satorix-rails 1.1.5 → 1.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/rails/generators/satorix/install_generator.rb +0 -1
- data/lib/rails/generators/templates/install/config/passenger_standalone/includes/authentication.erb +29 -16
- data/lib/rails/generators/templates/install/config/passenger_standalone/includes/proxy_configuration.erb +1 -1
- data/lib/satorix/rails/version.rb +1 -1
- metadata +2 -3
- data/lib/rails/generators/templates/install/config/passenger_standalone/includes/htpasswd_source.erb +0 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 76063a9ea77ea0c60f4e2ba46697056f10bb0614
|
4
|
+
data.tar.gz: f47562d65c50acf5d26d4be62e3713491bf0cd4f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f698b2fbd9da5c59efd44c2c1eaba9348624b2c2792f5f5bcb12e5e08e8ca0f641f4a7484283d628483dd41d1700adf736af5397067926162d33092a1809a7aa
|
7
|
+
data.tar.gz: 3fe8f1912029819edd3d9828723db5ab517b155628cb10fbb83f22fee49b878476272deca0416816d413310c10e5e588ca1d23d43720858b54128829de1e4a0f
|
@@ -13,7 +13,6 @@ module Satorix
|
|
13
13
|
|
14
14
|
template 'install/config/passenger_standalone/nginx.conf.erb', 'config/passenger_standalone/nginx.conf.erb'
|
15
15
|
|
16
|
-
template 'install/config/passenger_standalone/includes/htpasswd_source.erb', 'config/passenger_standalone/includes/htpasswd_source.erb'
|
17
16
|
template 'install/config/passenger_standalone/includes/authentication.erb', 'config/passenger_standalone/includes/authentication.erb'
|
18
17
|
template 'install/config/passenger_standalone/includes/page_level_redirects.erb', 'config/passenger_standalone/includes/page_level_redirects.erb'
|
19
18
|
template 'install/config/passenger_standalone/includes/proxy_configuration.erb', 'config/passenger_standalone/includes/proxy_configuration.erb'
|
data/lib/rails/generators/templates/install/config/passenger_standalone/includes/authentication.erb
CHANGED
@@ -1,28 +1,41 @@
|
|
1
1
|
# Authentication
|
2
|
-
#
|
3
|
-
# Allow listed networks to access without auth, otherwise require password
|
4
|
-
<%%
|
5
|
-
password_files = {}
|
6
2
|
|
7
|
-
|
8
|
-
#
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
3
|
+
<%%-
|
4
|
+
# The password_files hash defines which password files will be written out.
|
5
|
+
# The generated password files should be ignored from version control.
|
6
|
+
# Each desired password file should be specified as a key, with the value being a source for the file contents.
|
7
|
+
# The contents should include hashed username/password combinations, separated by whitespace.
|
8
|
+
# These can be generated using the htpasswd application, or an online tool like http://www.htaccesstools.com/htpasswd-generator/
|
9
|
+
# For more info, see: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/
|
10
|
+
password_files = {
|
11
|
+
'htpasswd' => ENV['SATORIX_AUTHENTICATION_HTPASSWDS']
|
12
|
+
}
|
13
|
+
|
14
|
+
def password_file_location(filename)
|
15
|
+
passenger_standalone_includes_location = File.expand_path(__dir__)
|
16
|
+
File.join( passenger_standalone_includes_location, filename )
|
17
|
+
end
|
18
|
+
|
19
|
+
password_files.each do |file_name, raw_contents|
|
20
|
+
contents = raw_contents.to_s.split.join("\n")
|
21
|
+
File.open(password_file_location(filename), 'w') {|f| f.write(contents) } unless contents.empty?
|
14
22
|
end
|
15
|
-
%>
|
16
23
|
|
24
|
+
allowed_without_auth = ENV['SATORIX_AUTHENTICATION_ALLOWED_IPS'].to_s.split
|
25
|
+
allowed_without_auth = ['any'] if allowed_without_auth.empty?
|
26
|
+
-%>
|
27
|
+
|
28
|
+
# Allow listed networks to access without auth, otherwise require password if defined
|
17
29
|
location / {
|
18
30
|
satisfy any;
|
19
|
-
|
31
|
+
deny all;
|
32
|
+
<%% allowed_without_auth.each do |target| -%>
|
20
33
|
allow <%%= target %>;
|
21
34
|
<%% end -%>
|
22
|
-
|
35
|
+
<%% if File.file?(password_file_location('htpasswd')) -%>
|
23
36
|
auth_basic "Please Log In";
|
24
|
-
auth_basic_user_file <%%=
|
37
|
+
auth_basic_user_file <%%= password_file_location('htpasswd') %>;
|
38
|
+
<%% end -%>
|
25
39
|
}
|
26
40
|
|
27
|
-
|
28
41
|
# End Authentication
|
@@ -21,7 +21,7 @@
|
|
21
21
|
<%% end %>
|
22
22
|
|
23
23
|
# Use the internal Flynn network set X-Forwarded-For header for access IPs.
|
24
|
-
set_real_ip_from <%%= ENV['SATORIX_REAL_IP_FROM']
|
24
|
+
set_real_ip_from <%%= ENV['SATORIX_REAL_IP_FROM'] || '100.100.0.0/16' %>;
|
25
25
|
real_ip_header X-Forwarded-For;
|
26
26
|
|
27
27
|
# End Proxy Configuration
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: satorix-rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.1.
|
4
|
+
version: 1.1.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Internet Exposure
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-09-
|
11
|
+
date: 2019-09-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: passenger
|
@@ -93,7 +93,6 @@ files:
|
|
93
93
|
- lib/rails/generators/templates/install/.gitlab-ci.yml
|
94
94
|
- lib/rails/generators/templates/install/Procfile
|
95
95
|
- lib/rails/generators/templates/install/config/passenger_standalone/includes/authentication.erb
|
96
|
-
- lib/rails/generators/templates/install/config/passenger_standalone/includes/htpasswd_source.erb
|
97
96
|
- lib/rails/generators/templates/install/config/passenger_standalone/includes/page_level_redirects.erb
|
98
97
|
- lib/rails/generators/templates/install/config/passenger_standalone/includes/proxy_configuration.erb
|
99
98
|
- lib/rails/generators/templates/install/config/passenger_standalone/nginx.conf.erb
|
data/lib/rails/generators/templates/install/config/passenger_standalone/includes/htpasswd_source.erb
DELETED
@@ -1,6 +0,0 @@
|
|
1
|
-
<%%# This value should include hashed username/password combinations, separated by whitespace -%>
|
2
|
-
<%%# These can be generated using the htpasswd application, or an online tool like http://www.htaccesstools.com/htpasswd-generator/ -%>
|
3
|
-
<%%# For more info, see: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ -%>
|
4
|
-
<%%= ENV['SATORIX_AUTHENTICATION_HTPASSWDS'].to_s.split.join("\n") %>
|
5
|
-
|
6
|
-
|