diff options
| author | ms <ms@taler.net> | 2021-12-01 15:44:21 +0100 |
|---|---|---|
| committer | ms <ms@taler.net> | 2021-12-01 15:44:21 +0100 |
| commit | 9db9a64b36d2aa550b93b662a605fb4987e77d5e (patch) | |
| tree | 8a22f3a3f1bee75e947e1f6f789bd8c9e42bfff4 | |
| parent | ee6f9578d38d3951513b7cbfe055349c30413257 (diff) | |
| download | deployment-9db9a64b36d2aa550b93b662a605fb4987e77d5e.tar.gz deployment-9db9a64b36d2aa550b93b662a605fb4987e77d5e.tar.bz2 deployment-9db9a64b36d2aa550b93b662a605fb4987e77d5e.zip | |
taler-local
forwarding X-Forwarded-Host's
port to the one Nginx binds to.
| -rwxr-xr-x | bin/WIP/taler-local | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/bin/WIP/taler-local b/bin/WIP/taler-local index de82c0a..123cc8d 100755 --- a/bin/WIP/taler-local +++ b/bin/WIP/taler-local @@ -1083,7 +1083,16 @@ def prepare(x_forwarded_host, x_forwarded_proto): if not TALER_UNIT_FILES_DIR.exists(): TALER_UNIT_FILES_DIR.mkdir(parents=True, exist_ok=True) - # Exchange HTTPD unit file. + # Internal redirect of X-Forwarded-Host's port + # to the port Nginx binds to. Allows clients + # connecting from within a container to still + # reach services at X-Forwarded-Host. + x_forwarded_port = x_forwarded_host.split(":")[1] + with open(TALER_UNIT_FILES_DIR / "taler-local-port-redirect.service", "w") as port_redirect_unit: + port_redirect_unit.write(unit_file_content( + description = "Port redirect allowing configuration at X-Forwarded-Host", + cmd = f"socat TCP4-LISTEN:{x_forwarded_port},fork TCP4:{REV_PROXY_NETLOC}", + )) with open(TALER_UNIT_FILES_DIR / "taler-local-exchange-httpd.service", "w") as exchange_unit: exchange_unit.write(unit_file_content( description = "Taler Exchange HTTP daemon", @@ -1242,6 +1251,9 @@ def prepare(x_forwarded_host, x_forwarded_proto): ).run() print(" OK") + print_nn("Launching X-Forwarded-Host port redirect...") + subprocess.run(["systemctl", "--user", "start", "taler-local-port-redirect.service"], check=True) + print(" OK") print_nn("Launching the reverse proxy...") with open(CFG_OUTDIR / "nginx.conf", "w") as nginx_conf: nginx_conf.write(( @@ -1484,7 +1496,7 @@ def prepare(x_forwarded_host, x_forwarded_proto): response.raise_for_status() except Exception as error: fail(error) - FACADE_URL=response.json().get("facades")[0].get("baseUrl") + FACADE_URL = response.json().get("facades")[0].get("baseUrl") print_nn("Set suggested exchange at Sandbox...") Command([ "libeufin-sandbox", @@ -1655,6 +1667,7 @@ def prepare(x_forwarded_host, x_forwarded_proto): @cli.command() def launch(): + subprocess.run(["systemctl", "--user", "start", "taler-local-port-redirect.service"], check=True) subprocess.run(["systemctl", "--user", "start", "taler-local-nginx.service"], check=True) subprocess.run(["systemctl", "--user", "start", "taler-local-exchange-secmod-rsa.service"], check=True) subprocess.run(["systemctl", "--user", "start", "taler-local-exchange-secmod-eddsa.service"], check=True) |