additional comments and fixes for running within a subdirectory; it _…

…should_ work but is not tested! bugs (if any) are for sure in checks.py

coco/core/auth/checks.py

@@ -1,4 +1,5 @@
 from coco.core.models import PortMapping
+from django.conf import settings
 from django.contrib.auth.models import User
 from django.core.exceptions import ObjectDoesNotExist
 from django.http.response import HttpResponse
@@ -37,9 +38,12 @@ def workspace_auth_access(request):
                 user = User.objects.get(username=username)
                 uri = request.META.get(URI_HEADER)
                 if uri:  # ensure the X- header is present. its set by Nginx
+                    subdirectory_parts = 0
+                    if settings.SUBDIRECTORY != "":
+                        subdirectory_parts = settings.SUBDIRECTORY.split('/')
                     splits = uri.split('/')
-                    if len(splits) >= 3:
-                        base_url = splits[2]
+                    if len(splits) >= (3 + subdirectory_parts):
+                        base_url = splits[2 + subdirectory_parts]
                         parts = base_url.decode('hex').split(':')
                         internal_ip = parts[0]
                         port = parts[1]

coco/core/settings.py

@@ -1,7 +1,9 @@
+from django.conf import settings
+
 """
 Settings related to containers.
 """
-CONTAINER_ACCESS_BASE_URI = '/ct/'
+CONTAINER_ACCESS_BASE_URI = '/' + settings.SUBDIRECTORY + 'ct/'
 CONTAINER_PORT_MAPPINGS_START_PORT = 49152
 CONTAINER_PORT_MAPPINGS_END_PORT = 65534
 

coco/settings.py

@@ -14,7 +14,7 @@
 import os
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 
-# custom setting, used to run the application in a subdirectory, 
+# custom setting, used to run the application in a subdirectory,
 # trailing slash is needed, i.e. 'sub/'
 SUBDIRECTORY = ''
 

lib/confs/nginx/coco.conf

@@ -9,11 +9,18 @@ map $http_upgrade $connection_upgrade {
 # e.g. in a private network, use internal DNS server
 resolver 4.4.4.4 8.8.8.8;
 
+# if coco is running within a subdirectory (as per the app settings)
+# you have to prefix all locations with the same directory here.
+# e.g you have 'coco/' in settings.py, 'location /' becomes 'location /coco/'
+# the whole config contains comments with example values for a subdir of 'coco/'
+
+
 
 server {
     listen  80;
     root    /srv/coco/www;
 
+    # location /coco/
     location / {
         include      /usr/local/openresty/nginx/conf/uwsgi_params;
         uwsgi_read_timeout  600s;
@@ -32,30 +39,36 @@ server {
         proxy_set_header  X-Original-URI  $request_uri;
 
         proxy_pass_request_body  off;
+        # proxy_pass  http://127.0.0.1/coco/_workspace_auth_check;
         proxy_pass  http://127.0.0.1/_workspace_auth_check;
     }
 
     # location for documentation
+    # location /coco/docs
     location /docs {
         root  /srv/coco/www/static;
     }
 
     # location for the public listening
+    # location /coco/public
     location /public {
         autoindex  on;
         root  /srv/coco/data;
     }
 
     # robots.txt that disallows web spiders
+    # location = /coco/robots.txt
     location = /robots.txt {}
 
     # static files in /srv/coco/www/static
     # collect them with python manage.py collectstatic
+    # location /coco/static
     location /static {
         expires  max;
     }
 
     # proxy/workspace location
+    # location ~* /coco/ct/([^\/]+)(\/.*)?$
     location ~* /ct/([^\/]+)(\/.*)?$ {
         # authorization
         # ensure only container's owner can access it
@@ -87,6 +100,7 @@ server {
         proxy_set_header  X-Forwarded-Server    $host;
         proxy_set_header  X-Real-IP             $remote_addr;
         proxy_set_header  X-Scheme              $scheme;
+        # proxy_set_header  X-Script-Name         /coco/ct/$1;
         proxy_set_header  X-Script-Name         /ct/$1;
 
         proxy_buffering  off;