satorix-rails 1.1.5 → 1.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4876a5e6ee331480036e881d9f29f53bafe511f3
4
- data.tar.gz: 564f4cde3b91cb9f722d54c1b87eb1ca410c9139
3
+ metadata.gz: 76063a9ea77ea0c60f4e2ba46697056f10bb0614
4
+ data.tar.gz: f47562d65c50acf5d26d4be62e3713491bf0cd4f
5
5
  SHA512:
6
- metadata.gz: dedd5c9ac27adeacf3c2b003f028afdddbcc6a11b0f229f9abe4b9d1d4a762452b9418fa15f113ace2b24317d9b767492843786a1b9f24b46f940bbecf17c03b
7
- data.tar.gz: 4ba09535c6e545f1271dade019f2abc3985944ade2f886943744badd09a97faa2f22ab525d60a3b03d47820a300e57113d31da9e8320b0686d49fe7040758b34
6
+ metadata.gz: f698b2fbd9da5c59efd44c2c1eaba9348624b2c2792f5f5bcb12e5e08e8ca0f641f4a7484283d628483dd41d1700adf736af5397067926162d33092a1809a7aa
7
+ data.tar.gz: 3fe8f1912029819edd3d9828723db5ab517b155628cb10fbb83f22fee49b878476272deca0416816d413310c10e5e588ca1d23d43720858b54128829de1e4a0f
@@ -13,7 +13,6 @@ module Satorix
13
13
 
14
14
  template 'install/config/passenger_standalone/nginx.conf.erb', 'config/passenger_standalone/nginx.conf.erb'
15
15
 
16
- template 'install/config/passenger_standalone/includes/htpasswd_source.erb', 'config/passenger_standalone/includes/htpasswd_source.erb'
17
16
  template 'install/config/passenger_standalone/includes/authentication.erb', 'config/passenger_standalone/includes/authentication.erb'
18
17
  template 'install/config/passenger_standalone/includes/page_level_redirects.erb', 'config/passenger_standalone/includes/page_level_redirects.erb'
19
18
  template 'install/config/passenger_standalone/includes/proxy_configuration.erb', 'config/passenger_standalone/includes/proxy_configuration.erb'
@@ -1,28 +1,41 @@
1
1
  # Authentication
2
- #
3
- # Allow listed networks to access without auth, otherwise require password
4
- <%%
5
- password_files = {}
6
2
 
7
- # Write out htpasswd file(s), from source files in config/passenger_standalone/includes
8
- # to allow dynamically generated htpasswd file(s), most likely from env vars.
9
- %w[htpasswd].each do |password_file|
10
- passenger_standalone_includes = File.expand_path(__dir__)
11
- password_files[password_file] = File.join( passenger_standalone_includes, password_file )
12
- contents = include_passenger_custom_template("#{ password_file }_source.erb")
13
- File.open(password_files[password_file], 'w') {|f| f.write(contents) }
3
+ <%%-
4
+ # The password_files hash defines which password files will be written out.
5
+ # The generated password files should be ignored from version control.
6
+ # Each desired password file should be specified as a key, with the value being a source for the file contents.
7
+ # The contents should include hashed username/password combinations, separated by whitespace.
8
+ # These can be generated using the htpasswd application, or an online tool like http://www.htaccesstools.com/htpasswd-generator/
9
+ # For more info, see: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/
10
+ password_files = {
11
+ 'htpasswd' => ENV['SATORIX_AUTHENTICATION_HTPASSWDS']
12
+ }
13
+
14
+ def password_file_location(filename)
15
+ passenger_standalone_includes_location = File.expand_path(__dir__)
16
+ File.join( passenger_standalone_includes_location, filename )
17
+ end
18
+
19
+ password_files.each do |file_name, raw_contents|
20
+ contents = raw_contents.to_s.split.join("\n")
21
+ File.open(password_file_location(filename), 'w') {|f| f.write(contents) } unless contents.empty?
14
22
  end
15
- %>
16
23
 
24
+ allowed_without_auth = ENV['SATORIX_AUTHENTICATION_ALLOWED_IPS'].to_s.split
25
+ allowed_without_auth = ['any'] if allowed_without_auth.empty?
26
+ -%>
27
+
28
+ # Allow listed networks to access without auth, otherwise require password if defined
17
29
  location / {
18
30
  satisfy any;
19
- <%% ENV['SATORIX_AUTHENTICATION_ALLOWED_IPS'].to_s.split(' ').each do |target| -%>
31
+ deny all;
32
+ <%% allowed_without_auth.each do |target| -%>
20
33
  allow <%%= target %>;
21
34
  <%% end -%>
22
- deny all;
35
+ <%% if File.file?(password_file_location('htpasswd')) -%>
23
36
  auth_basic "Please Log In";
24
- auth_basic_user_file <%%= password_files['htpasswd'] %>;
37
+ auth_basic_user_file <%%= password_file_location('htpasswd') %>;
38
+ <%% end -%>
25
39
  }
26
40
 
27
-
28
41
  # End Authentication
@@ -21,7 +21,7 @@
21
21
  <%% end %>
22
22
 
23
23
  # Use the internal Flynn network set X-Forwarded-For header for access IPs.
24
- set_real_ip_from <%%= ENV['SATORIX_REAL_IP_FROM'].presence? || '100.100.0.0/16' %>;
24
+ set_real_ip_from <%%= ENV['SATORIX_REAL_IP_FROM'] || '100.100.0.0/16' %>;
25
25
  real_ip_header X-Forwarded-For;
26
26
 
27
27
  # End Proxy Configuration
@@ -1,7 +1,7 @@
1
1
  module Satorix
2
2
  module Rails
3
3
  module Version
4
- VERSION = '1.1.5'
4
+ VERSION = '1.1.6'
5
5
  end
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: satorix-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.5
4
+ version: 1.1.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Internet Exposure
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2019-09-11 00:00:00.000000000 Z
11
+ date: 2019-09-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: passenger
@@ -93,7 +93,6 @@ files:
93
93
  - lib/rails/generators/templates/install/.gitlab-ci.yml
94
94
  - lib/rails/generators/templates/install/Procfile
95
95
  - lib/rails/generators/templates/install/config/passenger_standalone/includes/authentication.erb
96
- - lib/rails/generators/templates/install/config/passenger_standalone/includes/htpasswd_source.erb
97
96
  - lib/rails/generators/templates/install/config/passenger_standalone/includes/page_level_redirects.erb
98
97
  - lib/rails/generators/templates/install/config/passenger_standalone/includes/proxy_configuration.erb
99
98
  - lib/rails/generators/templates/install/config/passenger_standalone/nginx.conf.erb
@@ -1,6 +0,0 @@
1
- <%%# This value should include hashed username/password combinations, separated by whitespace -%>
2
- <%%# These can be generated using the htpasswd application, or an online tool like http://www.htaccesstools.com/htpasswd-generator/ -%>
3
- <%%# For more info, see: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ -%>
4
- <%%= ENV['SATORIX_AUTHENTICATION_HTPASSWDS'].to_s.split.join("\n") %>
5
-
6
-