[ARVADOS] updated: 2.1.0-9-g8127b5d5d
Git user
git at public.arvados.org
Thu Oct 15 21:10:43 UTC 2020
Summary of changes:
tools/arvbox/lib/arvbox/docker/cluster-config.sh | 2 +-
tools/arvbox/lib/arvbox/docker/common.sh | 1 +
tools/arvbox/lib/arvbox/docker/service/nginx/run | 14 ++++++++++++++
.../lib/arvbox/docker/service/workbench/run-service | 20 --------------------
4 files changed, 16 insertions(+), 21 deletions(-)
via 8127b5d5dd999248731dd67c1c99e2045795e3e2 (commit)
from c6c2f3518bc745eed95b5f5b81db5d17db4366ff (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit 8127b5d5dd999248731dd67c1c99e2045795e3e2
Author: Peter Amstutz <peter.amstutz at curii.com>
Date: Thu Oct 15 17:06:45 2020 -0400
Separate inline/download keep-web ports refs #16812
This makes inline viewing of private files work as expected with
arvbox, which is helpful for development and testing.
It relies on "TrustAllContent: true", so it is also XSS insecure.
Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>
diff --git a/tools/arvbox/lib/arvbox/docker/cluster-config.sh b/tools/arvbox/lib/arvbox/docker/cluster-config.sh
index 948eb00a5..708af17d5 100755
--- a/tools/arvbox/lib/arvbox/docker/cluster-config.sh
+++ b/tools/arvbox/lib/arvbox/docker/cluster-config.sh
@@ -105,7 +105,7 @@ Clusters:
WebDAVDownload:
InternalURLs:
"http://localhost:${services[keep-web]}/": {}
- ExternalURL: "https://$localip:${services[keep-web-ssl]}/"
+ ExternalURL: "https://$localip:${services[keep-web-dl-ssl]}/"
Composer:
ExternalURL: "https://$localip:${services[composer]}"
Controller:
diff --git a/tools/arvbox/lib/arvbox/docker/common.sh b/tools/arvbox/lib/arvbox/docker/common.sh
index 48d356640..eb53e1904 100644
--- a/tools/arvbox/lib/arvbox/docker/common.sh
+++ b/tools/arvbox/lib/arvbox/docker/common.sh
@@ -38,6 +38,7 @@ services=(
[arv-git-httpd]=9001
[keep-web]=9003
[keep-web-ssl]=9002
+ [keep-web-dl-ssl]=9004
[keepproxy]=25100
[keepproxy-ssl]=25101
[keepstore0]=25107
diff --git a/tools/arvbox/lib/arvbox/docker/service/nginx/run b/tools/arvbox/lib/arvbox/docker/service/nginx/run
index 82db92137..991927be7 100755
--- a/tools/arvbox/lib/arvbox/docker/service/nginx/run
+++ b/tools/arvbox/lib/arvbox/docker/service/nginx/run
@@ -144,6 +144,20 @@ http {
proxy_redirect off;
}
}
+ server {
+ listen *:${services[keep-web-dl-ssl]} ssl default_server;
+ server_name keep-web-dl;
+ ssl_certificate "${server_cert}";
+ ssl_certificate_key "${server_cert_key}";
+ client_max_body_size 0;
+ location / {
+ proxy_pass http://keep-web;
+ proxy_set_header Host \$http_host;
+ proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto https;
+ proxy_redirect off;
+ }
+ }
upstream keepproxy {
server localhost:${services[keepproxy]};
diff --git a/tools/arvbox/lib/arvbox/docker/service/workbench/run-service b/tools/arvbox/lib/arvbox/docker/service/workbench/run-service
index eba22372f..32efea51b 100755
--- a/tools/arvbox/lib/arvbox/docker/service/workbench/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/workbench/run-service
@@ -43,25 +43,5 @@ set -u
secret_token=$(cat $ARVADOS_CONTAINER_PATH/workbench_secret_token)
-if test -a /usr/src/arvados/apps/workbench/config/arvados_config.rb ; then
- rm -f config/application.yml
-else
-cat >config/application.yml <<EOF
-$RAILS_ENV:
- secret_token: $secret_token
- arvados_login_base: https://$localip:${services[controller-ssl]}/login
- arvados_v1_base: https://$localip:${services[controller-ssl]}/arvados/v1
- arvados_insecure_https: false
- keep_web_download_url: https://$localip:${services[keep-web-ssl]}/c=%{uuid_or_pdh}
- keep_web_url: https://$localip:${services[keep-web-ssl]}/c=%{uuid_or_pdh}
- arvados_docsite: http://$localip:${services[doc]}/
- force_ssl: false
- composer_url: http://$localip:${services[composer]}
- workbench2_url: https://$localip:${services[workbench2-ssl]}
-EOF
-
-(cd config && /usr/local/lib/arvbox/yml_override.py application.yml)
-fi
-
RAILS_GROUPS=assets flock $GEM_HOME/gems.lock bundle exec rake npm:install
flock $GEM_HOME/gems.lock bundle exec rake assets:precompile
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list