b74ab30143
* [AR-604] Preserve protocol from client request if not given in mirror list Currently redirects are done based on a mirror list with hardcoded URL scheme/protocol. This causes issues when either the client does not support the target protocol (e.g. no HTTPS support) or if the client does not allow its HTTPS request to be downgraded to plain HTTP, either in general or due to respected HSTS information. The usually expected behaviour for redirects is to preserve the protocol of the client request and in case leave HTTPS upgrades to be done by the target server. This commit aims to implement that behaviour in an optional non-breaking way: - If the protocol is given in the mirror list, it is used like before. This allows to force a protocol by the router, in case the mirror is not assured to support what the client requests. It is better to let the client decide whether to accept the protocol change or not, instead of letting it doing a request which is doomed to fail. - If the protocol is not given in the mirror list, it is derived from the client's request scheme. This means that the mirror list needs to be changed for this commit to have any effect. Signed-off-by: MichaIng <micha@dietpi.com> * [AR-604] Remove scheme from mirrors with support HTTP + HTTPS With PR https://github.com/armbian/dl-router/pull/14 mirrors are allowed to be given without URL scheme/protocol in the list file, in which case the client's request protocol is preserved. All currently active mirrors have been tested to support both HTTP and HTTPS and having no forced HTTP => HTTPS redirect. Some mirrors respond with a HSTS header, when connecting via HTTPS, but this cannot break any client request, as obviously the client supports HTTPS when it received the HSTS header once. The "minio.k-space.ee" mirror is the only one with a forced HTTP => HTTPS redirect, but it is currently not in use. If this mirrors gets re-enabled, to avoid doubled redirects, it makes sense to leave the scheme in place. Signed-off-by: MichaIng <micha@dietpi.com>
dl-router
router of download URLs
returns 302 to a mirror configured. Can manually select region.
currently designed for app folder to be mapped into a usgi container.
see sample launch script
launch_redirect.sh
expects userdata.csv in app folder.. map as needed.
expects mirrors.yaml in app folder.. map as needed
run local
cd app
export FLASK_APP=main
python -m flask run --host 0.0.0.0 --port 5000
configuration
see examples folder
modes
redirect - standard redirect functionality
dl_map - will attempt to use contents of userdata.csv to map downloads
mirrors
mirror target with trailing slash is placed in a yaml list under a key for regions
yaml configured
---
mode: dl_map
NA:
- https://mirror1.example/images/
- https://mirror2.example/images/
EU:
- https://mirror3.example/weirdfolder/images/
- https://mirror4.example/many/sub/folders/images/
API
/status
meant for simplee healtcheck. returns 200 OK
/reload
Flushes cache and reloads userdata file. Return JSON of what new userdata is
/mirrors
Shows all mirrors configured
/regions
Shows all mirror regions
/dl_map
shows download map for images
/geoip
show geoip info from requestor IP
/region/REGIONCODE/
will redirect to desired configurd regions:
NA - north america
EU - Europe
AS - Asia (currently China)