tooling box ./utils/*: minor fix from production test

.config.sh

@@ -1,6 +1,6 @@
 # -*- coding: utf-8; mode: sh -*-
 # SPDX-License-Identifier: AGPL-3.0-or-later
-# shellcheck shell=bash
+# shellcheck shell=bash disable=SC2034
 #
 # This environment is used by ./utils scripts like filtron.sh or searx.sh.  The
 # default values are *most flexible* and *best maintained*, you normally not

utils/filtron.sh

@@ -96,7 +96,7 @@ If needed, set PUBLIC_URL of your WEB service in the '${DOT_CONFIG#"$REPO_ROOT/"
   FILTRON_TARGET : ${FILTRON_TARGET}
 
 EOF
-    [ ! -z ${1+x} ] &&  err_msg "$1"
+    [ ! -z "${1+x}" ] &&  err_msg "$1"
 }
 
 main() {

utils/lib.sh

@@ -279,7 +279,7 @@ cache_download() {
         else
             wget --progress=bar -O "${CACHE}/$2" "$1" ; exit_value=$?
         fi
-        if [[ $exit_value = 0 ]]; then
+        if [[ ! $exit_value = 0 ]]; then
             err_msg "failed to download: $1"
         fi
     fi

utils/morty.sh

@@ -84,7 +84,7 @@ ${DOT_CONFIG#"$REPO_ROOT/"} file::
   SERVICE_USER :   ${SERVICE_USER}
 EOF
     info_searx
-    [ ! -z ${1+x} ] &&  err_msg "$1"
+    [ ! -z "${1+x}" ] &&  err_msg "$1"
 }
 
 info_searx() {
@@ -196,6 +196,12 @@ install_all() {
     if ! service_is_available "http://${MORTY_LISTEN}" ; then
         err_msg "Morty does not listening on: http://${MORTY_LISTEN}"
     fi
+    if apache_is_installed; then
+        info_msg "Apache is installed on this host."
+        if ask_yn "Do you want to install a reverse proxy (ProxyPass)" Yn; then
+            install_apache_site
+        fi
+    fi
     if ask_yn "Do you want to inspect the installation?" Yn; then
         inspect_service
     fi

utils/searx.sh

@@ -110,7 +110,7 @@ If needed, set PUBLIC_URL of your WEB service in the '${DOT_CONFIG#"$REPO_ROOT/"
   SERVICE_USER        : ${SERVICE_USER}
 
 EOF
-    [ ! -z ${1+x} ] &&  err_msg "$1"
+    [ ! -z "${1+x}" ] &&  err_msg "$1"
 }
 
 main() {
@@ -403,8 +403,8 @@ test_local_searx() {
     tee_stderr 0.1 <<EOF | sudo -H -u "${SERVICE_USER}" -i 2>&1 |  prefix_stdout "$_service_prefix"
 cd ${SEARX_SRC}
 sed -i -e "s/debug : False/debug : True/g" "$SEARX_SETTINGS"
-timeout 5 python3 searx/webapp.py &
-sleep 1
+timeout 10 python3 searx/webapp.py &
+sleep 3
 curl --location --verbose --head --insecure $SEARX_INTERNAL_URL
 sed -i -e "s/debug : True/debug : False/g" "$SEARX_SETTINGS"
 EOF

utils/templates/etc/apache2/sites-available/morty.conf

@@ -4,7 +4,12 @@ ProxyPreserveHost On
 
 <Location ${PUBLIC_URL_PATH_MORTY} >
 
+    <IfModule mod_security2.c>
+        SecRuleEngine Off
+    </IfModule>
+
     Require all granted
+
     Order deny,allow
     Deny from all
     #Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1

utils/templates/etc/apache2/sites-available/searx.conf:filtron

@@ -2,9 +2,18 @@
 
 ProxyPreserveHost On
 
+# SecRuleRemoveById 981054
+# SecRuleRemoveById 981059
+# SecRuleRemoveById 981060
+
 <Location ${FILTRON_URL_PATH} >
 
+    <IfModule mod_security2.c>
+        SecRuleEngine Off
+    </IfModule>
+
     Require all granted
+
     Order deny,allow
     Deny from all
     #Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1

utils/templates/etc/apache2/sites-available/searx.conf:uwsgi

@@ -11,6 +11,8 @@
             SecRuleEngine Off
         </IfModule>
 
+	Require all granted
+
         Options FollowSymLinks Indexes
         SetHandler uwsgi-handler
         uWSGISocket ${SEARX_UWSGI_SOCKET}