mirror of
https://github.com/alexbelgium/hassio-addons.git
synced 2026-07-13 09:30:32 +02:00
Ingress addition
https://github.com/alexbelgium/hassio-addons/issues/388 https://github.com/TandoorRecipes/recipes/issues/354
This commit is contained in:
@@ -1,6 +1,5 @@
|
||||
#!/usr/bin/bashio
|
||||
# shellcheck shell=bash
|
||||
exit 0
|
||||
|
||||
#################
|
||||
# NGINX SETTING #
|
||||
|
||||
@@ -13,12 +13,7 @@ export SECRET_KEY=$(bashio::config 'SECRET_KEY') && bashio::log.blue "SECRET_KEY
|
||||
# Allow ingress #
|
||||
#################
|
||||
|
||||
#bashio::log.info "Setting ingress"
|
||||
#ingress_entry="$(bashio::addon.ingress_entry)"
|
||||
#export SCRIPT_NAME="$ingress_entry"
|
||||
#export JS_REVERSE_SCRIPT_PREFIX="${ingress_entry}/"
|
||||
#export STATIC_URL="${ingress_entry}/static/"
|
||||
#export MEDIA_URL="${ingress_entry}/media/"
|
||||
sed -i "s|href=\"{% base_path request \'base\' %}\"|href=\"{% base_path request \'base\' %}/\"|g" /opt/recipes/cookbook/templates/base.html
|
||||
|
||||
###################
|
||||
# Define database #
|
||||
@@ -93,8 +88,8 @@ chmod 755 /data/recipes/staticfiles
|
||||
ln -s /config/addons_config/tandoor_recipes/mediafiles /opt/recipes
|
||||
ln -s /data/recipes/staticfiles /opt/recipes
|
||||
|
||||
#bashio::log.info "Launching nginx"
|
||||
#exec nginx & echo "done"
|
||||
bashio::log.info "Launching nginx"
|
||||
exec nginx & echo "done"
|
||||
|
||||
bashio::log.info "Launching app"
|
||||
cd /opt/recipes || exit
|
||||
|
||||
@@ -1,4 +1,3 @@
|
||||
root /dev/null;
|
||||
server_name $hostname;
|
||||
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
|
||||
@@ -4,67 +4,31 @@ server {
|
||||
include /etc/nginx/includes/proxy_params.conf;
|
||||
client_max_body_size 0;
|
||||
|
||||
root /opt/recipes/cookbook;
|
||||
|
||||
location / {
|
||||
# Security
|
||||
######################
|
||||
allow 172.30.32.2;
|
||||
deny all;
|
||||
proxy_hide_header "X-Content-Type-Options";
|
||||
proxy_pass http://127.0.0.1:8080;
|
||||
proxy_buffering off;
|
||||
proxy_read_timeout 30;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Host $http_host; # try $host instead if this doesn't work
|
||||
proxy_set_header X-Forwarded-Proto $scheme; # http or https
|
||||
|
||||
# Allow ingress subpath
|
||||
proxy_set_header X-Script-Name %%ingress_entry%%;
|
||||
proxy_cookie_path / %%ingress_entry%%/;
|
||||
|
||||
# Base
|
||||
######################
|
||||
#proxy_bind $server_addr;
|
||||
proxy_pass http://127.0.0.1:8080;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_buffering off;
|
||||
proxy_read_timeout 30;
|
||||
# Rewrite url
|
||||
sub_filter_once off;
|
||||
sub_filter_types *;
|
||||
sub_filter "/static" "%%ingress_entry%%/static";
|
||||
sub_filter "/media" "%%ingress_entry%%/media";
|
||||
|
||||
# Avoid mixed contents
|
||||
######################
|
||||
if ($http_referer ~* "^(http[s]?)://([^:]+):(\d*)(/.*)$")
|
||||
{
|
||||
set $x_scheme $1;
|
||||
set $x_host $2;
|
||||
set $x_port ":$3";
|
||||
# Allow frames
|
||||
proxy_hide_header "Content-Security-Policy";
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
add_header Access-Control-Allow-Origin *;
|
||||
proxy_set_header Accept-Encoding "";
|
||||
}
|
||||
if ($http_referer ~* "^(http[s]?)://([^:]+)(/.*)$")
|
||||
{
|
||||
set $x_scheme $1;
|
||||
set $x_host $2;
|
||||
set $x_port "";
|
||||
}
|
||||
proxy_set_header X-Scheme $x_scheme;
|
||||
proxy_redirect http://$host/ $x_scheme://$x_host$x_port/;
|
||||
proxy_redirect $x_scheme://$host/ $x_scheme://$x_host$x_port/;
|
||||
|
||||
# Allow subpath
|
||||
######################
|
||||
proxy_set_header X-Script-Name %%ingress_entry%%;
|
||||
proxy_cookie_path / %%ingress_entry%%/;
|
||||
|
||||
# Allow iframe
|
||||
######################
|
||||
proxy_hide_header "Content-Security-Policy";
|
||||
proxy_hide_header X-Frame-Options;
|
||||
add_header Access-Control-Allow-Origin *;
|
||||
proxy_set_header Accept-Encoding "";
|
||||
|
||||
# Rewrite url
|
||||
######################
|
||||
sub_filter_once off;
|
||||
sub_filter_types *;
|
||||
sub_filter "/static" "%%ingress_entry%%/static";
|
||||
sub_filter "/media" "%%ingress_entry%%/media";
|
||||
sub_filter "/view" "%%ingress_entry%%/view";
|
||||
sub_filter "/search" "%%ingress_entry%%/search";
|
||||
sub_filter "/edit" "%%ingress_entry%%/edit";
|
||||
#sub_filter "%%ingress_entry%%/%%ingress_entry%%/" "/";
|
||||
#sub_filter "/api" "%%ingress_entry%%/api";
|
||||
#sub_filter "%%ingress_entry%%/api/hassio" "/api/hassio";
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user