satorix-rails 1.1.5 → 1.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/rails/generators/satorix/install_generator.rb +0 -1
  3. data/lib/rails/generators/templates/install/config/passenger_standalone/includes/authentication.erb +29 -16
  4. data/lib/rails/generators/templates/install/config/passenger_standalone/includes/proxy_configuration.erb +1 -1
  5. data/lib/satorix/rails/version.rb +1 -1
  6. metadata +2 -3
  7. data/lib/rails/generators/templates/install/config/passenger_standalone/includes/htpasswd_source.erb +0 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4876a5e6ee331480036e881d9f29f53bafe511f3
4
- data.tar.gz: 564f4cde3b91cb9f722d54c1b87eb1ca410c9139
3
+ metadata.gz: 76063a9ea77ea0c60f4e2ba46697056f10bb0614
4
+ data.tar.gz: f47562d65c50acf5d26d4be62e3713491bf0cd4f
5
5
  SHA512:
6
- metadata.gz: dedd5c9ac27adeacf3c2b003f028afdddbcc6a11b0f229f9abe4b9d1d4a762452b9418fa15f113ace2b24317d9b767492843786a1b9f24b46f940bbecf17c03b
7
- data.tar.gz: 4ba09535c6e545f1271dade019f2abc3985944ade2f886943744badd09a97faa2f22ab525d60a3b03d47820a300e57113d31da9e8320b0686d49fe7040758b34
6
+ metadata.gz: f698b2fbd9da5c59efd44c2c1eaba9348624b2c2792f5f5bcb12e5e08e8ca0f641f4a7484283d628483dd41d1700adf736af5397067926162d33092a1809a7aa
7
+ data.tar.gz: 3fe8f1912029819edd3d9828723db5ab517b155628cb10fbb83f22fee49b878476272deca0416816d413310c10e5e588ca1d23d43720858b54128829de1e4a0f
data/lib/rails/generators/satorix/install_generator.rb CHANGED
@@ -13,7 +13,6 @@ module Satorix
13
13
 
14
14
  template 'install/config/passenger_standalone/nginx.conf.erb', 'config/passenger_standalone/nginx.conf.erb'
15
15
 
16
- template 'install/config/passenger_standalone/includes/htpasswd_source.erb', 'config/passenger_standalone/includes/htpasswd_source.erb'
17
16
  template 'install/config/passenger_standalone/includes/authentication.erb', 'config/passenger_standalone/includes/authentication.erb'
18
17
  template 'install/config/passenger_standalone/includes/page_level_redirects.erb', 'config/passenger_standalone/includes/page_level_redirects.erb'
19
18
  template 'install/config/passenger_standalone/includes/proxy_configuration.erb', 'config/passenger_standalone/includes/proxy_configuration.erb'
data/lib/rails/generators/templates/install/config/passenger_standalone/includes/authentication.erb CHANGED
@@ -1,28 +1,41 @@
1
1
  # Authentication
2
- #
3
- # Allow listed networks to access without auth, otherwise require password
4
- <%%
5
- password_files = {}
6
2
 
7
- # Write out htpasswd file(s), from source files in config/passenger_standalone/includes
8
- # to allow dynamically generated htpasswd file(s), most likely from env vars.
9
- %w[htpasswd].each do |password_file|
10
- passenger_standalone_includes = File.expand_path(__dir__)
11
- password_files[password_file] = File.join( passenger_standalone_includes, password_file )
12
- contents = include_passenger_custom_template("#{ password_file }_source.erb")
13
- File.open(password_files[password_file], 'w') {|f| f.write(contents) }
3
+ <%%-
4
+ # The password_files hash defines which password files will be written out.
5
+ # The generated password files should be ignored from version control.
6
+ # Each desired password file should be specified as a key, with the value being a source for the file contents.
7
+ # The contents should include hashed username/password combinations, separated by whitespace.
8
+ # These can be generated using the htpasswd application, or an online tool like http://www.htaccesstools.com/htpasswd-generator/
9
+ # For more info, see: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/
10
+ password_files = {
11
+ 'htpasswd' => ENV['SATORIX_AUTHENTICATION_HTPASSWDS']
12
+ }
13
+
14
+ def password_file_location(filename)
15
+ passenger_standalone_includes_location = File.expand_path(__dir__)
16
+ File.join( passenger_standalone_includes_location, filename )
17
+ end
18
+
19
+ password_files.each do |file_name, raw_contents|
20
+ contents = raw_contents.to_s.split.join("\n")
21
+ File.open(password_file_location(filename), 'w') {|f| f.write(contents) } unless contents.empty?
14
22
  end
15
- %>
16
23
 
24
+ allowed_without_auth = ENV['SATORIX_AUTHENTICATION_ALLOWED_IPS'].to_s.split
25
+ allowed_without_auth = ['any'] if allowed_without_auth.empty?
26
+ -%>
27
+
28
+ # Allow listed networks to access without auth, otherwise require password if defined
17
29
  location / {
18
30
  satisfy any;
19
- <%% ENV['SATORIX_AUTHENTICATION_ALLOWED_IPS'].to_s.split(' ').each do |target| -%>
31
+ deny all;
32
+ <%% allowed_without_auth.each do |target| -%>
20
33
  allow <%%= target %>;
21
34
  <%% end -%>
22
- deny all;
35
+ <%% if File.file?(password_file_location('htpasswd')) -%>
23
36
  auth_basic "Please Log In";
24
- auth_basic_user_file <%%= password_files['htpasswd'] %>;
37
+ auth_basic_user_file <%%= password_file_location('htpasswd') %>;
38
+ <%% end -%>
25
39
  }
26
40
 
27
-
28
41
  # End Authentication
data/lib/rails/generators/templates/install/config/passenger_standalone/includes/proxy_configuration.erb CHANGED
@@ -21,7 +21,7 @@
21
21
  <%% end %>
22
22
 
23
23
  # Use the internal Flynn network set X-Forwarded-For header for access IPs.
24
- set_real_ip_from <%%= ENV['SATORIX_REAL_IP_FROM'].presence? || '100.100.0.0/16' %>;
24
+ set_real_ip_from <%%= ENV['SATORIX_REAL_IP_FROM'] || '100.100.0.0/16' %>;
25
25
  real_ip_header X-Forwarded-For;
26
26
 
27
27
  # End Proxy Configuration
data/lib/satorix/rails/version.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  module Satorix
2
2
  module Rails
3
3
  module Version
4
- VERSION = '1.1.5'
4
+ VERSION = '1.1.6'
5
5
  end
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: satorix-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.5
4
+ version: 1.1.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Internet Exposure
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2019-09-11 00:00:00.000000000 Z
11
+ date: 2019-09-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: passenger
@@ -93,7 +93,6 @@ files:
93
93
  - lib/rails/generators/templates/install/.gitlab-ci.yml
94
94
  - lib/rails/generators/templates/install/Procfile
95
95
  - lib/rails/generators/templates/install/config/passenger_standalone/includes/authentication.erb
96
- - lib/rails/generators/templates/install/config/passenger_standalone/includes/htpasswd_source.erb
97
96
  - lib/rails/generators/templates/install/config/passenger_standalone/includes/page_level_redirects.erb
98
97
  - lib/rails/generators/templates/install/config/passenger_standalone/includes/proxy_configuration.erb
99
98
  - lib/rails/generators/templates/install/config/passenger_standalone/nginx.conf.erb
data/lib/rails/generators/templates/install/config/passenger_standalone/includes/htpasswd_source.erb DELETED
@@ -1,6 +0,0 @@
1
- <%%# This value should include hashed username/password combinations, separated by whitespace -%>
2
- <%%# These can be generated using the htpasswd application, or an online tool like http://www.htaccesstools.com/htpasswd-generator/ -%>
3
- <%%# For more info, see: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ -%>
4
- <%%= ENV['SATORIX_AUTHENTICATION_HTPASSWDS'].to_s.split.join("\n") %>
5
-
6
-