2024-09-17 14:11:00 +03:00
|
|
|
#!/bin/sh
|
|
|
|
|
|
|
|
if [ "${NGX_HTTP}" = 0 ] ; then
|
|
|
|
unset NGX_HTTP_NO_PROXY NGX_HTTP_WITH_MODSECURITY
|
|
|
|
else
|
|
|
|
NGX_HTTP_NO_PROXY=$(gobool_to_int "${NGX_HTTP_NO_PROXY:-0}" 0)
|
|
|
|
export NGX_HTTP_NO_PROXY
|
|
|
|
|
|
|
|
unset http_modules http_confload
|
|
|
|
http_modules=
|
|
|
|
http_confload="${NGX_HTTP_CONFLOAD:-}"
|
|
|
|
|
|
|
|
## filter out builtin http modules
|
|
|
|
unset i
|
|
|
|
for i in ${NGX_HTTP_MODULES:-} ; do
|
|
|
|
[ -n "$i" ] || continue
|
|
|
|
|
|
|
|
case "$i" in
|
|
|
|
*/* | *\** | *\?* )
|
|
|
|
log_always "module '$i' is not legal, skipping"
|
|
|
|
continue
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
if is_builtin_module http "$i" ; then
|
|
|
|
log "$i is builtin module, moving to NGX_HTTP_CONFLOAD"
|
|
|
|
http_confload=$(append_list "${http_confload}" "$i")
|
|
|
|
continue
|
|
|
|
fi
|
|
|
|
|
|
|
|
## naive deduplication
|
|
|
|
if list_have_item "${http_modules}" "$i" ; then
|
|
|
|
log "$i is already specified"
|
|
|
|
continue
|
|
|
|
fi
|
|
|
|
|
|
|
|
http_modules=$(append_list "${http_modules}" "$i")
|
|
|
|
done
|
|
|
|
unset i
|
|
|
|
|
2024-09-30 20:45:03 +03:00
|
|
|
if [ "${NGX_HTTP_NO_PROXY}" = 0 ] ; then
|
|
|
|
http_confload="${http_confload} proxy"
|
|
|
|
fi
|
|
|
|
|
2024-09-17 14:11:00 +03:00
|
|
|
## grpc depends on http/2
|
2024-09-30 20:45:03 +03:00
|
|
|
if list_have_item "${http_confload}" grpc ; then
|
|
|
|
http_confload="${http_confload} v2"
|
|
|
|
fi
|
|
|
|
|
|
|
|
## angie-module-lua: depends on angie-module-ndk
|
|
|
|
## angie-module-set-misc: depends on angie-module-ndk
|
|
|
|
if [ -n "${http_modules:-}" ] ; then
|
|
|
|
unset want_ndk
|
|
|
|
want_ndk=0
|
|
|
|
if list_have_item "${http_modules}" lua ; then
|
|
|
|
want_ndk=1
|
|
|
|
elif list_have_item "${http_modules}" set-misc ; then
|
|
|
|
want_ndk=1
|
2024-09-17 14:11:00 +03:00
|
|
|
fi
|
2024-09-30 20:45:03 +03:00
|
|
|
if [ ${want_ndk} = 1 ] ; then
|
|
|
|
## forcefully move 'ndk' to beginning of list
|
|
|
|
http_modules=$(printf '%s' " ${http_modules} " | sed -zE 's/ ndk / /;s/^/ndk/;s/ $//')
|
2024-09-17 14:11:00 +03:00
|
|
|
fi
|
2024-09-30 20:45:03 +03:00
|
|
|
unset want_ndk
|
2024-09-17 14:11:00 +03:00
|
|
|
fi
|
|
|
|
|
|
|
|
set -a
|
|
|
|
NGX_HTTP_MODULES="${http_modules}"
|
|
|
|
NGX_HTTP_CONFLOAD=$(sort_dedup_list "${http_confload}")
|
|
|
|
set +a
|
|
|
|
|
|
|
|
unset http_modules http_confload
|
|
|
|
|
|
|
|
## quirk: angie-module-modsecurity
|
|
|
|
unset NGX_HTTP_WITH_MODSECURITY
|
|
|
|
NGX_HTTP_WITH_MODSECURITY=0
|
2024-09-30 20:45:03 +03:00
|
|
|
if list_have_item "${NGX_HTTP_MODULES}" modsecurity ; then
|
|
|
|
unset d f
|
2024-09-17 14:11:00 +03:00
|
|
|
for d in /angie/modules /etc/angie/modules /etc/angie/modules.dist ; do
|
|
|
|
[ -d "$d" ] || continue
|
2024-09-30 20:45:03 +03:00
|
|
|
f="$d/ngx_http_modsecurity_module.so"
|
|
|
|
[ -f "$f" ] || continue
|
|
|
|
if ! [ -h "$f" ] ; then
|
2024-09-17 14:11:00 +03:00
|
|
|
NGX_HTTP_WITH_MODSECURITY=1
|
|
|
|
break
|
|
|
|
fi
|
2024-09-30 20:45:03 +03:00
|
|
|
done
|
|
|
|
unset d f
|
|
|
|
fi
|
2024-09-17 14:11:00 +03:00
|
|
|
export NGX_HTTP_WITH_MODSECURITY
|
|
|
|
|
|
|
|
if [ "${NGX_HTTP_WITH_MODSECURITY}" = 1 ] ; then
|
|
|
|
set -a
|
|
|
|
NGX_DIRS_MERGE=$(sort_dedup_list "${NGX_DIRS_MERGE} modsecurity")
|
|
|
|
set +a
|
|
|
|
fi
|
|
|
|
fi
|