-
Notifications
You must be signed in to change notification settings - Fork 26
/
update-server-xml.sh
executable file
·58 lines (50 loc) · 2.55 KB
/
update-server-xml.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
#!/bin/bash
#update Tomcat's server.xml with configuration required to serve ERDDAP
#this is typically run in the Dockerfile to ensure that the upstream
#server.xml meets our needs regardless of the Tomcat base image
SERVER_XML=${SERVER_XML:-/usr/local/tomcat/conf/server.xml}
if [ ! -f "$SERVER_XML" ]; then
echo "$SERVER_XML doesn't exist" >&2
exit 1
fi
RELAXED_PATH_CHARS="[]|"
RELAXED_QUERY_CHARS="[]:|{}^\`"<>"
function set_attribute {
ELEM="$1"
ATTR="$2"
VAL="$3"
if [ -z "$(xmlstarlet sel -t -c "${ELEM}[@${ATTR}='${VAL}']" $SERVER_XML)" ]; then
#xmlstarlet escapes special characters like & when writing values, and we
#want the attributes to be exactly as we define them. insert replacement
#target tokens instead, and then replace with sed.
#ampersands are also special characters in sed, so replace with ~ first
#and then replace again back to &
TOKEN="__${ATTR}__"
xmlstarlet edit --inplace -P -u "${ELEM}/@${ATTR}" -v "${TOKEN}" \
-i "${ELEM}[not(@${ATTR})]" -t attr -n "${ATTR}" -v "${TOKEN}" \
$SERVER_XML
sed -i -e "s/${TOKEN}/$( echo $VAL | tr '&' '~')/" -e "s/~/\&/g" $SERVER_XML
fi
}
#set Connector relaxedPathChars and relaxedQueryChars to allow DAP queries
set_attribute /Server/Service/Connector relaxedPathChars "$RELAXED_PATH_CHARS"
set_attribute /Server/Service/Connector relaxedQueryChars "$RELAXED_QUERY_CHARS"
# Enable request attributes so that, when using a reverse proxy, the original
# client ip is recorded in logs rather than the internal proxy ip
set_attribute /Server/Service/Engine/Host/Valve requestAttributesEnable "true"
#create RemoteIpValve if missing. this is needed so ERDDAP knows when its responding to https requests
#end result should look like:
#<Valve className="org.apache.catalina.valves.RemoteIpValve"
# remoteIpHeader="X-Forwarded-For"
# protocolHeader="X-Forwarded-Proto"
# protocolHeaderHttpsValue="https" />
#https://stackoverflow.com/a/9172796/193435
if [ -z "$(xmlstarlet sel -t -c "/Server/Service/Engine/Host/Valve[@className='org.apache.catalina.valves.RemoteIpValve']" $SERVER_XML)" ]; then
xmlstarlet edit --inplace -P -s /Server/Service/Engine/Host -t elem -n RemoteIpValve -v "" \
-i //RemoteIpValve -t attr -n "className" -v "org.apache.catalina.valves.RemoteIpValve" \
-i //RemoteIpValve -t attr -n "remoteIpHeader" -v "X-Forwarded-For" \
-i //RemoteIpValve -t attr -n "protocolHeader" -v "X-Forwarded-Proto" \
-i //RemoteIpValve -t attr -n "protocolHeaderHttpsValue" -v "https" \
-r //RemoteIpValve -v Valve \
$SERVER_XML
fi