesDir = v + "files"
} else {
fic.FilesDir = "/files"
}
var dsn = flag.String("dsn", fic.DSNGenerator(), "DSN to connect to the MySQL server")
flag.StringVar(&settings.SettingsDir, "settings", settings.SettingsDir, "Base directory where load and save settings")
flag.StringVar(&SubmissionDir, "submission", "./submissions", "Base directory where save submissions")
flag.StringVar(&TeamsDir, "teams", "./TEAMS", "Base directory where save teams JSON files")
flag.StringVar(&fic.FilesDir, "files", "/files", "Request path prefix to reach files")
flag.StringVar(&fic.FilesDir, "files", fic.FilesDir, "Request path prefix to reach files")
var debugINotify = flag.Bool("debuginotify", false, "Show skipped inotofy events")
flag.BoolVar(&skipInitialGeneration, "skipfullgeneration", skipInitialGeneration, "Skip the initial regeneration")
flag.IntVar(&parallelJobs, "jobs", parallelJobs, "Number of generation workers")

2
configs/fic-auth-docker.conf
View File

@ -1 +1 @@
set $team "$http_x_fic_user";
set $team "$http_x_fic_team";

27
configs/nginx-chbase.sh Executable file
View File

@ -0,0 +1,27 @@
#!/bin/sh
[ -z "${FIC_BASEURL}" ] && exit 0
[ -z "${PATH_STATIC}" ] && { >&2 echo "PATH_STATIC not defined"; exit 1; }
[ -n "${CURRENT_BASE}" ] || CURRENT_BASE="/"
run() {
local NEWBASE=$1
local FILE=$2
if [ -d "${FILE}" ]
then
for f in "${FILE}/"*.html "${FILE}/"*.js
do
run "${NEWBASE}" "${f}"
done
[ -d "${FILE}/js/" ] && run "${NEWBASE}" "${FILE}/js"
[ -d "${FILE}/views/" ] && run "${NEWBASE}" "${FILE}/views"
elif [ -f "${FILE}" ]
then
sed -ri "s@(href|src)=\"${CURRENT_BASE}@\1=\"${NEWBASE}@g;s@\\\$http.get\(\"${CURRENT_BASE}@\$http.get\(\"${NEWBASE}@g;s@\\\$http\((.*)\"${CURRENT_BASE}@\$http(\1\"${NEWBASE}@g" ${FILE}
fi
}
run "${FIC_BASEURL}" "${PATH_STATIC}"
exit 0

140
configs/nginx-docker.conf
View File

@ -13,11 +13,24 @@ server {
error_page 413 404 /e413.html;
error_page 500 502 504 /e500.html;
error_page 401 /welcome.html;
error_page 403 404 /e404.html;
error_page 413 /e413.html;
error_page 500 502 504 /e500.html;
add_header Strict-Transport-Security max-age=31536000;
add_header X-Frame-Options deny;
add_header Content-Security-Policy "script-src 'unsafe-inline' 'self' 'unsafe-eval'; img-src 'self' data:; style-src 'unsafe-inline' 'self'; font-src 'self'; default-src 'self'";
add_header X-Xss-Protection "1; mode=block";
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy strict-origin;
add_header Feature-Policy "accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none'";
location = / {
include /etc/nginx/auth.conf;
include fic-auth.conf;
}
location = /index.html {
include /etc/nginx/auth.conf;
include fic-auth.conf;
}
location = /welcome.html {
internal;
@ -44,43 +57,48 @@ server {
}
}
location ${FIC_BASEURL} {
rewrite ^${FIC_BASEURL}(.*)$ /$1;
}
location ~ ^/[A-Z] {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
location /edit {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
location /issue {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
location /issues {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
location /rank {
include /etc/nginx/auth.conf;
rewrite ^/.*$ /index.html;
}
location /rules {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
location /tags/ {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
location /register {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
location /rules {
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
@ -92,7 +110,7 @@ server {
}
location /wait.json {
include /etc/nginx/auth.conf;
include fic-auth.conf;
root ${PATH_TEAMS}/$team/;
expires epoch;
@ -104,18 +122,18 @@ server {
add_header Cache-Control no-cache;
}
location /my.json {
include /etc/nginx/auth.conf;
include fic-auth.conf;
root ${PATH_TEAMS}/$team/;
expires epoch;
add_header Cache-Control no-cache;
if (!-f $document_root/../../startingblock/started) {
if (!-f ${PATH_STARTINGBLOCK}/started) {
rewrite ^/ /wait.json;
}
}
location /issues.json {
include /etc/nginx/auth.conf;
include fic-auth.conf;
root ${PATH_TEAMS}/$team/;
expires epoch;
@ -139,76 +157,84 @@ server {
}
location /submit/ {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/submit/(.*)$ /submission/$team/$1 break;
proxy_pass http://${HOST_FRONTEND}/;
proxy_pass http://${HOST_FRONTEND}/submission;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location /submit/issue {
include fic-auth.conf;
proxy_pass http://${HOST_FRONTEND}/issue;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location /submit/name {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/submit/.*$ /chname/$team break;
proxy_pass http://${HOST_FRONTEND}/;
proxy_pass http://${HOST_FRONTEND}/chname;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location /registration {
include /etc/nginx/auth.conf;
rewrite ^/registration /registration/$team break;
include fic-auth.conf;
proxy_pass http://${HOST_FRONTEND};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location /openhint/ {
include fic-auth.conf;
location /openhint/ {
include /etc/nginx/auth.conf;
proxy_pass http://${HOST_FRONTEND};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location /wantchoices/ {
include fic-auth.conf;
rewrite ^/openhint/(.*)$ /openhint/$team/$1 break;
proxy_pass http://${HOST_FRONTEND}/;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_redirect off;
}
location /wantchoices/ {
include /etc/nginx/auth.conf;
rewrite ^/wantchoices/(.*)$ /wantchoices/$team/$1 break;
proxy_pass http://${HOST_FRONTEND}/;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_redirect off;
}
location /dashboard/ {
proxy_pass http://${HOST_DASHBOARD};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_redirect off;
}
proxy_pass http://${HOST_FRONTEND};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location /api/ {
proxy_pass http://${HOST_ADMIN}/admin/api/;
include fic-auth.conf;
proxy_pass http://${HOST_ADMIN}${FIC_BASEURL}admin/api/;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location /admin/ {
location ${FIC_BASEURL}admin/ {
proxy_pass http://${HOST_ADMIN};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_redirect off;
}
location /qa/ {
location ${FIC_BASEURL}qa/ {
include fic-auth.conf;
proxy_pass http://${HOST_QA};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location ${FIC_BASEURL}dashboard/ {
include fic-auth.conf;
proxy_pass http://${HOST_DASHBOARD};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}

5
dashboard/main.go
View File

@ -64,6 +64,11 @@ func StripPrefix(prefix string, h http.Handler) http.Handler {
}
func main() {
// Read paremeters from environment
if v, exists := os.LookupEnv("FIC_BASEURL"); exists {
BaseURL = v
}
// Read parameters from command line
var bind = flag.String("bind", "127.0.0.1:8082", "Bind port/socket")
flag.StringVar(&BaseURL, "baseurl", BaseURL, "URL prepended to each URL")

5
qa/main.go
View File

@ -61,6 +61,11 @@ func StripPrefix(prefix string, h http.Handler) http.Handler {
}
func main() {
// Read paremeters from environment
if v, exists := os.LookupEnv("FIC_BASEURL"); exists {
BaseURL = v
}
// Read parameters from command line
var bind = flag.String("bind", "127.0.0.1:8083", "Bind port/socket")
var dsn = flag.String("dsn", fic.DSNGenerator(), "DSN to connect to the MySQL server")