owsd: update config and init.d files to work with ubusproxy

2026-03-04 00:14:55 +01:00 · 2017-11-22 10:03:58 +01:00 · 2017-11-22 10:03:58 +01:00 · b29f8a9406
commit b29f8a9406
parent 7dd5cf1864
2 changed files with 46 additions and 19 deletions
--- a/owsd/files/owsd.config
+++ b/owsd/files/owsd.config
@ -3,11 +3,17 @@ config owsd 'global'
 	option www '/www'
 	option redirect '/cgi-bin/luci:/cacheflush.html'
 #	option www_maxage '3600'
-#	list ubusproxy 'https://repeater1url/'
-#	list ubusproxy 'wss://repeater2url/'
-#	option client_cert '/etc/ssl/certs/owsd-repeater-control-cert.pem'
-#	option client_key '/etc/ssl/private/owsd-repeater-control-key.pem'
-#	option client_ca '/etc/ssl/certs/owsd-server-ca.pem'
+
+# ubusproxy is enbaled if: enable = 1 or peer exists or path exists
+config ubusproxy 'ubusproxy'
+	option enable '0'
+#	list peer 'https://repeater1_hostname/'
+#	list peer 'wss://repeater2_hostname/'
+#	list object 'router.*'
+#	list object 'system'
+#	option peer_cert '/etc/ssl/certs/owsd-repeater-control-cert.pem'
+#	option peer_key '/etc/ssl/private/owsd-repeater-control-key.pem'
+#	option peer_ca '/etc/ssl/certs/owsd-server-ca.pem'

 config owsd-listen 'loopback'
 	option port '80'
--- a/owsd/files/owsd.init
+++ b/owsd/files/owsd.init
@ -104,16 +104,23 @@ load_dhcp_domains() {
 	config_foreach dhcp_domain_section "domain"
 }

-validate_owsd() {
+validate_owsd_ubusproxy() {
+	uci_validate_section "owsd" "ubusproxy" "ubusproxy" \
+		'enable:bool:1' \
+		'peer:list(string)' \
+		'object:list(string)' \
+		'peer_key:file' \
+		'peer_cert:file' \
+		'peer_ca:file' \
+
+}
+
+validate_owsd_global() {
 	uci_validate_section "owsd" "owsd" "global" \
 		'sock:string' \
 		'redirect:string' \
 		'www:string' \
 		'www_maxage:integer' \
-		'ubusproxy:list(string)' \
-		'client_key:file' \
-		'client_cert:file' \
-		'client_ca:file' \

 }

@ -237,9 +244,9 @@ start_service() {
 	procd_set_param command $PROG

 	local sock www redirect www_maxage
-	local client_cert client_key client_ca
+	local enable peer_cert peer_key peer_ca

-	validate_owsd || {
+	validate_owsd_global || {
 		echo "Global validation failed"
 		return 1
 	}
@ -249,15 +256,29 @@ start_service() {
 	[ -n "${redirect}"  ] && procd_append_param command -r"${redirect}"
 	[ -n "${www_maxage}" ] && procd_append_param command -t"${www_maxage}"

-	[ -n "${client_cert}" ] && procd_append_param command -C"${client_cert}"
-	[ -n "${client_key}"  ] && procd_append_param command -K"${client_key}"
-	[ -n "${client_ca}"   ] && procd_append_param command -A"${client_ca}"
-
-	append_ubusproxy () {
-		[ -n "$1"   ] && procd_append_param command -P"$1"
+	validate_owsd_ubusproxy || {
+		echo "Ubusproxy validation failed"
+		return 1
 	}

-	config_list_foreach "global" "ubusproxy" append_ubusproxy
+	if [ "${enable}" -eq 1 ]; then
+		procd_append_param command -U
+
+		[ -n "${peer_cert}" ] && procd_append_param command -C"${peer_cert}"
+		[ -n "${peer_key}"  ] && procd_append_param command -K"${peer_key}"
+		[ -n "${peer_ca}"   ] && procd_append_param command -A"${peer_ca}"
+
+		append_peer () {
+			[ -n "$1"   ] && procd_append_param command -P"$1"
+		}
+
+		append_object () {
+			[ -n "$1"   ] && procd_append_param command -U"$1"
+		}
+
+		config_list_foreach "ubusproxy" "peer" append_peer
+		config_list_foreach "ubusproxy" "object" append_object
+	fi

 	config_foreach parse_owsd_iface "owsd-listen"