From fabf3f2fc29e143dabefd504cda78d3f47807d2c Mon Sep 17 00:00:00 2001 From: Mike Fellows Date: Mon, 25 Dec 2017 17:23:43 -0500 Subject: [PATCH] Add an option to allow redirect of http port 80 to https. (#1928) * Add an option to allow redirect of http port 80 to https. This is an "opt in" option (default is to not redirect). It will only redirect if protocol is https and the new REDIRECT_PORT_80 option is set to true. The Port to redirect in previous commit was hardcoded to 80, now it can be specified in the app.ini, defaulting to 80. The boolean option to turn redirection on has been changed to REDIRECT_OTHER_PORT to be logically consistent with the new port option. Signed-off-by: Mike Fellows --- cmd/web.go | 23 +++++++++++++++++++++++ custom/conf/app.ini.sample | 6 ++++++ modules/setting/setting.go | 4 ++++ 3 files changed, 33 insertions(+) diff --git a/cmd/web.go b/cmd/web.go index 55546ea4806a..473688a8b8c6 100644 --- a/cmd/web.go +++ b/cmd/web.go @@ -51,6 +51,26 @@ and it takes care of all the other things for you`, }, } +func runHTTPRedirector() { + source := fmt.Sprintf("%s:%s", setting.HTTPAddr, setting.PortToRedirect) + dest := strings.TrimSuffix(setting.AppURL, "/") + log.Info("Redirecting: %s to %s", source, dest) + + handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + target := dest + r.URL.Path + if len(r.URL.RawQuery) > 0 { + target += "?" + r.URL.RawQuery + } + http.Redirect(w, r, target, http.StatusTemporaryRedirect) + }) + + var err = runHTTP(source, context2.ClearHandler(handler)) + + if err != nil { + log.Fatal(4, "Failed to start port redirection: %v", err) + } +} + func runWeb(ctx *cli.Context) error { if ctx.IsSet("config") { setting.CustomConf = ctx.String("config") @@ -124,6 +144,9 @@ func runWeb(ctx *cli.Context) error { case setting.HTTP: err = runHTTP(listenAddr, context2.ClearHandler(m)) case setting.HTTPS: + if setting.RedirectOtherPort { + go runHTTPRedirector() + } err = runHTTPS(listenAddr, setting.CertFile, setting.KeyFile, context2.ClearHandler(m)) case setting.FCGI: listener, err := net.Listen("tcp", listenAddr) diff --git a/custom/conf/app.ini.sample b/custom/conf/app.ini.sample index abe004217f75..1a295b5dfd22 100644 --- a/custom/conf/app.ini.sample +++ b/custom/conf/app.ini.sample @@ -109,6 +109,12 @@ ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/ ; Listen address. Either a IPv4/IPv6 address or the path to a unix socket. HTTP_ADDR = 0.0.0.0 HTTP_PORT = 3000 +; If REDIRECT_OTHER_PORT is true, and PROTOCOL is set to https an http server +; will be started on PORT_TO_REDIRECT and redirect request to the main +; ROOT_URL. Defaults are false for REDIRECT_OTHER_PORT and 80 for +; PORT_TO_REDIRECT. +REDIRECT_OTHER_PORT = false +PORT_TO_REDIRECT = 80 ; Permission for unix socket UNIX_SOCKET_PERMISSION = 666 ; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service. diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 5876662270a4..848cdff640a3 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -96,6 +96,8 @@ var ( HTTPAddr string HTTPPort string LocalURL string + RedirectOtherPort bool + PortToRedirect string OfflineMode bool DisableRouterLog bool CertFile string @@ -741,6 +743,8 @@ func NewContext() { defaultLocalURL += ":" + HTTPPort + "/" } LocalURL = sec.Key("LOCAL_ROOT_URL").MustString(defaultLocalURL) + RedirectOtherPort = sec.Key("REDIRECT_OTHER_PORT").MustBool(false) + PortToRedirect = sec.Key("PORT_TO_REDIRECT").MustString("80") OfflineMode = sec.Key("OFFLINE_MODE").MustBool() DisableRouterLog = sec.Key("DISABLE_ROUTER_LOG").MustBool() StaticRootPath = sec.Key("STATIC_ROOT_PATH").MustString(AppWorkPath)