external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-02-12 11:12:06 +00:00
Code Issues Releases Wiki Activity

bring cp changes on top of current HEAD

Browse source
This commit is contained in:
George Hunt 2019-12-04 21:30:27 +00:00
parent 34bf528bf9
commit 2f8636fccd
17 changed files with 305 additions and 287 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

153
roles/captive-portal/tasks/main.yml
View file

@ -1,153 +0,0 @@
- name: Download & install python-dateutil, sqlite3
package:
name: "{{ item }}"
state: present
with_items:
- python-dateutil
- sqlite3 # @georgejhunt hopes to move this to 2-common (or more likely 3-base-server, alongside MySQL) in October 2018
- name: Install libapache2-mod-wsgi (debuntu)
package:
name: libapache2-mod-wsgi
state: present
when: is_debuntu | bool
- name: Install mod_wsgi (not debuntu)
package:
name: mod_wsgi
state: present
when: not is_debuntu
- name: Create directory /opt/iiab/captive-portal for scripts & templates
file:
path: /opt/iiab/captive-portal
state: directory
owner: "{{ apache_user }}"
- name: 'Copy scripts: checkurls, capture-wsgi.py'
template:
src: "{{ item.src }}"
dest: /opt/iiab/captive-portal/
mode: "{{ item.mode }}"
with_items:
- { src: roles/captive-portal/templates/checkurls, mode: '0644' }
- { src: roles/captive-portal/templates/capture-wsgi.py, mode: '0755' }
- name: 'Copy templates: simple.template, mac.template'
copy:
src: "{{ item }}"
dest: /opt/iiab/captive-portal/
with_items:
- roles/captive-portal/files/simple.template
- roles/captive-portal/files/mac.template
- name: Copy iiab-catch & iiab-uncatch into /usr/bin/
template:
src: "{{ item }}"
dest: /usr/bin/
owner: root
group: root
mode: 0755
with_items:
- roles/captive-portal/templates/iiab-catch
- roles/captive-portal/templates/iiab-uncatch
- name: Run iiab-uncatch to generate diversion lists for dnsmasq and apache2
shell: /usr/bin/iiab-uncatch
#- name: Install systemd unit file captive-portal.service from template
# template:
# src: roles/captive-portal/templates/captive-portal.service.j2
# dest: /etc/systemd/system/captive-portal.service
# owner: root
# group: root
# mode: 0644
- name: Install Apache's captive-portal.conf from template if captive_portal_enabled
template:
src: roles/captive-portal/templates/001-captive-portal.conf
dest: /etc/{{ apache_config_dir }}/001-captive-portal.conf
owner: root
group: root
mode: 0644
when: captive_portal_enabled | bool
- name: Enable Apache's captive-portal.conf if captive_portal_enabled (debuntu)
file:
src: /etc/apache2/sites-available/001-captive-portal.conf
path: /etc/apache2/sites-enabled/001-captive-portal.conf
state: link
when: captive_portal_enabled and is_debuntu
- name: Enable Apache's default-ssl.conf if captive_portal_enabled (debuntu)
file:
src: /etc/apache2/sites-available/default-ssl.conf
path: /etc/apache2/sites-enabled/default-ssl.conf
state: link
when: captive_portal_enabled and is_debuntu
#- name: Enable & Start systemd service captive-portal.service if captive_portal_enabled
# systemd:
# name: captive-portal.service
# daemon-reload: yes
# enabled: yes
# state: started
# when: captive_portal_enabled | bool
#- name: Disable & Stop captive-portal.service if not captive_portal_enabled
# systemd:
# name: captive-portal.service
# enabled: no
# state: stopped
# when: not captive_portal_enabled
- name: Disable Apache's captive-portal.conf if not captive_portal_enabled (debuntu)
file:
path: /etc/apache2/sites-enabled/001-captive-portal.conf
state: absent
when: not captive_portal_enabled and is_debuntu
- name: Disable Apache's default-ssl.conf if not captive_portal_enabled (debuntu)
file:
path: /etc/apache2/sites-enabled/default-ssl.conf
state: absent
when: not captive_portal_enabled and is_debuntu
- name: Make sure dnsmasq is not diverting if not captive_portal_enabled
file:
path: /etc/dnsmasq.d/capture
state: absent
when: not captive_portal_enabled
- name: Add 'captive_portal_installed' variable values to {{ iiab_state_file }}
lineinfile:
dest: "{{ iiab_state_file }}"
regexp: '^captive_portal_installed'
line: 'captive_portal_installed: True'
state: present
- name: Restart Apache service ({{ apache_service }}) # i.e. apache2 on most distros
systemd:
name: "{{ apache_service }}"
state: restarted
#- name: Restart dnsmasq
# systemd:
# name: dnsmasq
# state: restarted
# when: dnsmasq_enabled | bool
# ABOVE DOES NOT WORK ON UBUNTU 16.04 -- what follows is a crude hack (seems to work!)
- name: Stop dnsmasq
systemd:
name: dnsmasq
state: stopped
when: dnsmasq_enabled | bool
- name: Start dnsmasq
systemd:
name: dnsmasq
state: started
when: dnsmasq_enabled | bool

43
roles/captive-portal/templates/001-captive-portal.conf
View file

@ -1,43 +0,0 @@
<VirtualHost _default_:80>
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
<Directory {{ doc_root }}>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName iiab.io
Include /etc/apache2/capture
# ProxyPreserveHost On
# ProxyPass / http://box.lan:{{ captive_portal_port }}/
# ProxyPassReverse / http://box.lan:{{ captive_portal_port }}/
ErrorLog /var/log/apache2/cp_error.log
WSGIScriptAlias / /opt/iiab/captive-portal/capture-wsgi.py
#WSGIScriptAlias / /opt/iiab/captive-portal/test.py
WSGIScriptReloading On
<Directory /opt/iiab/captive-portal>
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
<VirtualHost 127.0.0.1:80>
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
<Directory /library/www/html>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
</VirtualHost>

15
roles/captive-portal/templates/captive-portal.service.j2.deprecated
View file

@ -1,15 +0,0 @@
[Unit]
Description=Captive portal
After=syslog.target
[Service]
Type=simple
User=root
Group=root
WorkingDirectory=/opt/iiab/captive-portal
ExecStart=/opt/iiab/captive-portal/capture-wsgi.py -l
StandardOutput=syslog
StandardError=syslog
[Install]
WantedBy=multi-user.target

9
roles/captive-portal/templates/iiab-catch
View file

@ -1,9 +0,0 @@
#!/bin/bash -x
# substitute our own server to catch OS connectivity checking URL's
systemctl stop {{ apache_service }}
# systemctl stop captive-portal
echo address=/#/172.18.96.1 > /etc/dnsmasq.d/capture
/opt/iiab/captive-portal/capture-wsgi.py -d &
# write the pid just started
echo $! > /opt/iiab/captive-portal/pid

15
roles/captive-portal/templates/iiab-uncatch
View file

@ -1,15 +0,0 @@
#!/bin/bash -x
# Turn off URL recording mode, and return to serving with apache2
kill $(cat /opt/iiab/captive-portal/pid)
# during testing, I start capture by hand -- recorded pid may be stale
pid=$(ps aux | grep "capture-wsgi.py -d" | grep -v grep | awk '{print $2}')
if [ -n "$pid" ]; then
kill $pid
fi
awk '{print("address=/" $1 "/172.18.96.1")}' /opt/iiab/captive-portal/checkurls > /etc/dnsmasq.d/capture
echo "#following tells windows 7 that captive portal is active" >>/etc/dnsmasq.d/capture
echo "address=/dns.msftncsi.com/131.107.255.255" >> /etc/dnsmasq.d/capture
awk '{print("ServerAlias ",$1)}' /opt/iiab/captive-portal/checkurls > /etc/apache2/capture
# systemctl start captive-portal
systemctl start {{ apache_service }}

2
roles/captive-portal/defaults/main.yml → roles/captiveportal/defaults/main.yml
View file

@ -1,7 +1,7 @@
# captive_portal_install: False
# captive_portal_enabled: False
# captive_portal_port: 9090
# captiveportal_port: 9090
# All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml
# If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!

0
roles/captive-portal/files/mac.template → roles/captiveportal/files/mac.template
View file

0
roles/captive-portal/files/simple.template → roles/captiveportal/files/simple.template
View file

110
roles/captiveportal/tasks/main.yml Normal file
View file

@ -0,0 +1,110 @@
- name: Download & install python-dateutil, sqlite3
package:
name: "{{ item }}"
state: present
with_items:
- python3-dateutil
- python3-jinja2
- name: Create directory /opt/iiab/captiveportal for scripts & templates
file:
path: /opt/iiab/captiveportal
state: directory
owner: "{{ apache_user }}"
- name: 'Copy scripts: checkurls, capture-wsgi.py'
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
with_items:
- { src: checkurls, mode: '0644', dest: /opt/iiab/captiveportal/ }
- { src: capture-wsgi.py, mode: '0755', dest: /opt/iiab/captiveportal/ }
- { src: iiab-make-cp-servers.py, mode: '0755', dest: /usr/sbin/ }
- { src: iiab-divert-to-nginx, mode: '0755', dest: /usr/sbin/ }
- name: 'Copy templates: simple.template, mac.template'
copy:
src: "{{ item }}"
dest: /opt/iiab/captiveportal/
with_items:
- roles/captiveportal/files/simple.template
- roles/captiveportal/files/mac.template
- name: Copy uWSGI config file
template:
src: captiveportal.ini
dest: /etc/uwsgi/apps-available/
- name: Enable uwsgi config for captiveportal
file:
src: /etc/uwsgi/apps-available/captiveportal.ini
path: /etc/uwsgi/apps-enabled/captiveportal.ini
state: link
when: captiveportal_enabled | bool
- name: Copy unit file for uWSGI service
template:
src: uwsgi-captiveportal.service
dest: /etc/systemd/system/
- name: Start or restart server which responds to browsers trying to detect a captive portal
systemd:
name: uwsgi-captiveportal.service
state: restarted
when: captiveportal_enabled | bool
- name: Stop uWSGI server if captive portal has been disabled
systemd:
name: uwsgi-captiveportal.service
state: stopped
when: not captiveportal_enabled | bool
- name: Run divert to generate diversion lists for nginx
shell: iiab-divert-to-nginx
- name: Run script to generate nginx servers from checkurls input list
shell: iiab-make-cp-servers.py
- name: Install nginx's captiveportal.conf from template if captiveportal_enabled
template:
src: roles/captiveportal/templates/captiveportal-nginx.conf
dest: /etc/nginx/conf.d/
owner: root
group: root
mode: 0644
when: captiveportal_enabled | bool
- name: Make sure dnsmasq is not diverting if not captiveportal_enabled
file:
path: /etc/dnsmasq.d/capture
state: absent
when: not captiveportal_enabled
- name: Add 'captiveportal_installed' variable values to {{ iiab_state_file }}
lineinfile:
dest: "{{ iiab_state_file }}"
regexp: '^captiveportal_installed'
line: 'captiveportal_installed: True'
state: present
#- name: Restart dnsmasq
# systemd:
# name: dnsmasq
# state: restarted
# when: dnsmasq_enabled | bool
# ABOVE DOES NOT WORK ON UBUNTU 16.04 -- what follows is a crude hack (seems to work!)
- name: Stop dnsmasq
systemd:
name: dnsmasq
state: stopped
when: dnsmasq_enabled | bool
- name: Start dnsmasq
systemd:
name: dnsmasq
state: started
when: dnsmasq_enabled | bool

9
roles/captiveportal/templates/captiveportal-nginx.conf Normal file
View file

@ -0,0 +1,9 @@
location /capture {
rewrite /capture/(.+) /$1 break;
include uwsgi_params;
#uwsgi_pass unix:///tmp/captiveportal.sock;
uwsgi_pass localhost:9090;
}

12
roles/captiveportal/templates/captiveportal.ini Normal file
View file

@ -0,0 +1,12 @@
[uwsgi]
uid = www-data
gid = www-data
http-socket = :9090
chdir = /opt/iiab/captiveportal
wsgi-file = capture-wsgi.py
#wsgi-file = very_simple.py
master = true
plugins = python3
log-to = /var/log/uwsgi/app/captiveportal.log
#die-on-term = true
py-autoreload = 2

73
roles/captive-portal/templates/capture-wsgi.py → roles/captiveportal/templates/capture-wsgi.py
View file

@ -1,4 +1,4 @@
#! /usr/bin/env python
#! /usr/bin/env python3
# -*- coding: utf-8 -*-
# using Python's bundled WSGI server
@ -23,7 +23,7 @@ import re
#
# Create the jinja2 environment.
CAPTIVE_PORTAL_BASE = "/opt/iiab/captive-portal"
CAPTIVE_PORTAL_BASE = "/opt/iiab/captiveportal"
j2_env = Environment(loader=FileSystemLoader(CAPTIVE_PORTAL_BASE),trim_blocks=True)
# Define time outs
@ -40,45 +40,15 @@ doc_root = get_iiab_env("WWWROOT")
fully_qualified_domain_name = get_iiab_env("FQDN")
loggingLevel = "DEBUG"
# set up some logging -- selectable for diagnostics
# Create dummy iostream to capture stderr and stdout
class StreamToLogger(object):
"""
Fake file-like stream object that redirects writes to a logger instance.
"""
def __init__(self, logger, log_level=logging.INFO):
self.logger = logger
self.log_level = log_level
self.linebuf = ''
def write(self, buf):
for line in buf.rstrip().splitlines():
self.logger.log(self.log_level, line.rstrip())
#if len(sys.argv) > 1 and sys.argv[1] == '-l':
if True:
loggingLevel = logging.DEBUG
try:
os.remove('/var/log/apache2/portal.log')
except:
pass
else:
loggingLevel = logging.ERROR
# divert stdout and stderr to logger
logging.basicConfig(filename='/var/log/apache2/portal.log',format='%(asctime)s.%(msecs)03d:%(name)s:%(message)s', datefmt='%M:%S',level=loggingLevel)
logger = logging.getLogger('/var/log/apache2/portal.log')
handler = RotatingFileHandler("/var/log/apache2/portal.log", maxBytes=100000, backupCount=2)
logger.addHandler(handler)
stdout_logger = logging.getLogger('STDOUT')
sl = StreamToLogger(stdout_logger, logging.ERROR)
sys.stdout = sl
stderr_logger = logging.getLogger('STDERR')
sl = StreamToLogger(stderr_logger, logging.ERROR)
sys.stderr = sl
PORT={{ captive_portal_port }}
#PORT={{ captiveportal_port }}
PORT=9090
# Define globals
@ -178,12 +148,13 @@ def set_lasttimestamp(ip):
# ################### Action routines based on OS ################3
def microsoft(environ,start_response):
print('in microsoft')
# firefox -- seems both mac and Windows use it
agent = environ.get('HTTP_USER_AGENT','default_agent')
if agent.startswith('Mozilla'):
return home(environ, start_response)
logger.debug("sending microsoft redirect")
response_body = ""
response_body = b""
status = '302 Moved Temporarily'
response_headers = [('Location','http://box.lan/home'),
('Content-type','text/html'),
@ -193,7 +164,7 @@ def microsoft(environ,start_response):
def home(environ,start_response):
logger.debug("sending direct to home")
response_body = ""
response_body = b""
status = '302 Moved Temporarily'
response_headers = [('Location','http://' + fully_qualified_domain_name + '/home'),
('Content-type','text/html'),
@ -220,7 +191,7 @@ def android(environ, start_response):
#set_204after(ip,20)
location = '/android_https'
agent = environ.get('HTTP_USER_AGENT','default_agent')
response_body = "hello"
response_body = b"hello"
status = '302 Moved Temporarily'
response_headers = [('Location',location)]
start_response(status, response_headers)
@ -240,6 +211,7 @@ def android_splash(environ, start_response):
elif lang == "es":
txt = es_txt
response_body = str(j2_env.get_template("simple.template").render(**txt))
response_body = response_body.encode()
status = '200 OK'
response_headers = [('Content-type','text/html'),
('Content-Length',str(len(response_body)))]
@ -261,6 +233,7 @@ def android_https(environ, start_response):
elif lang == "es":
txt = es_txt
response_body = str(j2_env.get_template("simple.template").render(**txt))
response_body = response_body.encode()
status = '200 OK'
response_headers = [('Content-type','text/html'),
('Content-Length',str(len(response_body)))]
@ -268,9 +241,10 @@ def android_https(environ, start_response):
return [response_body]
def mac_splash(environ,start_response):
print('in mac_splash')
logger.debug("in function mac_splash")
en_txt={ 'message':"Click on the button to go to the IIAB home page",\
'btn1':"GO TO IIAB HOME PAGE",'success_token': 'Success',
en_txt={ 'message': "Click on the button to go to the IIAB home page",\
'btn1': "GO TO IIAB HOME PAGE",'success_token': 'Success',
"FQDN": fully_qualified_domain_name, \
'doc_root':get_iiab_env("WWWROOT")}
es_txt={ 'message':"Haga clic en el botón para ir a la página de inicio de IIAB",\
@ -283,6 +257,7 @@ def mac_splash(environ,start_response):
txt = es_txt
set_lasttimestamp(ip)
response_body = str(j2_env.get_template("mac.template").render(**txt))
response_body = response_body.encode()
status = '200 Success'
response_headers = [('Content-type','text/html'),
('Content-Length',str(len(response_body)))]
@ -290,6 +265,7 @@ def mac_splash(environ,start_response):
return [response_body]
def macintosh(environ, start_response):
print('in macintosh')
global ip
logger.debug("in function mcintosh")
#print >> sys.stderr , "Geo Print to stderr" + environ['HTTP_HOST']
@ -302,6 +278,7 @@ def macintosh(environ, start_response):
response_body = """<html><head><script>
window.location.reload(true)
</script></body></html>"""
response_body = response_body.encode()
status = '302 Moved Temporarily'
response_headers = [('content','text/html')]
start_response(status, response_headers)
@ -309,12 +286,6 @@ def macintosh(environ, start_response):
else:
return mac_splash(environ,start_response)
def microsoft_connect(environ,start_response):
status = '200 ok'
headers = [('Content-type', 'text/html')]
start_response(status, headers)
return ["Microsoft Connect Test"]
# ============= Return html pages ============================
def banner(environ, start_response):
status = '200 OK'
@ -351,18 +322,18 @@ def null(environ, start_response):
status = '404 Not Found'
headers = [('Content-type', 'text/html')]
start_response(status, headers)
return [""]
return [b""]
def success(environ, start_response):
status = '200 ok'
html = '<html><head><title>Success</title></head><body>Success</body></html>'
html = b'<html><head><title>Success</title></head><body>Success</body></html>'
headers = [('Content-type', 'text/html')]
start_response(status, headers)
return [html]
def put_204(environ, start_response):
status = '204 No Data'
response_body = ''
response_body = b''
response_headers = [('Content-type','text/html'),
('Content-Length',str(len(response_body)))]
start_response(status, response_headers)
@ -371,7 +342,7 @@ def put_204(environ, start_response):
def put_302(environ, start_response):
status = '302 Moved Temporarily'
response_body = ''
response_body = b''
location = "http://" + fully_qualified_domain_name + "/home"
response_headers = [('Content-type','text/html'),
('Location',location),
@ -545,5 +516,5 @@ if __name__ == "__main__":
)
httpd.serve_forever()
#vim: tabstop=3 expandtab shiftwidth=3 softtabstop=3 background=dark
#vim: tabstop=4 expandtab shiftwidth=4 softtabstop=4 background=dark

0
roles/captive-portal/templates/checkurls → roles/captiveportal/templates/checkurls
View file

111
roles/captiveportal/templates/checkurls-nginx Normal file
View file

@ -0,0 +1,111 @@
server {
listen 80;
server_name clients3.google.com
rewrite ^clients3.google.com http://127.0.0.1/captive
}
server {
listen 80;
server_name connectivitycheck.gstatic.com
rewrite ^connectivitycheck.gstatic.com http://127.0.0.1/captive
}
server {
listen 80;
server_name detectportal.firefox.com
rewrite ^detectportal.firefox.com http://127.0.0.1/captive
}
server {
listen 80;
server_name *.akamaitechnologies.com
rewrite ^*.akamaitechnologies.com http://127.0.0.1/captive
}
server {
listen 80;
server_name appleiphonecell.com
rewrite ^appleiphonecell.com http://127.0.0.1/captive
}
server {
listen 80;
server_name thinkdifferent.us
rewrite ^thinkdifferent.us http://127.0.0.1/captive
}
server {
listen 80;
server_name *.apple.com.edgekey.net
rewrite ^*.apple.com.edgekey.net http://127.0.0.1/captive
}
server {
listen 80;
server_name ipv6.msftncsi.com
rewrite ^ipv6.msftncsi.com http://127.0.0.1/captive
}
server {
listen 80;
server_name ipv6.msftncsi.com.edgesuite.net
rewrite ^ipv6.msftncsi.com.edgesuite.net http://127.0.0.1/captive
}
server {
listen 80;
server_name www.msftncsi.com
rewrite ^www.msftncsi.com http://127.0.0.1/captive
}
server {
listen 80;
server_name www.msftncsi.com.edgesuite.net
rewrite ^www.msftncsi.com.edgesuite.net http://127.0.0.1/captive
}
server {
listen 80;
server_name www.msftconnecttest.com
rewrite ^www.msftconnecttest.com http://127.0.0.1/captive
}
server {
listen 80;
server_name www.msn.com
rewrite ^www.msn.com http://127.0.0.1/captive
}
server {
listen 80;
server_name teredo.ipv6.microsoft.com
rewrite ^teredo.ipv6.microsoft.com http://127.0.0.1/captive
}
server {
listen 80;
server_name teredo.ipv6.microsoft.com.nsatc.net
rewrite ^teredo.ipv6.microsoft.com.nsatc.net http://127.0.0.1/captive
}
server {
listen 80;
server_name captive.apple.com
rewrite ^captive.apple.com http://127.0.0.1/captive
}
server {
listen 80;
server_name init-p01st.push.apple.com
rewrite ^init-p01st.push.apple.com http://127.0.0.1/captive
}
server {
listen 80;
server_name mtalk.google.com
rewrite ^mtalk.google.com http://127.0.0.1/captive
}
server {
listen 80;
server_name connectivitycheck.android.com
rewrite ^connectivitycheck.android.com http://127.0.0.1/captive
}
server {
listen 80;
server_name alt7-mtalk.google.com
rewrite ^alt7-mtalk.google.com http://127.0.0.1/captive
}
server {
listen 80;
server_name alt6-mtalk.google.com
rewrite ^alt6-mtalk.google.com http://127.0.0.1/captive
}
server {
listen 80;
server_name captive.lan
rewrite ^captive.lan http://127.0.0.1/captive
}

4
roles/captiveportal/templates/iiab-divert-to-nginx Executable file
View file

@ -0,0 +1,4 @@
#!/bin/bash -x
awk '{print("address=/" $1 "/ 172.18.96.1")}' /opt/iiab/captiveportal/checkurls > /etc/dnsmasq.d/capture
echo "#following tells windows 7 that captive portal is active" >>/etc/dnsmasq.d/capture
echo "address=/dns.msftncsi.com/131.107.255.255" >> /etc/dnsmasq.d/capture

23
roles/captiveportal/templates/iiab-make-cp-servers.py Executable file
View file

@ -0,0 +1,23 @@
#!/usr/bin/env python3
# read list of online portal checkers, make nginx server blocks
import os
outstr = ''
os.chdir('{{ iiab_dir }}/roles/captiveportal/templates')
with open('checkurls','r') as urls:
for line in urls:
line = line.replace('*','.*')
outstr += 'server {\n'
outstr += ' listen 80;\n'
outstr += ' server_name {};\n'.format(line.strip())
outstr += ' location / {\n'
outstr += ' proxy_set_header X-Forwarded-For $remote_addr;\n'
outstr += ' proxy_set_header Host $http_host;\n'
outstr += ' proxy_pass "http://127.0.0.1:9090";\n'
outstr += ' }\n'
outstr += '}\n'
#print(outstr)
with open('/etc/nginx/sites-available/capture.conf','w') as config:
config.write(outstr)

13
roles/captiveportal/templates/uwsgi-captiveportal.service Normal file
View file

@ -0,0 +1,13 @@
[Unit]
Description=uWSGI Service
[Service]
ExecStart=/usr/bin/uwsgi --ini /etc/uwsgi/apps-enabled/captiveportal.ini
Restart=always
RestartSec=5
KillSignal=SIGQUIT
Type=notify
NotifyAccess=all
[Install]
WantedBy=multi-user.target