(setup) ask to set ALLOW_INSECURE_HTTP if DEFAULT_PROTOCOL was set to http

2025-01-18 07:52:23 +01:00 · 2022-06-13 15:35:52 +02:00 · 2022-06-13 15:35:52 +02:00 · 8a93160628
commit 8a93160628
parent 4fe0d6ecba
2 changed files with 11 additions and 0 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -7,6 +7,7 @@
 - Use relative paths in mount scripts
 - Run the docker image with the system user
 - During the setup, autoconfigure the main domain
+- During the setup, ask to set ALLOW_INSECURE_HTTP if DEFAULT_PROTOCOL was set to http
 - Fix a bug: unable to generate the secret key base during the setup
 - [TODO DEPLOY] `\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/scripts/set-docker-user.sh | bash`

--- a/setup/setup.sh
+++ b/setup/setup.sh
@ -355,6 +355,16 @@ configure_env_file()
  # we automatically generate the SECRET_KEY_BASE
  secret=$(docker-compose -f "$FABMANAGER_PATH/docker-compose.yml" run --user "$(id -u):$(id -g)" --rm "$SERVICE" bundle exec rake secret)
  sed -i.bak "s/SECRET_KEY_BASE=/SECRET_KEY_BASE=$secret/g" "$FABMANAGER_PATH/config/env"
+
+  # if DEFAULT_PROTOCOL was set to http, ALLOW_INSECURE_HTTP is probably required
+  if grep "^DEFAULT_PROTOCOL=http$" "$FABMANAGER_PATH/config/env"; then
+    get_md_anchor "$doc" "ALLOW_INSECURE_HTTP"
+    printf "You have set \e[1mDEFAULT_PROTOCOL\e[21m to \e[1mhttp\e[21m.\n"
+    read -rp "Do you want to allow insecure HTTP? (y/N) " confirm </dev/tty
+    if [ "$confirm" = "y" ]; then
+      sed -i.bak "s/ALLOW_INSECURE_HTTP=.*/ALLOW_INSECURE_HTTP=true/g" "$FABMANAGER_PATH/config/env"
+    fi
+  fi
 }

 read_password()