Make the rspamd webui available, fixes #157

master
kaiyou 7 years ago
parent 3675fdb915
commit 1a3f85fbc2

@ -45,7 +45,8 @@ default_config = {
'DISABLE_STATISTICS': 'False',
'WELCOME': 'False',
'WELCOME_SUBJECT': 'Dummy welcome topic',
'WELCOME_BODY': 'Dummy welcome body'
'WELCOME_BODY': 'Dummy welcome body',
'WEB_ADMIN': '/admin'
}
# Load configuration from the environment if available
@ -78,12 +79,12 @@ def get_locale():
# Login configuration
login_manager = flask_login.LoginManager()
login_manager.init_app(app)
login_manager.login_view = ".login"
login_manager.login_view = "ui.login"
@login_manager.unauthorized_handler
def handle_needs_login():
return flask.redirect(
flask.url_for('.login', next=flask.request.endpoint)
flask.url_for('ui.login', next=flask.request.endpoint)
)
@app.context_processor

@ -2,6 +2,7 @@ from mailu import db, models, app, limiter
from mailu.internal import internal, nginx
import flask
import flask_login
@internal.route("/auth/email")
@ -17,3 +18,13 @@ def nginx_authentication():
for key, value in headers.items():
response.headers[key] = str(value)
return response
@internal.route("/auth/admin")
def admin_authentication():
""" Fails if the user is not an authenticated admin.
"""
if (not flask_login.current_user.is_anonymous
and flask_login.current_user.global_admin):
return ""
return flask.abort(403)

@ -59,6 +59,11 @@
<i class="fa fa-reply-all"></i> <span>{% trans %}Relayed domains{% endtrans %}</span>
</a>
</li>
<li>
<a href="{{ config["WEB_ADMIN"] }}/antispam/">
<i class="fa fa-trash-o"></i> <span>{% trans %}Antispam{% endtrans %}</span>
</a>
</li>
{% endif %}
{% if current_user.manager_of or current_user.global_admin %}
<li>

@ -71,11 +71,20 @@ http {
location {{ WEB_ADMIN }} {
return 301 {{ WEB_ADMIN }}/ui;
}
location ~ {{ WEB_ADMIN }}/(ui|static) {
rewrite ^{{ WEB_ADMIN }}/(.*) /$1 break;
proxy_set_header X-Forwarded-Prefix {{ WEB_ADMIN }};
proxy_pass http://admin;
}
location {{ WEB_ADMIN }}/antispam {
rewrite ^{{ WEB_ADMIN }}/antispam/(.*) /$1 break;
auth_request /internal/auth/admin;
proxy_set_header X-Real-IP "";
proxy_set_header X-Forwarded-For "";
proxy_pass http://antispam:11334;
}
{% endif %}
{% if WEBDAV != 'none' %}
@ -85,6 +94,14 @@ http {
}
{% endif %}
{% endif %}
location /internal {
internal;
proxy_pass http://admin;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
}
}
# Forwarding authentication server

Loading…
Cancel
Save