Handle preparation of helper web page links e.g. on dev/test sites (#103)

Handle preparation of web front page links like `security.txt` and
`site-privacy-policy.pdf` by inserting symlinks to `EMULATE_FQDN`
version in the cases where no site `FQDN` version is readily available.
This is common on dev/test sites and they are fine with just using the
emulated default.

Added test script to verify these links are actually in place in running
instance.

Author: jonasbardino

Dockerfile.centos7

@@ -1526,6 +1526,31 @@ RUN ln -s index-${DOMAIN}.html $MIG_ROOT/state/wwwpublic/index.html && \
         $MIG_ROOT/state/wwwpublic/.well-known/security-pub-keys.txt && \
     ln -s security-disclosure-policy-${DOMAIN}.txt \
         $MIG_ROOT/state/wwwpublic/.well-known/security-disclosure-policy.txt && \
+    # Reuse site helpers from EMULATE_FQDN if no site versions exist
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/cookie-policy-${DOMAIN}.pdf" ]; then \
+        ln -s cookie-policy-${EMULATE_FQDN}.pdf \
+            $MIG_ROOT/state/wwwpublic/cookie-policy-${DOMAIN}.pdf ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/site-privacy-policy-${DOMAIN}.pdf" ]; then \
+        ln -s site-privacy-policy-${EMULATE_FQDN}.pdf \
+            $MIG_ROOT/state/wwwpublic/site-privacy-policy-${DOMAIN}.pdf ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/.well-known/security-${DOMAIN}.txt" ]; then \
+        ln -s security-${EMULATE_FQDN}.txt \
+            $MIG_ROOT/state/wwwpublic/.well-known/security-${DOMAIN}.txt ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/.well-known/security-${DOMAIN}.txt.asc" ]; then \
+        ln -s security-${EMULATE_FQDN}.txt.asc \
+            $MIG_ROOT/state/wwwpublic/.well-known/security-${DOMAIN}.txt.asc ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/.well-known/security-pub-keys-${DOMAIN}.txt" ]; then \
+        ln -s security-pub-keys-${EMULATE_FQDN}.txt \
+            $MIG_ROOT/state/wwwpublic/.well-known/security-pub-keys-${DOMAIN}.txt ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/.well-known/security-disclosure-policy-${DOMAIN}.txt" ]; then \
+        ln -s security-disclosure-policy-${EMULATE_FQDN}.txt \
+            $MIG_ROOT/state/wwwpublic/.well-known/security-disclosure-policy-${DOMAIN}.txt ; \
+    fi && \
     chown -R $USER:$GROUP $MIG_ROOT/state/wwwpublic/*.html
 
 # TODO: improve this very crude and hard-coded translation

Dockerfile.rocky8

@@ -1550,6 +1550,31 @@ RUN ln -s index-${DOMAIN}.html $MIG_ROOT/state/wwwpublic/index.html && \
         $MIG_ROOT/state/wwwpublic/.well-known/security-pub-keys.txt && \
     ln -s security-disclosure-policy-${DOMAIN}.txt \
         $MIG_ROOT/state/wwwpublic/.well-known/security-disclosure-policy.txt && \
+    # Reuse site helpers from EMULATE_FQDN if no site versions exist
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/cookie-policy-${DOMAIN}.pdf" ]; then \
+        ln -s cookie-policy-${EMULATE_FQDN}.pdf \
+            $MIG_ROOT/state/wwwpublic/cookie-policy-${DOMAIN}.pdf ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/site-privacy-policy-${DOMAIN}.pdf" ]; then \
+        ln -s site-privacy-policy-${EMULATE_FQDN}.pdf \
+            $MIG_ROOT/state/wwwpublic/site-privacy-policy-${DOMAIN}.pdf ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/.well-known/security-${DOMAIN}.txt" ]; then \
+        ln -s security-${EMULATE_FQDN}.txt \
+            $MIG_ROOT/state/wwwpublic/.well-known/security-${DOMAIN}.txt ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/.well-known/security-${DOMAIN}.txt.asc" ]; then \
+        ln -s security-${EMULATE_FQDN}.txt.asc \
+            $MIG_ROOT/state/wwwpublic/.well-known/security-${DOMAIN}.txt.asc ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/.well-known/security-pub-keys-${DOMAIN}.txt" ]; then \
+        ln -s security-pub-keys-${EMULATE_FQDN}.txt \
+            $MIG_ROOT/state/wwwpublic/.well-known/security-pub-keys-${DOMAIN}.txt ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/.well-known/security-disclosure-policy-${DOMAIN}.txt" ]; then \
+        ln -s security-disclosure-policy-${EMULATE_FQDN}.txt \
+            $MIG_ROOT/state/wwwpublic/.well-known/security-disclosure-policy-${DOMAIN}.txt ; \
+    fi && \
     chown -R $USER:$GROUP $MIG_ROOT/state/wwwpublic/*.html
 
 # TODO: improve this very crude and hard-coded translation

Dockerfile.rocky9

@@ -1424,6 +1424,31 @@ RUN ln -s index-${DOMAIN}.html $MIG_ROOT/state/wwwpublic/index.html && \
         $MIG_ROOT/state/wwwpublic/.well-known/security-pub-keys.txt && \
     ln -s security-disclosure-policy-${DOMAIN}.txt \
         $MIG_ROOT/state/wwwpublic/.well-known/security-disclosure-policy.txt && \
+    # Reuse site helpers from EMULATE_FQDN if no site versions exist
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/cookie-policy-${DOMAIN}.pdf" ]; then \
+        ln -s cookie-policy-${EMULATE_FQDN}.pdf \
+            $MIG_ROOT/state/wwwpublic/cookie-policy-${DOMAIN}.pdf ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/site-privacy-policy-${DOMAIN}.pdf" ]; then \
+        ln -s site-privacy-policy-${EMULATE_FQDN}.pdf \
+            $MIG_ROOT/state/wwwpublic/site-privacy-policy-${DOMAIN}.pdf ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/.well-known/security-${DOMAIN}.txt" ]; then \
+        ln -s security-${EMULATE_FQDN}.txt \
+            $MIG_ROOT/state/wwwpublic/.well-known/security-${DOMAIN}.txt ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/.well-known/security-${DOMAIN}.txt.asc" ]; then \
+        ln -s security-${EMULATE_FQDN}.txt.asc \
+            $MIG_ROOT/state/wwwpublic/.well-known/security-${DOMAIN}.txt.asc ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/.well-known/security-pub-keys-${DOMAIN}.txt" ]; then \
+        ln -s security-pub-keys-${EMULATE_FQDN}.txt \
+            $MIG_ROOT/state/wwwpublic/.well-known/security-pub-keys-${DOMAIN}.txt ; \
+    fi && \
+    if [ ! -e "$MIG_ROOT/state/wwwpublic/.well-known/security-disclosure-policy-${DOMAIN}.txt" ]; then \
+        ln -s security-disclosure-policy-${EMULATE_FQDN}.txt \
+            $MIG_ROOT/state/wwwpublic/.well-known/security-disclosure-policy-${DOMAIN}.txt ; \
+    fi && \
     chown -R $USER:$GROUP $MIG_ROOT/state/wwwpublic/*.html
 
 # TODO: improve this very crude and hard-coded translation

tests/test-11-migrid-https-frontpage-links.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+source default
+
+function check_web() {
+  URL="$1"
+  ${DOCKER:?} run --rm --network host --dns 127.0.0.1 curlimages/curl:8.7.1 \
+    --connect-timeout 1 \
+    --retry-connrefused \
+    --retry 3 \
+    -k \
+    -s \
+    -v \
+    --fail \
+    -o /dev/null \
+    -sw 'HTTP status code: %{http_code}\n' \
+    ${URL} \
+    > $(basename "$0").log 2>&1
+  return $?
+}
+
+status=0
+for PAGE in terms.html cookie-policy.pdf site-privacy-policy.pdf .well-known/security.txt .well-known/security-disclosure-policy.txt ; do
+  check_web "https://${DOMAIN}:${PUBLIC_HTTPS_PORT}/${PAGE}"
+  status=$(($status+$?))
+done
+
+[[ "$status" == 0 ]] && echo -e "${GREEN}passed${ENDCOLOR}" && exit 0
+echo -e "${RED}failed${ENDCOLOR}" && exit 1