From 2daa50edc044c28002aaa7daa886b757e14f073a Mon Sep 17 00:00:00 2001
From: Martin Saporiti <martinsaporiti@gmail.com>
Date: Fri, 14 Jun 2024 16:58:17 -0300
Subject: [PATCH] chore: add ui insecure option

---
 .env-ui.sample                    |  1 +
 ui/deployment/nginx_insecure.conf | 58 +++++++++++++++++++++++++++++++
 ui/scripts/deploy.sh              | 13 +++++--
 3 files changed, 69 insertions(+), 3 deletions(-)
 create mode 100644 ui/deployment/nginx_insecure.conf

diff --git a/.env-ui.sample b/.env-ui.sample
index 6f6e4f30e..804fc1bdf 100644
--- a/.env-ui.sample
+++ b/.env-ui.sample
@@ -5,3 +5,4 @@ ISSUER_UI_BUILD_TAG=
 ISSUER_UI_WARNING_MESSAGE=
 ISSUER_UI_IPFS_GATEWAY_URL=https://ipfs.io
 ISSUER_UI_SCHEMA_EXPLORER_AND_BUILDER_URL=https://schema-builder.polygonid.me
+ISSUER_UI_INSECURE=false
\ No newline at end of file
diff --git a/ui/deployment/nginx_insecure.conf b/ui/deployment/nginx_insecure.conf
new file mode 100644
index 000000000..764842d1b
--- /dev/null
+++ b/ui/deployment/nginx_insecure.conf
@@ -0,0 +1,58 @@
+server {
+    listen 80;
+    server_name localhost;
+
+    location /health {
+            access_log off;
+            add_header 'Content-Type' 'application/json';
+            return 200 '{"status":"ok"}';
+    }
+
+    location ~* "^/credentials/scan-(issued|link)/[0-9a-f]{8}\b-[0-9a-f]{4}\b-[0-9a-f]{4}\b-[0-9a-f]{4}\b-[0-9a-f]{12}" {
+        auth_basic          "off";
+        root   /usr/share/nginx/html;
+        index  index.html;
+        try_files $uri /index.html =404;
+        include  uwsgi_params;
+    }
+
+    location /assets {
+        auth_basic          "off";
+        root   /usr/share/nginx/html;
+        try_files $uri /index.html =404;
+        include  uwsgi_params;
+    }
+
+    location /favicon.png {
+        auth_basic          "off";
+        root   /usr/share/nginx/html;
+        try_files $uri /index.html =404;
+        include  uwsgi_params;
+    }
+
+    location /images {
+        auth_basic          "off";
+        root   /usr/share/nginx/html;
+        try_files $uri /index.html =404;
+        include  uwsgi_params;
+    }
+
+    location /fonts {
+        auth_basic          "off";
+        root   /usr/share/nginx/html;
+        try_files $uri /index.html =404;
+        include  uwsgi_params;
+    }
+
+    location / {
+        root   /usr/share/nginx/html;
+        index  index.html;
+        # Redirect all requests to index.html
+        try_files $uri /index.html =404;
+    }
+
+    error_page   500 502 503 504  /50x.html;
+    location = /50x.html {
+        root   /usr/share/nginx/html;
+    }
+}
diff --git a/ui/scripts/deploy.sh b/ui/scripts/deploy.sh
index ab81d01e7..28c30de12 100755
--- a/ui/scripts/deploy.sh
+++ b/ui/scripts/deploy.sh
@@ -21,11 +21,18 @@ echo "VITE_SCHEMA_EXPLORER_AND_BUILDER_URL=$ISSUER_UI_SCHEMA_EXPLORER_AND_BUILDE
 cd /app && npm run build
 
 # Copy nginx config
-cp deployment/nginx.conf /etc/nginx/conf.d/default.conf
 echo $ISSUER_UI_AUTH_USERNAME
 echo $ISSUER_UI_AUTH_PASSWORD
-htpasswd -c -b /etc/nginx/.htpasswd $ISSUER_UI_AUTH_USERNAME $ISSUER_UI_AUTH_PASSWORD
-cat /etc/nginx/.htpasswd
+
+# shellcheck disable=SC2039
+if [ "${ISSUER_UI_INSECURE}" == "true" ]; then
+  cp deployment/nginx_insecure.conf /etc/nginx/conf.d/default.conf
+else
+  cp deployment/nginx.conf /etc/nginx/conf.d/default.conf
+  htpasswd -c -b /etc/nginx/.htpasswd $ISSUER_UI_AUTH_USERNAME $ISSUER_UI_AUTH_PASSWORD
+  cat /etc/nginx/.htpasswd
+fi
+
 
 # Copy app dist
 cp -r /app/dist/. /usr/share/nginx/html