#!/bin/bash -e usage() { cat << EOF Usage: configure-web-proxy Configure a local web proxy for openQA. Options: -h, --help display this help -p, --proxy=PROXY web proxy to configure (default: apache) choose from: nginx, apache -P, --port=PORT port to configure EOF exit "$1" } opts=$(getopt -o hp:P: -l help,proxy:,port: -n "$0" -- "$@") || usage 1 eval set -- "$opts" web_proxy="apache" web_port="" while true; do case "$1" in -h | --help) usage 0 ;; -p | --proxy) web_proxy=${2#*=} shift 2 ;; -P | --port) web_port=${2#*=} shift 2 ;; --) shift break ;; *) break ;; esac done echo -e "[openid]\nhttpsonly = 0" > /etc/openqa/openqa.ini.d/01-enable-http-auth.ini etc_proxy=/etc/${web_proxy/apache/apache2} for v in vhosts.d sites-available; do if [[ -e "${etc_proxy}/${v}/openqa.conf.template" ]]; then vhosts_dir="${etc_proxy}/${v}" break fi done if [[ -z $vhosts_dir ]]; then printf "%s: ERROR: template file not found under '%s'\n" "$0" "$etc_proxy" exit 1 fi if [[ $web_proxy == "nginx" ]]; then echo "Setting up nginx" sed "s/openqa.example.com/$(hostname)/" "${vhosts_dir}/openqa.conf.template" > "${vhosts_dir}/openqa.conf" # IPv6 uses [::]:80 syntax instead of just a port if [[ -n "$web_port" ]]; then sed -Ei "s@(.*listen.*)80@\1${web_port}@g" "${vhosts_dir}/openqa.conf" "${etc_proxy}/nginx.conf" fi sed -i -e 's/^\([^#]*server_name[[:space:]]\+localhost;\)/#\1/' /etc/nginx/nginx.conf elif [[ $web_proxy == "apache" || $web_proxy == "apache2" ]]; then echo "Setting up apache" for i in headers proxy proxy_http proxy_wstunnel rewrite; do a2enmod $i; done sed "s/#ServerName.*$/ServerName $(hostname)/" "${vhosts_dir}/openqa.conf.template" > "${vhosts_dir}/openqa.conf" if [[ -n "$web_port" ]]; then sed -i "s/^Listen.*$/Listen $web_port/" "${etc_proxy}/listen.conf" fi else echo "No supported proxy: $web_proxy" exit 1 fi if which semanage &> /dev/null; then echo "Setting SELinux boolean httpd_can_network_connect to 1 allowing web proxy to connect to openQA daemon" semanage boolean -m -1 httpd_can_network_connect fi