Feature: https only -- adds option to enforce https on running instances (#48)
* Adding HTTPS enforcement Command line runs of Whoogle Search through pip/pipx/etc will need the `--https-only` flag appended to the run command. Docker runs require the `use_https` build arg applied. * Update README.md Moved https-only note to top of docker run command, updated pip runner help output * Dockerfile: removed HTTPS enforcement, updated PORT setting Dockerfile no longer enforces an HTTPS connection, but still allows for setting via a build arg. The Flask server port is now configurable as a build arg as well, by setting a port number to "whoogle_port" * Fixed incorrect port assignmentmain
parent
afd5b9aa83
commit
1ed6178e9a
|
@ -10,8 +10,14 @@ RUN mkdir $config_dir
|
|||
VOLUME $config_dir
|
||||
ENV CONFIG_VOLUME=$config_dir
|
||||
|
||||
ARG use_https=''
|
||||
ENV HTTPS_ONLY=$use_https
|
||||
|
||||
ARG whoogle_port=5000
|
||||
ENV EXPOSE_PORT=$whoogle_port
|
||||
|
||||
COPY . .
|
||||
|
||||
EXPOSE 5000
|
||||
EXPOSE $EXPOSE_PORT
|
||||
|
||||
CMD ["./whoogle-search"]
|
||||
|
|
|
@ -72,6 +72,7 @@ Sandboxed temporary instance:
|
|||
```bash
|
||||
$ whoogle-search --help
|
||||
usage: whoogle-search [-h] [--port <port number>] [--host <ip address>] [--debug]
|
||||
[--https-only]
|
||||
|
||||
Whoogle Search console runner
|
||||
|
||||
|
@ -79,7 +80,8 @@ optional arguments:
|
|||
-h, --help show this help message and exit
|
||||
--port <port number> Specifies a port to run on (default 5000)
|
||||
--host <ip address> Specifies the host address to use (default 127.0.0.1)
|
||||
--debug Activates debug mode for the Flask server (default False)
|
||||
--debug Activates debug mode for the server (default False)
|
||||
--https-only Enforces HTTPS redirects for all requests (default False)
|
||||
```
|
||||
|
||||
### D) Manual
|
||||
|
@ -124,7 +126,7 @@ docker build --tag whoogle-search:1.0 .
|
|||
docker run --publish 5000:5000 --detach --name whoogle-search whoogle-search:1.0
|
||||
```
|
||||
|
||||
And kill with: `docker rm --force whooglesearch`
|
||||
And kill with: `docker rm --force whoogle-search`
|
||||
|
||||
#### Using [Heroku CLI](https://devcenter.heroku.com/articles/heroku-cli)
|
||||
```bash
|
||||
|
|
|
@ -20,6 +20,12 @@ CONFIG_PATH = os.getenv('CONFIG_VOLUME', app.config['STATIC_FOLDER']) + '/config
|
|||
|
||||
@app.before_request
|
||||
def before_request_func():
|
||||
# Always redirect to https if HTTPS_ONLY is set
|
||||
if os.getenv('HTTPS_ONLY', False) and request.url.startswith('http://'):
|
||||
url = request.url.replace('http://', 'https://', 1)
|
||||
code = 301
|
||||
return redirect(url, code=code)
|
||||
|
||||
json_config = json.load(open(CONFIG_PATH)) if os.path.exists(CONFIG_PATH) else {'url': request.url_root}
|
||||
g.user_config = Config(**json_config)
|
||||
|
||||
|
@ -162,7 +168,11 @@ def run_app():
|
|||
help='Specifies the host address to use (default 127.0.0.1)')
|
||||
parser.add_argument('--debug', default=False, action='store_true',
|
||||
help='Activates debug mode for the server (default False)')
|
||||
parser.add_argument('--https-only', default=False, action='store_true',
|
||||
help='Enforces HTTPS redirects for all requests')
|
||||
args = parser.parse_args()
|
||||
os.environ['HTTPS_ONLY'] = '1' if args.https_only else ''
|
||||
|
||||
if args.debug:
|
||||
app.run(host=args.host, port=args.port, debug=args.debug)
|
||||
else:
|
||||
|
|
|
@ -7,7 +7,7 @@ SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd -P)"
|
|||
|
||||
# Set default port if unavailable
|
||||
if [[ -z "${PORT}" ]]; then
|
||||
PORT=5000
|
||||
PORT="${EXPOSE_PORT:-5000}"
|
||||
fi
|
||||
|
||||
# Set directory to serve static content from
|
||||
|
|
Loading…
Reference in New Issue