Fixed #26: Added NO_HOME_SERVICES to hide Kiwix-serve homepage

Now accepts a `NO_HOME_SERVICES` environ that list services which `/` endpoint is redirected to the main FQDN
offspot · Dec 13, 2023 · edcb63b · edcb63b
1 parent 2661ede
commit edcb63b
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/reverse-proxy/README.md b/reverse-proxy/README.md
@@ -10,7 +10,8 @@ Configuration is done solely via environment variables
 | -------------------- | ------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | `FQDN`               | `generic.hotspot`  | Hostname to serve at                                                                                                                                            |
 | `SERVICES`           |                    | `,`-separated list of services to configure. Either `name` (service-name) or `name:target:port` for special ones. Ex `kiwix,edupi,api.edupi:edupi:8080`         |
-| `PROTECTED_SERVICES` |                    | `,`-separated list of services to password-protect<sup>1</sup>. `name:username:password` format (clear text password). Ex `kiwix,admin,passW0rd`   | 
+| `PROTECTED_SERVICES` |                    | `,`-separated list of services to password-protect<sup>1</sup>. `name:username:password` format (clear text password). Ex `kiwix,admin,passW0rd`                |
+| `NO_HOME_SERVICES`   |                    | `,`-separated list of services to redirect their `/` to the hotspot-home. Used to disable kiwix-serve home.                                                     | 
 | `FILES_MAPPING`      |                    | `,`-separated list of `{subdomain}:{subfolder}` mapping for files-related services (using a single files service). Ex `nomad:nomadeducation,download-zims:zims` |
 | `DEBUG`              |                    | Set any value to enable Caddy debug output                                                                                                                      |
 

diff --git a/reverse-proxy/gen-caddyfile.py b/reverse-proxy/gen-caddyfile.py
@@ -46,6 +46,7 @@ class Service:
     username: str | None = None
     password: str | None = None
     password_e: str | None = None
+    disable_home: bool | None = False
 
     @classmethod
     def from_line(cls, text: str):
@@ -80,6 +81,9 @@ def should_protect(self) -> bool:
     svc_name = svc.split(":", 1)[0]
     if svc_name in services:
         services[svc_name].protect_from(svc)
+for svc_name in os.getenv("NO_HOME_SERVICES", "").split(","):
+    if svc_name in services:
+        services[svc_name].disable_home = True
 
 files_map: dict[str, str] = {
     entry.split(":", 1)[0]: entry.split(":", 1)[1]
@@ -136,6 +140,9 @@ def should_protect(self) -> bool:
         {{service.username}} {{service.password_e}}
     }
     {% endif %}
+    {% if service.disable_home %}
+    redir / {scheme}://{$FQDN} permanent
+    {% endif %}
     reverse_proxy {{service.target}}:{{service.port}}
     handle_errors {
         respond "HTTP {http.error.status_code} Error ({http.error.message})"