mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
4016ff1bba
* Removal of the Redirect header sent by Authelia /api/verify endpoint. * Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host to compute the link sent in identity verification emails. * Authelia used Host header as the application name for U2F authentication but it's now using X-Forwarded-* headers.
86 lines
3.6 KiB
JavaScript
Executable File
86 lines
3.6 KiB
JavaScript
Executable File
#!/usr/bin/env node
|
|
|
|
var { exec } = require('./utils/exec');
|
|
var fs = require('fs');
|
|
|
|
async function buildDockerImages() {
|
|
console.log("[BOOTSTRAP] Building required Docker images...");
|
|
|
|
console.log('Build authelia-example-backend docker image.')
|
|
await exec('docker build -t authelia-example-backend example/compose/nginx/backend');
|
|
|
|
console.log('Build authelia-duo-api docker image.')
|
|
await exec('docker build -t authelia-duo-api example/compose/duo-api');
|
|
}
|
|
|
|
async function checkHostsFile() {
|
|
async function checkAndFixEntry(entries, domain, ip) {
|
|
const foundEntry = entries.filter(l => l[1] == domain);
|
|
if (foundEntry.length > 0) {
|
|
if (foundEntry[0][0] == ip) {
|
|
// The entry exists and is correct.
|
|
return;
|
|
}
|
|
else {
|
|
// We need to remove the entry and replace it.
|
|
console.log(`Update entry for ${domain}.`);
|
|
await exec(`cat /etc/hosts | grep -v "${domain}" | /usr/bin/sudo tee /etc/hosts > /dev/null`);
|
|
await exec(`echo "${ip} ${domain}" | /usr/bin/sudo tee -a /etc/hosts > /dev/null`);
|
|
}
|
|
}
|
|
else {
|
|
// We need to add the new entry.
|
|
console.log(`Add entry for ${domain}.`);
|
|
await exec(`echo "${ip} ${domain}" | /usr/bin/sudo tee -a /etc/hosts > /dev/null`);
|
|
}
|
|
}
|
|
|
|
console.log("[BOOTSTRAP] Checking if example.com domain is forwarded to your machine...");
|
|
const actualEntries = fs.readFileSync("/etc/hosts").toString("utf-8")
|
|
.split("\n").filter(l => l !== '').map(l => l.split(" ").filter(w => w !== ''));
|
|
|
|
await checkAndFixEntry(actualEntries, 'login.example.com', '192.168.240.100');
|
|
await checkAndFixEntry(actualEntries, 'admin.example.com', '192.168.240.100');
|
|
await checkAndFixEntry(actualEntries, 'singlefactor.example.com', '192.168.240.100');
|
|
await checkAndFixEntry(actualEntries, 'dev.example.com', '192.168.240.100');
|
|
await checkAndFixEntry(actualEntries, 'home.example.com', '192.168.240.100');
|
|
await checkAndFixEntry(actualEntries, 'mx1.mail.example.com', '192.168.240.100');
|
|
await checkAndFixEntry(actualEntries, 'mx2.mail.example.com', '192.168.240.100');
|
|
await checkAndFixEntry(actualEntries, 'public.example.com', '192.168.240.100');
|
|
await checkAndFixEntry(actualEntries, 'secure.example.com', '192.168.240.100');
|
|
await checkAndFixEntry(actualEntries, 'mail.example.com', '192.168.240.100');
|
|
await checkAndFixEntry(actualEntries, 'duo.example.com', '192.168.240.100');
|
|
|
|
// For Traefik suite.
|
|
await checkAndFixEntry(actualEntries, 'traefik.example.com', '192.168.240.100');
|
|
|
|
// For testing network ACLs.
|
|
await checkAndFixEntry(actualEntries, 'proxy-client1.example.com', '192.168.240.201');
|
|
await checkAndFixEntry(actualEntries, 'proxy-client2.example.com', '192.168.240.202');
|
|
await checkAndFixEntry(actualEntries, 'proxy-client3.example.com', '192.168.240.203');
|
|
}
|
|
|
|
async function checkKubernetesDependencies() {
|
|
console.log("[BOOTSTRAP] Checking Kubernetes tools in /tmp to allow testing a Kube cluster... (no junk installed on host)");
|
|
|
|
if (!fs.existsSync('/tmp/kind')) {
|
|
console.log('Install Kind for spawning a Kubernetes cluster.');
|
|
await exec('wget https://github.com/clems4ever/kind/releases/download/0.1.0-cmic1/kind-linux-amd64 -O /tmp/kind && chmod +x /tmp/kind');
|
|
}
|
|
|
|
if (!fs.existsSync('/tmp/kubectl')) {
|
|
console.log('Install Kubectl for interacting with Kubernetes.');
|
|
await exec('wget https://storage.googleapis.com/kubernetes-release/release/v1.13.0/bin/linux/amd64/kubectl -O /tmp/kubectl && chmod +x /tmp/kubectl');
|
|
}
|
|
}
|
|
|
|
async function main() {
|
|
await checkHostsFile();
|
|
await buildDockerImages();
|
|
await checkKubernetesDependencies();
|
|
}
|
|
|
|
main().catch((err) => {
|
|
console.error(err);
|
|
process.exit(1);
|
|
}) |