satorix-rails 1.1.5 → 1.1.6

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/rails/generators/satorix/install_generator.rb +0 -1
  3. data/lib/rails/generators/templates/install/config/passenger_standalone/includes/authentication.erb +29 -16
  4. data/lib/rails/generators/templates/install/config/passenger_standalone/includes/proxy_configuration.erb +1 -1
  5. data/lib/satorix/rails/version.rb +1 -1
  6. metadata +2 -3
  7. data/lib/rails/generators/templates/install/config/passenger_standalone/includes/htpasswd_source.erb +0 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4876a5e6ee331480036e881d9f29f53bafe511f3
4
- data.tar.gz: 564f4cde3b91cb9f722d54c1b87eb1ca410c9139
3
+ metadata.gz: 76063a9ea77ea0c60f4e2ba46697056f10bb0614
4
+ data.tar.gz: f47562d65c50acf5d26d4be62e3713491bf0cd4f
5
5
  SHA512:
6
- metadata.gz: dedd5c9ac27adeacf3c2b003f028afdddbcc6a11b0f229f9abe4b9d1d4a762452b9418fa15f113ace2b24317d9b767492843786a1b9f24b46f940bbecf17c03b
7
- data.tar.gz: 4ba09535c6e545f1271dade019f2abc3985944ade2f886943744badd09a97faa2f22ab525d60a3b03d47820a300e57113d31da9e8320b0686d49fe7040758b34
6
+ metadata.gz: f698b2fbd9da5c59efd44c2c1eaba9348624b2c2792f5f5bcb12e5e08e8ca0f641f4a7484283d628483dd41d1700adf736af5397067926162d33092a1809a7aa
7
+ data.tar.gz: 3fe8f1912029819edd3d9828723db5ab517b155628cb10fbb83f22fee49b878476272deca0416816d413310c10e5e588ca1d23d43720858b54128829de1e4a0f
data/lib/rails/generators/satorix/install_generator.rb CHANGED
@@ -13,7 +13,6 @@ module Satorix
13
13
 
14
14
  template 'install/config/passenger_standalone/nginx.conf.erb', 'config/passenger_standalone/nginx.conf.erb'
15
15
 
16
- template 'install/config/passenger_standalone/includes/htpasswd_source.erb', 'config/passenger_standalone/includes/htpasswd_source.erb'
17
16
  template 'install/config/passenger_standalone/includes/authentication.erb', 'config/passenger_standalone/includes/authentication.erb'
18
17
  template 'install/config/passenger_standalone/includes/page_level_redirects.erb', 'config/passenger_standalone/includes/page_level_redirects.erb'
19
18
  template 'install/config/passenger_standalone/includes/proxy_configuration.erb', 'config/passenger_standalone/includes/proxy_configuration.erb'
data/lib/rails/generators/templates/install/config/passenger_standalone/includes/authentication.erb CHANGED
@@ -1,28 +1,41 @@
1
1
  # Authentication
2
- #
3
- # Allow listed networks to access without auth, otherwise require password
4
- <%%
5
- password_files = {}
6
2
 
7
- # Write out htpasswd file(s), from source files in config/passenger_standalone/includes
8
- # to allow dynamically generated htpasswd file(s), most likely from env vars.
9
- %w[htpasswd].each do |password_file|
10
- passenger_standalone_includes = File.expand_path(__dir__)
11
- password_files[password_file] = File.join( passenger_standalone_includes, password_file )
12
- contents = include_passenger_custom_template("#{ password_file }_source.erb")
13
- File.open(password_files[password_file], 'w') {|f| f.write(contents) }
3
+ <%%-
4
+ # The password_files hash defines which password files will be written out.
5
+ # The generated password files should be ignored from version control.
6
+ # Each desired password file should be specified as a key, with the value being a source for the file contents.
7
+ # The contents should include hashed username/password combinations, separated by whitespace.
8
+ # These can be generated using the htpasswd application, or an online tool like http://www.htaccesstools.com/htpasswd-generator/
9
+ # For more info, see: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/
10
+ password_files = {
11
+ 'htpasswd' => ENV['SATORIX_AUTHENTICATION_HTPASSWDS']
12
+ }
13
+
14
+ def password_file_location(filename)
15
+ passenger_standalone_includes_location = File.expand_path(__dir__)
16
+ File.join( passenger_standalone_includes_location, filename )
17
+ end
18
+
19
+ password_files.each do |file_name, raw_contents|
20
+ contents = raw_contents.to_s.split.join("\n")
21
+ File.open(password_file_location(filename), 'w') {|f| f.write(contents) } unless contents.empty?
14
22
  end
15
- %>
16
23
 
24
+ allowed_without_auth = ENV['SATORIX_AUTHENTICATION_ALLOWED_IPS'].to_s.split
25
+ allowed_without_auth = ['any'] if allowed_without_auth.empty?
26
+ -%>
27
+
28
+ # Allow listed networks to access without auth, otherwise require password if defined
17
29
  location / {
18
30
  satisfy any;
19
- <%% ENV['SATORIX_AUTHENTICATION_ALLOWED_IPS'].to_s.split(' ').each do |target| -%>
31
+ deny all;
32
+ <%% allowed_without_auth.each do |target| -%>
20
33
  allow <%%= target %>;
21
34
  <%% end -%>
22
- deny all;
35
+ <%% if File.file?(password_file_location('htpasswd')) -%>
23
36
  auth_basic "Please Log In";
24
- auth_basic_user_file <%%= password_files['htpasswd'] %>;
37
+ auth_basic_user_file <%%= password_file_location('htpasswd') %>;
38
+ <%% end -%>
25
39
  }
26
40
 
27
-
28
41
  # End Authentication
data/lib/rails/generators/templates/install/config/passenger_standalone/includes/proxy_configuration.erb CHANGED
@@ -21,7 +21,7 @@
21
21
  <%% end %>
22
22
 
23
23
  # Use the internal Flynn network set X-Forwarded-For header for access IPs.
24
- set_real_ip_from <%%= ENV['SATORIX_REAL_IP_FROM'].presence? || '100.100.0.0/16' %>;
24
+ set_real_ip_from <%%= ENV['SATORIX_REAL_IP_FROM'] || '100.100.0.0/16' %>;
25
25
  real_ip_header X-Forwarded-For;
26
26
 
27
27
  # End Proxy Configuration
data/lib/satorix/rails/version.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  module Satorix
2
2
  module Rails
3
3
  module Version
4
- VERSION = '1.1.5'
4
+ VERSION = '1.1.6'
5
5
  end
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: satorix-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.5
4
+ version: 1.1.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Internet Exposure
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2019-09-11 00:00:00.000000000 Z
11
+ date: 2019-09-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: passenger
@@ -93,7 +93,6 @@ files:
93
93
  - lib/rails/generators/templates/install/.gitlab-ci.yml
94
94
  - lib/rails/generators/templates/install/Procfile
95
95
  - lib/rails/generators/templates/install/config/passenger_standalone/includes/authentication.erb
96
- - lib/rails/generators/templates/install/config/passenger_standalone/includes/htpasswd_source.erb
97
96
  - lib/rails/generators/templates/install/config/passenger_standalone/includes/page_level_redirects.erb
98
97
  - lib/rails/generators/templates/install/config/passenger_standalone/includes/proxy_configuration.erb
99
98
  - lib/rails/generators/templates/install/config/passenger_standalone/nginx.conf.erb
data/lib/rails/generators/templates/install/config/passenger_standalone/includes/htpasswd_source.erb DELETED
@@ -1,6 +0,0 @@
1
- <%%# This value should include hashed username/password combinations, separated by whitespace -%>
2
- <%%# These can be generated using the htpasswd application, or an online tool like http://www.htaccesstools.com/htpasswd-generator/ -%>
3
- <%%# For more info, see: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ -%>
4
- <%%= ENV['SATORIX_AUTHENTICATION_HTPASSWDS'].to_s.split.join("\n") %>
5
-
6
-