andreas/ente-cloudron
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Route Museum GET endpoints

Browse Source
This commit is contained in:
Andreas Dueren
2025-11-04 17:10:32 -06:00
parent 98b26537a1
commit 5549f03f6e
6 changed files with 242 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

156
start.sh
View File

@@ -10,6 +10,48 @@ log() {
echo "[$timestamp] [$level] $message"
}
resolve_http_hostname() {
local env_key="$1"
local fallback="$2"
local value=""
local varname="CLOUDRON_${env_key}"
value="$(printenv "$varname" 2>/dev/null || true)"
if [ -z "$value" ]; then
local alt_varname="CLOUDRON_HTTP_PORT_${env_key}"
value="$(printenv "$alt_varname" 2>/dev/null || true)"
fi
if [ -z "$value" ]; then
if [ "$APP_FQDN" = "localhost" ]; then
printf '%s\n' "$APP_FQDN"
else
printf '%s\n' "$fallback"
fi
return
fi
value="${value%.}"
case "$value" in
"@" )
printf '%s\n' "$APP_FQDN"
;;
*@ )
printf '%s.%s\n' "${value%@}" "$APP_FQDN"
;;
*.* )
printf '%s\n' "$value"
;;
* )
if [ "$APP_FQDN" = "localhost" ]; then
printf '%s\n' "$APP_FQDN"
else
printf '%s.%s\n' "$value" "$APP_FQDN"
fi
;;
esac
}
APP_DIR="/app/code"
DATA_DIR="/app/data"
LOG_DIR="$DATA_DIR/logs"
@@ -54,21 +96,18 @@ APP_FQDN="${CLOUDRON_APP_DOMAIN:-${CLOUDRON_APP_FQDN:-localhost}}"
BASE_URL="${CLOUDRON_APP_ORIGIN:-https://$APP_FQDN}"
BASE_URL="${BASE_URL%/}"
PHOTOS_HOST="$APP_FQDN"
ACCOUNTS_HOST="$APP_FQDN"
AUTH_HOST="$APP_FQDN"
CAST_HOST="$APP_FQDN"
ALBUMS_HOST="$APP_FQDN"
FAMILY_HOST="$APP_FQDN"
PHOTOS_HOST="$(resolve_http_hostname "PHOTOS_DOMAIN" "$APP_FQDN")"
ACCOUNTS_HOST="$(resolve_http_hostname "ACCOUNTS_DOMAIN" "accounts.${APP_FQDN}")"
AUTH_HOST="$(resolve_http_hostname "AUTH_DOMAIN" "auth.${APP_FQDN}")"
CAST_HOST="$(resolve_http_hostname "CAST_DOMAIN" "cast.${APP_FQDN}")"
ALBUMS_HOST="$(resolve_http_hostname "ALBUMS_DOMAIN" "albums.${APP_FQDN}")"
FAMILY_HOST="$(resolve_http_hostname "FAMILY_DOMAIN" "family.${APP_FQDN}")"
USE_SUBDOMAIN_ROUTING=false
if [ "$APP_FQDN" != "localhost" ]; then
ACCOUNTS_HOST="accounts.${APP_FQDN}"
AUTH_HOST="auth.${APP_FQDN}"
CAST_HOST="cast.${APP_FQDN}"
ALBUMS_HOST="albums.${APP_FQDN}"
FAMILY_HOST="family.${APP_FQDN}"
USE_SUBDOMAIN_ROUTING=true
if [ "$PHOTOS_HOST" != "$APP_FQDN" ] || [ "$ACCOUNTS_HOST" != "$APP_FQDN" ] || [ "$AUTH_HOST" != "$APP_FQDN" ] || [ "$CAST_HOST" != "$APP_FQDN" ] || [ "$ALBUMS_HOST" != "$APP_FQDN" ] || [ "$FAMILY_HOST" != "$APP_FQDN" ]; then
USE_SUBDOMAIN_ROUTING=true
fi
fi
PHOTOS_URL="https://${PHOTOS_HOST}"
@@ -87,7 +126,7 @@ else
fi
if [ "$APP_FQDN" != "localhost" ]; then
API_BASE="https://${APP_FQDN}"
API_BASE="https://${PHOTOS_HOST}"
else
API_BASE="$BASE_URL"
fi
@@ -423,6 +462,13 @@ oidc:
EOF_CFG
fi
MUSEUM_OVERRIDE="$CONFIG_DIR/museum.override.yaml"
if [ -f "$MUSEUM_OVERRIDE" ]; then
log INFO "Applying museum override from $MUSEUM_OVERRIDE"
printf '\n# --- Cloudron override (user-provided) ---\n' >> "$MUSEUM_CONFIG"
cat "$MUSEUM_OVERRIDE" >> "$MUSEUM_CONFIG"
fi
chown cloudron:cloudron "$MUSEUM_CONFIG"
chmod 600 "$MUSEUM_CONFIG"
@@ -608,45 +654,81 @@ cat > "$CADDY_CONFIG" <<EOF_CADDY
reverse_proxy localhost:8080
}
@user_api path_regexp user_api ^/users($|/.*)
handle @user_api {
reverse_proxy localhost:8080 {
header_up Host {http.request.host}
header_up X-Real-IP {http.request.header.X-Forwarded-For}
header_up X-Forwarded-For {http.request.header.X-Forwarded-For}
header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
}
}
@museum_api_get {
method GET HEAD
path_regexp museum_api_get ^/(admin|authenticator|billing|cast|collections|custom-domain|diff|discount|email-hash|emails-from-hashes|emergency-contacts|family|file|file-link|files|fire|info|job|mail|metrics|multipart-upload-urls|offers|options|pass-info|passkeys|public-collection|push|queue|remote-store|storage-bonus|thumbnail|trash|unknown-api|upload-urls|user|user-entity|verify-password)(/|$)
}
handle @museum_api_get {
reverse_proxy localhost:8080 {
header_up Host {http.request.host}
header_up X-Real-IP {http.request.header.X-Forwarded-For}
header_up X-Forwarded-For {http.request.header.X-Forwarded-For}
header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
}
}
@write_methods {
not method GET
not method HEAD
}
handle @write_methods {
reverse_proxy localhost:8080 {
header_up Host {http.request.host}
header_up X-Real-IP {http.request.header.X-Forwarded-For}
header_up X-Forwarded-For {http.request.header.X-Forwarded-For}
header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
}
}
@photos_host host ${PHOTOS_HOST}
handle @photos_host {
root * $WEB_RUNTIME_DIR/photos
try_files {path} {path}/index.html /photos/index.html
try_files {path} {path}/index.html {path}.html index.html
file_server
}
@accounts_host host ${ACCOUNTS_HOST}
handle @accounts_host {
root * $WEB_RUNTIME_DIR/accounts
try_files {path} {path}/index.html /accounts/index.html
try_files {path} {path}/index.html {path}.html index.html
file_server
}
@auth_host host ${AUTH_HOST}
handle @auth_host {
root * $WEB_RUNTIME_DIR/auth
try_files {path} {path}/index.html /auth/index.html
try_files {path} {path}/index.html {path}.html index.html
file_server
}
@cast_host host ${CAST_HOST}
handle @cast_host {
root * $WEB_RUNTIME_DIR/cast
try_files {path} {path}/index.html /cast/index.html
try_files {path} {path}/index.html {path}.html index.html
file_server
}
@albums_host host ${ALBUMS_HOST}
handle @albums_host {
root * $WEB_RUNTIME_DIR/albums
try_files {path} {path}/index.html /albums/index.html
try_files {path} {path}/index.html {path}.html index.html
file_server
}
@family_host host ${FAMILY_HOST}
handle @family_host {
root * $WEB_RUNTIME_DIR/family
try_files {path} {path}/index.html /family/index.html
try_files {path} {path}/index.html {path}.html index.html
file_server
}
@@ -733,6 +815,42 @@ cat > "$CADDY_CONFIG" <<EOF_CADDY
reverse_proxy localhost:8080
}
@user_api_path path_regexp user_api_path ^/users($|/.*)
handle @user_api_path {
reverse_proxy localhost:8080 {
header_up Host {http.request.host}
header_up X-Real-IP {http.request.header.X-Forwarded-For}
header_up X-Forwarded-For {http.request.header.X-Forwarded-For}
header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
}
}
@museum_api_get_path {
method GET HEAD
path_regexp museum_api_get_path ^/(admin|authenticator|billing|cast|collections|custom-domain|diff|discount|email-hash|emails-from-hashes|emergency-contacts|family|file|file-link|files|fire|info|job|mail|metrics|multipart-upload-urls|offers|options|pass-info|passkeys|public-collection|push|queue|remote-store|storage-bonus|thumbnail|trash|unknown-api|upload-urls|user|user-entity|verify-password)(/|$)
}
handle @museum_api_get_path {
reverse_proxy localhost:8080 {
header_up Host {http.request.host}
header_up X-Real-IP {http.request.header.X-Forwarded-For}
header_up X-Forwarded-For {http.request.header.X-Forwarded-For}
header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
}
}
@write_methods_path {
not method GET
not method HEAD
}
handle @write_methods_path {
reverse_proxy localhost:8080 {
header_up Host {http.request.host}
header_up X-Real-IP {http.request.header.X-Forwarded-For}
header_up X-Forwarded-For {http.request.header.X-Forwarded-For}
header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
}
}
handle /_next/* {
root * $WEB_RUNTIME_DIR
try_files {path} auth{path} accounts{path} photos{path} cast{path} albums{path} family{path}