tooling box ./utils/*: minor fix from production test

2020-02-04 19:47:33 +01:00 · 2020-02-04 19:47:33 +01:00 · 71d7550dbe
parent 2f40f61f83
commit 71d7550dbe
8 changed files with 29 additions and 7 deletions
--- a/.config.sh
+++ b/.config.sh
@ -1,6 +1,6 @@
 # -*- coding: utf-8; mode: sh -*-
 # SPDX-License-Identifier: AGPL-3.0-or-later
-# shellcheck shell=bash
+# shellcheck shell=bash disable=SC2034
 #
 # This environment is used by ./utils scripts like filtron.sh or searx.sh.  The
 # default values are *most flexible* and *best maintained*, you normally not
--- a/utils/filtron.sh
+++ b/utils/filtron.sh
@ -96,7 +96,7 @@ If needed, set PUBLIC_URL of your WEB service in the '${DOT_CONFIG#"$REPO_ROOT/"
  FILTRON_TARGET : ${FILTRON_TARGET}

 EOF
-    [ ! -z ${1+x} ] &&  err_msg "$1"
+    [ ! -z "${1+x}" ] &&  err_msg "$1"
 }

 main() {
--- a/utils/lib.sh
+++ b/utils/lib.sh
@ -279,7 +279,7 @@ cache_download() {
        else
            wget --progress=bar -O "${CACHE}/$2" "$1" ; exit_value=$?
        fi
-        if [[ $exit_value = 0 ]]; then
+        if [[ ! $exit_value = 0 ]]; then
            err_msg "failed to download: $1"
        fi
    fi
--- a/utils/morty.sh
+++ b/utils/morty.sh
@ -84,7 +84,7 @@ ${DOT_CONFIG#"$REPO_ROOT/"} file::
  SERVICE_USER :   ${SERVICE_USER}
 EOF
    info_searx
-    [ ! -z ${1+x} ] &&  err_msg "$1"
+    [ ! -z "${1+x}" ] &&  err_msg "$1"
 }

 info_searx() {
@ -196,6 +196,12 @@ install_all() {
    if ! service_is_available "http://${MORTY_LISTEN}" ; then
        err_msg "Morty does not listening on: http://${MORTY_LISTEN}"
    fi
+    if apache_is_installed; then
+        info_msg "Apache is installed on this host."
+        if ask_yn "Do you want to install a reverse proxy (ProxyPass)" Yn; then
+            install_apache_site
+        fi
+    fi
    if ask_yn "Do you want to inspect the installation?" Yn; then
        inspect_service
    fi
--- a/utils/searx.sh
+++ b/utils/searx.sh
@ -110,7 +110,7 @@ If needed, set PUBLIC_URL of your WEB service in the '${DOT_CONFIG#"$REPO_ROOT/"
  SERVICE_USER        : ${SERVICE_USER}

 EOF
-    [ ! -z ${1+x} ] &&  err_msg "$1"
+    [ ! -z "${1+x}" ] &&  err_msg "$1"
 }

 main() {
@ -403,8 +403,8 @@ test_local_searx() {
    tee_stderr 0.1 <<EOF | sudo -H -u "${SERVICE_USER}" -i 2>&1 |  prefix_stdout "$_service_prefix"
 cd ${SEARX_SRC}
 sed -i -e "s/debug : False/debug : True/g" "$SEARX_SETTINGS"
-timeout 5 python3 searx/webapp.py &
-sleep 1
+timeout 10 python3 searx/webapp.py &
+sleep 3
 curl --location --verbose --head --insecure $SEARX_INTERNAL_URL
 sed -i -e "s/debug : True/debug : False/g" "$SEARX_SETTINGS"
 EOF
--- a/utils/templates/etc/apache2/sites-available/morty.conf
+++ b/utils/templates/etc/apache2/sites-available/morty.conf
@ -4,7 +4,12 @@ ProxyPreserveHost On

 <Location ${PUBLIC_URL_PATH_MORTY} >

+    <IfModule mod_security2.c>
+        SecRuleEngine Off
+    </IfModule>
+
    Require all granted
+
    Order deny,allow
    Deny from all
    #Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1
--- a/utils/templates/etc/apache2/sites-available/searx.conf:filtron
+++ b/utils/templates/etc/apache2/sites-available/searx.conf:filtron
@ -2,9 +2,18 @@

 ProxyPreserveHost On

+# SecRuleRemoveById 981054
+# SecRuleRemoveById 981059
+# SecRuleRemoveById 981060
+
 <Location ${FILTRON_URL_PATH} >

+    <IfModule mod_security2.c>
+        SecRuleEngine Off
+    </IfModule>
+
    Require all granted
+
    Order deny,allow
    Deny from all
    #Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1
--- a/utils/templates/etc/apache2/sites-available/searx.conf:uwsgi
+++ b/utils/templates/etc/apache2/sites-available/searx.conf:uwsgi
@ -11,6 +11,8 @@
            SecRuleEngine Off
        </IfModule>

+	Require all granted
+
        Options FollowSymLinks Indexes
        SetHandler uwsgi-handler
        uWSGISocket ${SEARX_UWSGI_SOCKET}