From 9fee0fdebf701bff9a26ad166beef8ca2dcf3af8 Mon Sep 17 00:00:00 2001
From: Asif Bacchus <asif@linuxprogramming.test.bacchus.network>
Date: Thu, 17 Oct 2019 21:43:28 -0600
Subject: [PATCH] allow custom ports from params file

---
 ab-nginx.sh                               | 14 ++++++++------
 build/entrypoint.sh                       |  6 ++++++
 build/sites/05-test_secured.conf.disabled |  2 +-
 3 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/ab-nginx.sh b/ab-nginx.sh
index 14269c5..08e9272 100755
--- a/ab-nginx.sh
+++ b/ab-nginx.sh
@@ -15,6 +15,8 @@ yellow=$(tput setaf 3)
 ### parameter defaults
 container_name="ab-nginx"
 shell=false
+HTTP_PORT=80
+HTTPS_PORT=443
 unset CONFIG_DIR
 unset WEBROOT_DIR
 unset vmount
@@ -159,7 +161,7 @@ if [ -z "$SSL_CERT" ]; then
         docker run --rm -it --name ${container_name} \
             --env-file ab-nginx.params \
             $vmount \
-            -p 80:80 \
+            -p ${HTTP_PORT}:80 \
             ab-nginx:testing /bin/sh
     else
         # exec normally
@@ -167,7 +169,7 @@ if [ -z "$SSL_CERT" ]; then
         docker run --rm -d --name ${container_name} \
         --env-file ab-nginx.params \
         $vmount \
-        -p 80:80 \
+        -p ${HTTP_PORT}:80 \
         ab-nginx:testing
     fi
 # run with TLS1.2
@@ -182,7 +184,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = FALSE ]; then
             -v "$SSL_KEY":/certs/privkey.pem:ro \
             -v "$SSL_CHAIN":/certs/chain.pem:ro \
             -v "$DH":/certs/dhparam.pem:ro \
-            -p 80:80 -p 443:443 \
+            -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
             ab-nginx:testing /bin/sh
     else
         # exec normally
@@ -194,7 +196,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = FALSE ]; then
             -v "$SSL_KEY":/certs/privkey.pem:ro \
             -v "$SSL_CHAIN":/certs/chain.pem:ro \
             -v "$DH":/certs/dhparam.pem:ro \
-            -p 80:80 -p 443:443 \
+            -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
             ab-nginx:testing
     fi
 # run with TLS1.3
@@ -208,7 +210,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = TRUE ]; then
             -v "$SSL_CERT":/certs/fullchain.pem:ro \
             -v "$SSL_KEY":/certs/privkey.pem:ro \
             -v "$SSL_CHAIN":/certs/chain.pem:ro \
-            -p 80:80 -p 443:443 \
+            -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
             ab-nginx:testing /bin/sh
     else
         # exec normally
@@ -219,7 +221,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = TRUE ]; then
             -v "$SSL_CERT":/certs/fullchain.pem:ro \
             -v "$SSL_KEY":/certs/privkey.pem:ro \
             -v "$SSL_CHAIN":/certs/chain.pem:ro \
-            -p 80:80 -p 443:443 \
+            -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
             ab-nginx:testing
     fi
 fi
diff --git a/build/entrypoint.sh b/build/entrypoint.sh
index cc3ab26..b097dea 100755
--- a/build/entrypoint.sh
+++ b/build/entrypoint.sh
@@ -10,6 +10,12 @@ printf "\nUpdating server name list... "
 sed -i -e "s%<SERVER_NAMES>%${SERVER_NAMES}%" /etc/nginx/server_names.conf
 printf "done\n"
 
+# update HTTPS redirect port if SSL server test block exists
+if [ -f "/etc/nginx/sites/note" ]; then
+    printf "\nUpdating port redirects...\n"
+    sed -i -e "s%<HTTPS_PORT>%${HTTPS_PORT}%" /etc/nginx/sites/05-test_secured.conf.disabled
+fi
+
 # activate HSTS
 if [ "$HSTS" = TRUE ]; then
     printf "Activating HSTS configuration... "
diff --git a/build/sites/05-test_secured.conf.disabled b/build/sites/05-test_secured.conf.disabled
index a66cf1a..24a4665 100644
--- a/build/sites/05-test_secured.conf.disabled
+++ b/build/sites/05-test_secured.conf.disabled
@@ -6,7 +6,7 @@ server {
 
     # default redirect to properly formed HTTPS location
     location / {
-        return 301 https://$host$request_uri;
+        return 301 https://$host:<HTTPS_PORT>$request_uri;
     }
     
     # process Let's Encrypt challenges