fic/server
Archived
1
0
Fork 0
Code Issues Pull requests 10 Releases Wiki Activity

New env variable FIC_BASEURL to change the base URL

Browse source
This commit is contained in:
nemunaire 2021-07-21 12:30:51 +02:00
commit 8f1b44e3dd
12 changed files with 161 additions and 73 deletions
Download patch file Download diff file Expand all files Collapse all files

2
configs/fic-auth-docker.conf
View file

@ -1 +1 @@
set $team "$http_x_fic_user";
set $team "$http_x_fic_team";

27
configs/nginx-chbase.sh Executable file
View file

@ -0,0 +1,27 @@
#!/bin/sh
[ -z "${FIC_BASEURL}" ] && exit 0
[ -z "${PATH_STATIC}" ] && { >&2 echo "PATH_STATIC not defined"; exit 1; }
[ -n "${CURRENT_BASE}" ] || CURRENT_BASE="/"
run() {
local NEWBASE=$1
local FILE=$2
if [ -d "${FILE}" ]
then
for f in "${FILE}/"*.html "${FILE}/"*.js
do
run "${NEWBASE}" "${f}"
done
[ -d "${FILE}/js/" ] && run "${NEWBASE}" "${FILE}/js"
[ -d "${FILE}/views/" ] && run "${NEWBASE}" "${FILE}/views"
elif [ -f "${FILE}" ]
then
sed -ri "s@(href|src)=\"${CURRENT_BASE}@\1=\"${NEWBASE}@g;s@\\\$http.get\(\"${CURRENT_BASE}@\$http.get\(\"${NEWBASE}@g;s@\\\$http\((.*)\"${CURRENT_BASE}@\$http(\1\"${NEWBASE}@g" ${FILE}
fi
}
run "${FIC_BASEURL}" "${PATH_STATIC}"
exit 0

140
configs/nginx-docker.conf
View file

@ -13,11 +13,24 @@ server {
error_page 413 404 /e413.html;
error_page 500 502 504 /e500.html;
error_page 401 /welcome.html;
error_page 403 404 /e404.html;
error_page 413 /e413.html;
error_page 500 502 504 /e500.html;
add_header Strict-Transport-Security max-age=31536000;
add_header X-Frame-Options deny;
add_header Content-Security-Policy "script-src 'unsafe-inline' 'self' 'unsafe-eval'; img-src 'self' data:; style-src 'unsafe-inline' 'self'; font-src 'self'; default-src 'self'";
add_header X-Xss-Protection "1; mode=block";
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy strict-origin;
add_header Feature-Policy "accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none'";
location = / {
include /etc/nginx/auth.conf;
include fic-auth.conf;
}
location = /index.html {
include /etc/nginx/auth.conf;
include fic-auth.conf;
}
location = /welcome.html {
internal;
@ -44,43 +57,48 @@ server {
}
}
location ${FIC_BASEURL} {
rewrite ^${FIC_BASEURL}(.*)$ /$1;
}
location ~ ^/[A-Z] {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
location /edit {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
location /issue {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
location /issues {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
location /rank {
include /etc/nginx/auth.conf;
rewrite ^/.*$ /index.html;
}
location /rules {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
location /tags/ {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
location /register {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
location /rules {
include fic-auth.conf;
rewrite ^/.*$ /index.html;
}
@ -92,7 +110,7 @@ server {
}
location /wait.json {
include /etc/nginx/auth.conf;
include fic-auth.conf;
root ${PATH_TEAMS}/$team/;
expires epoch;
@ -104,18 +122,18 @@ server {
add_header Cache-Control no-cache;
}
location /my.json {
include /etc/nginx/auth.conf;
include fic-auth.conf;
root ${PATH_TEAMS}/$team/;
expires epoch;
add_header Cache-Control no-cache;
if (!-f $document_root/../../startingblock/started) {
if (!-f ${PATH_STARTINGBLOCK}/started) {
rewrite ^/ /wait.json;
}
}
location /issues.json {
include /etc/nginx/auth.conf;
include fic-auth.conf;
root ${PATH_TEAMS}/$team/;
expires epoch;
@ -139,76 +157,84 @@ server {
}
location /submit/ {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/submit/(.*)$ /submission/$team/$1 break;
proxy_pass http://${HOST_FRONTEND}/;
proxy_pass http://${HOST_FRONTEND}/submission;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location /submit/issue {
include fic-auth.conf;
proxy_pass http://${HOST_FRONTEND}/issue;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location /submit/name {
include /etc/nginx/auth.conf;
include fic-auth.conf;
rewrite ^/submit/.*$ /chname/$team break;
proxy_pass http://${HOST_FRONTEND}/;
proxy_pass http://${HOST_FRONTEND}/chname;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location /registration {
include /etc/nginx/auth.conf;
rewrite ^/registration /registration/$team break;
include fic-auth.conf;
proxy_pass http://${HOST_FRONTEND};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location /openhint/ {
include fic-auth.conf;
location /openhint/ {
include /etc/nginx/auth.conf;
proxy_pass http://${HOST_FRONTEND};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location /wantchoices/ {
include fic-auth.conf;
rewrite ^/openhint/(.*)$ /openhint/$team/$1 break;
proxy_pass http://${HOST_FRONTEND}/;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_redirect off;
}
location /wantchoices/ {
include /etc/nginx/auth.conf;
rewrite ^/wantchoices/(.*)$ /wantchoices/$team/$1 break;
proxy_pass http://${HOST_FRONTEND}/;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_redirect off;
}
location /dashboard/ {
proxy_pass http://${HOST_DASHBOARD};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_redirect off;
}
proxy_pass http://${HOST_FRONTEND};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location /api/ {
proxy_pass http://${HOST_ADMIN}/admin/api/;
include fic-auth.conf;
proxy_pass http://${HOST_ADMIN}${FIC_BASEURL}admin/api/;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location /admin/ {
location ${FIC_BASEURL}admin/ {
proxy_pass http://${HOST_ADMIN};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_redirect off;
}
location /qa/ {
location ${FIC_BASEURL}qa/ {
include fic-auth.conf;
proxy_pass http://${HOST_QA};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}
location ${FIC_BASEURL}dashboard/ {
include fic-auth.conf;
proxy_pass http://${HOST_DASHBOARD};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off;
}