tooling box ./utils/*: minor fix from production test

This commit is contained in:
Markus Heiser 2020-02-04 19:47:33 +01:00
parent 2f40f61f83
commit 71d7550dbe
8 changed files with 29 additions and 7 deletions

View file

@ -1,6 +1,6 @@
# -*- coding: utf-8; mode: sh -*- # -*- coding: utf-8; mode: sh -*-
# SPDX-License-Identifier: AGPL-3.0-or-later # SPDX-License-Identifier: AGPL-3.0-or-later
# shellcheck shell=bash # shellcheck shell=bash disable=SC2034
# #
# This environment is used by ./utils scripts like filtron.sh or searx.sh. The # This environment is used by ./utils scripts like filtron.sh or searx.sh. The
# default values are *most flexible* and *best maintained*, you normally not # default values are *most flexible* and *best maintained*, you normally not

View file

@ -96,7 +96,7 @@ If needed, set PUBLIC_URL of your WEB service in the '${DOT_CONFIG#"$REPO_ROOT/"
FILTRON_TARGET : ${FILTRON_TARGET} FILTRON_TARGET : ${FILTRON_TARGET}
EOF EOF
[ ! -z ${1+x} ] && err_msg "$1" [ ! -z "${1+x}" ] && err_msg "$1"
} }
main() { main() {

View file

@ -279,7 +279,7 @@ cache_download() {
else else
wget --progress=bar -O "${CACHE}/$2" "$1" ; exit_value=$? wget --progress=bar -O "${CACHE}/$2" "$1" ; exit_value=$?
fi fi
if [[ $exit_value = 0 ]]; then if [[ ! $exit_value = 0 ]]; then
err_msg "failed to download: $1" err_msg "failed to download: $1"
fi fi
fi fi

View file

@ -84,7 +84,7 @@ ${DOT_CONFIG#"$REPO_ROOT/"} file::
SERVICE_USER : ${SERVICE_USER} SERVICE_USER : ${SERVICE_USER}
EOF EOF
info_searx info_searx
[ ! -z ${1+x} ] && err_msg "$1" [ ! -z "${1+x}" ] && err_msg "$1"
} }
info_searx() { info_searx() {
@ -196,6 +196,12 @@ install_all() {
if ! service_is_available "http://${MORTY_LISTEN}" ; then if ! service_is_available "http://${MORTY_LISTEN}" ; then
err_msg "Morty does not listening on: http://${MORTY_LISTEN}" err_msg "Morty does not listening on: http://${MORTY_LISTEN}"
fi fi
if apache_is_installed; then
info_msg "Apache is installed on this host."
if ask_yn "Do you want to install a reverse proxy (ProxyPass)" Yn; then
install_apache_site
fi
fi
if ask_yn "Do you want to inspect the installation?" Yn; then if ask_yn "Do you want to inspect the installation?" Yn; then
inspect_service inspect_service
fi fi

View file

@ -110,7 +110,7 @@ If needed, set PUBLIC_URL of your WEB service in the '${DOT_CONFIG#"$REPO_ROOT/"
SERVICE_USER : ${SERVICE_USER} SERVICE_USER : ${SERVICE_USER}
EOF EOF
[ ! -z ${1+x} ] && err_msg "$1" [ ! -z "${1+x}" ] && err_msg "$1"
} }
main() { main() {
@ -403,8 +403,8 @@ test_local_searx() {
tee_stderr 0.1 <<EOF | sudo -H -u "${SERVICE_USER}" -i 2>&1 | prefix_stdout "$_service_prefix" tee_stderr 0.1 <<EOF | sudo -H -u "${SERVICE_USER}" -i 2>&1 | prefix_stdout "$_service_prefix"
cd ${SEARX_SRC} cd ${SEARX_SRC}
sed -i -e "s/debug : False/debug : True/g" "$SEARX_SETTINGS" sed -i -e "s/debug : False/debug : True/g" "$SEARX_SETTINGS"
timeout 5 python3 searx/webapp.py & timeout 10 python3 searx/webapp.py &
sleep 1 sleep 3
curl --location --verbose --head --insecure $SEARX_INTERNAL_URL curl --location --verbose --head --insecure $SEARX_INTERNAL_URL
sed -i -e "s/debug : True/debug : False/g" "$SEARX_SETTINGS" sed -i -e "s/debug : True/debug : False/g" "$SEARX_SETTINGS"
EOF EOF

View file

@ -4,7 +4,12 @@ ProxyPreserveHost On
<Location ${PUBLIC_URL_PATH_MORTY} > <Location ${PUBLIC_URL_PATH_MORTY} >
<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>
Require all granted Require all granted
Order deny,allow Order deny,allow
Deny from all Deny from all
#Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1 #Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1

View file

@ -2,9 +2,18 @@
ProxyPreserveHost On ProxyPreserveHost On
# SecRuleRemoveById 981054
# SecRuleRemoveById 981059
# SecRuleRemoveById 981060
<Location ${FILTRON_URL_PATH} > <Location ${FILTRON_URL_PATH} >
<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>
Require all granted Require all granted
Order deny,allow Order deny,allow
Deny from all Deny from all
#Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1 #Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1

View file

@ -11,6 +11,8 @@
SecRuleEngine Off SecRuleEngine Off
</IfModule> </IfModule>
Require all granted
Options FollowSymLinks Indexes Options FollowSymLinks Indexes
SetHandler uwsgi-handler SetHandler uwsgi-handler
uWSGISocket ${SEARX_UWSGI_SOCKET} uWSGISocket ${SEARX_UWSGI_SOCKET}