diff options
Diffstat (limited to 'gomf/run-gomf.bash')
| -rw-r--r-- | gomf/run-gomf.bash | 90 |
1 files changed, 90 insertions, 0 deletions
diff --git a/gomf/run-gomf.bash b/gomf/run-gomf.bash new file mode 100644 index 0000000..b4acd88 --- /dev/null +++ b/gomf/run-gomf.bash @@ -0,0 +1,90 @@ +#!/bin/bash + +set -eu + +############################################################################### + +# The Gomf binary +GOMF_BIN=/app/gomf + +# Root folder for Gomf containing gomf-web files +# +# All paths in other options are relative to this. +# Defaults to current directory if not set. +GOMF_ROOT=/gomf + +# The host to listen on for HTTP and/or HTTPS +# +# Use 'localhost' if using local reverse proxy, 0.0.0.0 to listen to any host +# or a specific hostname to only allow connections to that address. +LISTEN_HOST=0.0.0.0 + +# The port to listen on for HTTP +# +# 80 for a standard HTTP server, probably a higher port (e.g. 9000) if +# reverse-proxied. +HTTP_PORT=9000 + +# The port to listen on for HTTPS +# +# 443 for a standard HTTPS server. Requires TLS_CERT and TLS_KEY +#HTTPS_PORT=443 + +# SSL certificate for HTTPS +#TLS_CERT=cert.pem + +# SSL certificate key for HTTPS +#TLS_KEY=key.pem + +# Redirect traffic accepted with the HTTP handler to HTTOS +# +# Uses the same host, path and query as the incomming request, just rewrites +# the scheme to https://. +# Only works when serving directly. If a reverse proxy is used, it should be +# also used to set up this redirect instead. +#REDIRECT_HTTPS=0 + +source /gomf.conf + +############################################################################### + +flags=() +[ -n "${GOMF_ROOT:-}" ] && cd "$GOMF_ROOT" +[ -n "${NAME:-}" ] && flags+=(--name "$NAME") +[ -n "${UPLOAD_HOST:-}" ] && flags+=(--upload-host "$UPLOAD_HOST") +[ -n "${UPLOAD_URL:-}" ] && flags+=(--upload-url "$UPLOAD_URL") +[ -n "${CONTACT_EMAIL:-}" ] && flags+=(--contact "$CONTACT_EMAIL") +[ -n "${ABUSE_EMAIL:-}" ] && flags+=(--abuse "$ABUSE_EMAIL") +[ -n "${HTTP_PORT:-}" ] && flags+=(--http "${LISTEN_HOST:-localhost}:$HTTP_PORT") +[ -n "${HTTPS_PORT:-}" ] && [ -n "${TLS_CERT:-}" ] && [ -n "${TLS_KEY:-}" ] && flags+=( + --https "${LISTEN_HOST:-localhost}:$HTTPS_PORT" + --cert "$TLS_CERT" --key "$TLS_KEY") +[ "${REDIRECT_HTTPS:-0}" -ne 0 ] && flags+=(--redirect-https) +[ "${HSTS:-0}" -ne 0 ] && flags+=(--hsts) +[ -n "${ID_CHARSET:-}" ] && flags+=(--id-charset "$ID_CHARSET") +[ -n "${ID_LENGTH:-}" ] && flags+=(--id-length "$ID_LENGTH") +[ -n "${MAX_SIZE_MIB:-}" ] && flags+=(--max-size "$((MAX_SIZE_MIB*1024*1024))") +[ "${WHITELIST:-0}" -ne 0 ] && flags+=(--whitelist) +oldifs="$IFS" IFS=, +[ -n "$(declare -p FILTER_EXT 2>/dev/null)" ] && flags+=(--filter-ext "${FILTER_EXT[*]}") +[ -n "$(declare -p FILTER_MIME 2>/dev/null)" ] && flags+=(--filter-mime "${FILTER_MIME[*]}") +IFS="$oldifs" +[ "${ALLOW_HTML:-0}" -ne 0 ] && flags+=(--allow-html) +[ "${CORS:-0}" -ne 0 ] && flags+=(--cors) +[ "${GRILL:-0}" -ne 0 ] && flags+=(--grill) +[ -n "${CSP:-}" ] && [ "$CSP" = 0 ] && flags+=(--csp '') +[ -n "${CSP:-}" ] && ! [ "$CSP" = 0 ] && flags+=(--csp "$CSP") +[ "${LOG:-0}" -ne 0 ] && flags+=(--log) +[ "${LOG_IP:-0}" -ne 0 ] && flags+=(--log-ip) +[ "${LOG_IP_HASH:-0}" -ne 0 ] && flags+=(--log-ip-hash) +[ "${LOG_UA:-0}" -ne 0 ] && flags+=(--log-ua) +[ "${LOG_UA_HASH:-0}" -ne 0 ] && flags+=(--log-ua-hash) +[ "${LOG_REFERER:-0}" -ne 0 ] && flags+=(--log-referer) +[ "${LOG_REFERER_HASH:-0}" -ne 0 ] && flags+=(--log-referer-hash) +[ -n "${LOG_HASH_SALT:-}" ] && flags+=(--log-hash-salt "$LOG_HASH_SALT") +[ -n "${PROXY_COUNT:-}" ] && flags+=(--proxy-count "$PROXY_COUNT") + +printf "%s" "${GOMF_BIN:-gomf}" +[ "${#flags}" -gt 0 ] && printf " \"%s\"" "${flags[@]}" +printf "\n" +exec "${GOMF_BIN:-gomf}" "${flags[@]}" |