Bind lighttpd to $WEB_BIND_ADDR by default.
Signed-off-by: Nathan Gaberel <nathan@gnab.fr>
This commit is contained in:
parent
005b6495ec
commit
54d179c24b
|
@ -338,11 +338,24 @@ setup_FTL_ProcessDNSSettings(){
|
|||
}
|
||||
|
||||
setup_lighttpd_bind() {
|
||||
local serverip="${FTLCONF_LOCAL_IPV4}"
|
||||
# if using '--net=host' only bind lighttpd on $FTLCONF_LOCAL_IPV4 and localhost
|
||||
if grep -q "docker" /proc/net/dev && [[ $serverip != 0.0.0.0 ]]; then #docker (docker0 by default) should only be present on the host system
|
||||
local bind_addr="${WEB_BIND_ADDR}"
|
||||
|
||||
if [[ -z "$bind_addr" ]]; then
|
||||
# if using '--net=host' bind lighttpd on $FTLCONF_LOCAL_IPV4 (for backward compatibility with #154).
|
||||
if grep -q "docker" /proc/net/dev && [[ $FTLCONF_LOCAL_IPV4 != 0.0.0.0 ]]; then #docker (docker0 by default) should only be present on the host system
|
||||
echo " [i] WARNING: running in host network mode forces lighttpd's bind address to \$FTLCONF_LOCAL_IPV4 ($FTLCONF_LOCAL_IPV4)."
|
||||
echo " [i] This behaviour is deprecated and will be removed in a future version. If your installation depends on a custom bind address (not 0.0.0.0) you should set the \$WEB_BIND_ADDR environment variable to the desired value."
|
||||
bind_addr="${FTLCONF_LOCAL_IPV4}"
|
||||
# bind on 0.0.0.0 by default
|
||||
else
|
||||
bind_addr="0.0.0.0"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Overwrite lighttpd's bind address, always listen on localhost
|
||||
if [[ $bind_addr != 0.0.0.0 ]]; then
|
||||
if ! grep -q "server.bind" /etc/lighttpd/lighttpd.conf ; then # if the declaration is already there, don't add it again
|
||||
sed -i -E "s/server\.port\s+\=\s+([0-9]+)/server.bind\t\t = \"${serverip}\"\nserver.port\t\t = \1\n"\$SERVER"\[\"socket\"\] == \"127\.0\.0\.1:\1\" \{\}/" /etc/lighttpd/lighttpd.conf
|
||||
sed -i -E "s/server\.port\s+\=\s+([0-9]+)/server.bind\t\t = \"${bind_addr}\"\nserver.port\t\t = \1\n"\$SERVER"\[\"socket\"\] == \"127\.0\.0\.1:\1\" \{\}/" /etc/lighttpd/lighttpd.conf
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
|
|
@ -247,3 +247,44 @@ def test_setupvars_trumps_random_password_if_set(docker, args_env, test_args):
|
|||
|
||||
assert "Pre existing WEBPASSWORD found" in function.stdout
|
||||
assert docker.run(_grep("WEBPASSWORD=volumepass", SETUPVARS_LOC)).rc == 0
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"args_env,test_args,expected_bind,expect_warning",
|
||||
[
|
||||
("-e FTLCONF_LOCAL_IPV4=192.0.2.10", "--net=host", "192.0.2.10", True),
|
||||
("-e FTLCONF_LOCAL_IPV4=192.0.2.10", "", "0.0.0.0", False),
|
||||
(
|
||||
"-e WEB_BIND_ADDR=192.0.2.20 -e FTLCONF_LOCAL_IPV4=192.0.2.10",
|
||||
"--net=host",
|
||||
"192.0.2.20",
|
||||
False,
|
||||
),
|
||||
(
|
||||
"-e WEB_BIND_ADDR=192.0.2.20 -e FTLCONF_LOCAL_IPV4=192.0.2.10",
|
||||
"",
|
||||
"192.0.2.20",
|
||||
False,
|
||||
),
|
||||
],
|
||||
)
|
||||
def test_setup_lighttpd_bind(
|
||||
docker, args_env, test_args, expected_bind, expect_warning
|
||||
):
|
||||
"""Lighttpd's bind address is correctly set"""
|
||||
WEB_CONFIG = "/etc/lighttpd/lighttpd.conf"
|
||||
WARNING_EXTRACT = "[i] WARNING: running in host network mode forces"
|
||||
|
||||
function = docker.run(". /usr/local/bin/bash_functions.sh ; setup_lighttpd_bind")
|
||||
|
||||
if expect_warning:
|
||||
assert WARNING_EXTRACT in function.stdout
|
||||
else:
|
||||
assert WARNING_EXTRACT not in function.stdout
|
||||
|
||||
config = docker.run(f"cat {WEB_CONFIG} | grep 'server.bind'")
|
||||
|
||||
if expected_bind == "0.0.0.0":
|
||||
assert "server.bind" not in config.stdout
|
||||
else:
|
||||
assert f'server.bind = "{expected_bind}"' in config.stdout
|
||||
|
|
Loading…
Reference in New Issue