From dd16412362c8a2510dc947444227dcfaf2e8a92b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Fri, 10 Dec 2021 11:11:23 +0100 Subject: [PATCH] foris-ws: switch authentication to turris-auth The authentication to foris-ws should be just using turris-auth as the rest. We are working on removal of authentication from reForis and thus we need to switch foris-ws to it as well. This disabled login in foris-ws itself and instead relies on authorizer configured in Lighttpd. --- web/foris-controller/foris-ws/Makefile | 3 ++- web/foris-controller/foris-ws/files/foris-ws.init | 2 +- web/foris-controller/foris-ws/files/lighttpd-foris-ws.conf | 1 + 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/web/foris-controller/foris-ws/Makefile b/web/foris-controller/foris-ws/Makefile index 89359959b..82a0bd51c 100644 --- a/web/foris-controller/foris-ws/Makefile +++ b/web/foris-controller/foris-ws/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=foris-ws PKG_VERSION:=1.6.2 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://gitlab.nic.cz/turris/foris-controller/foris-ws.git @@ -37,6 +37,7 @@ define Package/foris-ws +foris-client \ +python3-ubus \ +lighttpd-mod-proxy \ + +turris-auth \ +fosquitto \ +python3-cachelib \ +python3-paho-mqtt diff --git a/web/foris-controller/foris-ws/files/foris-ws.init b/web/foris-controller/foris-ws/files/foris-ws.init index 91fe46216..321761428 100755 --- a/web/foris-controller/foris-ws/files/foris-ws.init +++ b/web/foris-controller/foris-ws/files/foris-ws.init @@ -38,7 +38,7 @@ start_service() { config_get mqtt_host mqtt host "localhost" config_get mqtt_port mqtt port "11883" config_get credentials_file mqtt credentials_file "/etc/fosquitto/credentials.plain" - procd_set_param command "$PROG" ${debug_arg:-} -a ubus filesystem --host "127.0.0.1" --port "$port" mqtt --mqtt-host "${mqtt_host}" --mqtt-port "${mqtt_port}" --mqtt-passwd-file "${credentials_file}" + procd_set_param command "$PROG" ${debug_arg:-} -a none --host "127.0.0.1" --port "$port" mqtt --mqtt-host "${mqtt_host}" --mqtt-port "${mqtt_port}" --mqtt-passwd-file "${credentials_file}" procd_set_param respawn procd_close_instance } diff --git a/web/foris-controller/foris-ws/files/lighttpd-foris-ws.conf b/web/foris-controller/foris-ws/files/lighttpd-foris-ws.conf index 65525928a..e299d9094 100644 --- a/web/foris-controller/foris-ws/files/lighttpd-foris-ws.conf +++ b/web/foris-controller/foris-ws/files/lighttpd-foris-ws.conf @@ -1,4 +1,5 @@ $HTTP["url"] =~ "^/foris-ws$" { + fastcgi.server = ( "/" => ( turris_auth_scriptname => turris_auth )) proxy.server = ( "" => ( ( "host" => "127.0.0.1", "port" => "9080" ) ) ) proxy.header = ( "upgrade" => "enable" ) } -- GitLab