run-dev: Add flag to allow JSON requests through HTTPS proxy.

This commit is contained in:
Tam Le 2023-03-13 03:06:55 +00:00 committed by Tim Abbott
parent 2ce3f52030
commit f8a74831b0
3 changed files with 21 additions and 7 deletions

View File

@ -314,11 +314,7 @@ different.
service nginx reload # Actually enabled your nginx configuration service nginx reload # Actually enabled your nginx configuration
``` ```
1. Edit `zproject/dev_settings.py` to set 1. Start the Zulip development environment in HTTPS mode with the following command:
`EXTERNAL_URI_SCHEME = "https://"`, so that URLs served by the
development environment will be HTTPS.
1. Start the Zulip development environment with the following command:
```bash ```bash
env EXTERNAL_HOST="hostname.example.com" ./tools/run-dev --interface='' env EXTERNAL_HOST="hostname.example.com" ./tools/run-dev --behind-https-proxy --interface=''
``` ```

View File

@ -59,6 +59,11 @@ parser.add_argument(
action="store_true", action="store_true",
help="Enable access logs from tornado proxy server.", help="Enable access logs from tornado proxy server.",
) )
parser.add_argument(
"--behind-https-proxy",
action="store_true",
help="Start app server in HTTPS mode, using reverse proxy",
)
add_provision_check_override_param(parser) add_provision_check_override_param(parser)
options = parser.parse_args() options = parser.parse_args()
@ -95,6 +100,9 @@ else:
manage_args = [f"--settings={settings_module}"] manage_args = [f"--settings={settings_module}"]
os.environ["DJANGO_SETTINGS_MODULE"] = settings_module os.environ["DJANGO_SETTINGS_MODULE"] = settings_module
if options.behind_https_proxy:
os.environ["BEHIND_HTTPS_PROXY"] = "1"
from scripts.lib.zulip_tools import CYAN, ENDC from scripts.lib.zulip_tools import CYAN, ENDC
proxy_port = base_port proxy_port = base_port
@ -334,7 +342,10 @@ def print_listeners() -> None:
else: else:
default_hostname = "localhost" default_hostname = "localhost"
external_host = os.getenv("EXTERNAL_HOST", f"{default_hostname}:{proxy_port}") external_host = os.getenv("EXTERNAL_HOST", f"{default_hostname}:{proxy_port}")
print(f"\nStarting Zulip on:\n\n\t{CYAN}http://{external_host}/{ENDC}\n\nInternal ports:") http_protocol = "https" if options.behind_https_proxy else "http"
print(
f"\nStarting Zulip on:\n\n\t{CYAN}{http_protocol}://{external_host}/{ENDC}\n\nInternal ports:"
)
ports = [ ports = [
(proxy_port, "Development server proxy (connect here)"), (proxy_port, "Development server proxy (connect here)"),
(django_port, "Django"), (django_port, "Django"),

View File

@ -62,6 +62,13 @@ AUTHENTICATION_BACKENDS: Tuple[str, ...] = (
) )
EXTERNAL_URI_SCHEME = "http://" EXTERNAL_URI_SCHEME = "http://"
if os.getenv("BEHIND_HTTPS_PROXY"):
# URLs served by the development environment will be HTTPS
EXTERNAL_URI_SCHEME = "https://"
# Trust requests from this host (required due to Nginx proxy)
CSRF_TRUSTED_ORIGINS = [EXTERNAL_URI_SCHEME + EXTERNAL_HOST]
EMAIL_GATEWAY_PATTERN = "%s@" + EXTERNAL_HOST_WITHOUT_PORT EMAIL_GATEWAY_PATTERN = "%s@" + EXTERNAL_HOST_WITHOUT_PORT
NOTIFICATION_BOT = "notification-bot@zulip.com" NOTIFICATION_BOT = "notification-bot@zulip.com"
EMAIL_GATEWAY_BOT = "emailgateway@zulip.com" EMAIL_GATEWAY_BOT = "emailgateway@zulip.com"