mirror of
https://github.com/nextcloud/all-in-one.git
synced 2025-09-11 00:55:19 +08:00
80 lines
1.6 KiB
Bash
Executable file
80 lines
1.6 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
|
|
function loop {
|
|
readarray -t sorted < <(echo "$3" | tr "$2" '\n' | sort -r)
|
|
for i in "${sorted[@]}"; do
|
|
"template_loop_$1" "$i"
|
|
done
|
|
|
|
}
|
|
|
|
function template_loop_route {
|
|
IFS=',' read -ra array <<< "$1"
|
|
TARGET="${array[0]}"
|
|
ROUTE="${array[1]}"
|
|
if [ "${array[2]}" == "1" ]; then
|
|
URI_STRIP_PREFIX="uri strip_prefix $ROUTE"
|
|
fi
|
|
|
|
cat << CADDY
|
|
|
|
route $ROUTE/* {
|
|
$URI_STRIP_PREFIX
|
|
reverse_proxy $TARGET
|
|
}
|
|
CADDY
|
|
}
|
|
|
|
if [ -n "$APACHE_PORT" ] && [ "$APACHE_PORT" != "443" ]; then
|
|
TRUSTED_PROXIES="trusted_proxies static private_ranges"
|
|
AUTO_HTTPS="auto_https off"
|
|
TARGET="http://:$APACHE_PORT"
|
|
else
|
|
IPv4_ADDRESS="$(dig "$APACHE_HOST" A +short +search | head -1 | sed 's|[0-9]\+$|0/16|')"
|
|
TRUSTED_PROXIES="trusted_proxies static $IPv4_ADDRESS"
|
|
AUTO_HTTPS="auto_https disable_redirects"
|
|
TARGET="https://$NC_DOMAIN:443"
|
|
fi
|
|
|
|
if [ -n "$ADDITIONAL_TRUSTED_DOMAIN" ]; then
|
|
ADDITIONAL_TARGET="https://$ADDITIONAL_TRUSTED_DOMAIN:443"
|
|
fi
|
|
|
|
cat << CADDY
|
|
{
|
|
$AUTO_HTTPS
|
|
|
|
storage file_system {
|
|
root /mnt/data/caddy
|
|
}
|
|
|
|
servers {
|
|
$TRUSTED_PROXIES
|
|
}
|
|
|
|
log {
|
|
level ERROR
|
|
}
|
|
}
|
|
|
|
$ADDITIONAL_TARGET
|
|
$TARGET {
|
|
header -Server
|
|
header -X-Powered-By
|
|
$(loop route ';' "$CADDY_ROUTES")
|
|
route {
|
|
header Strict-Transport-Security max-age=31536000;
|
|
reverse_proxy localhost:8000
|
|
}
|
|
redir /.well-known/carddav /remote.php/dav/ 301
|
|
redir /.well-known/caldav /remote.php/dav/ 301
|
|
|
|
tls {
|
|
issuer acme {
|
|
disable_http_challenge
|
|
}
|
|
}
|
|
}
|
|
|
|
CADDY
|