YunoHost-Apps/domoticz_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/domoticz_ynh.git synced 2024-09-03 18:26:17 +02:00
Code Issues Activity Actions

Merge branch 'testing' into convertv2_wo_mosquitto

Browse source
This commit is contained in:
Krakinou 2024-01-20 16:21:50 +01:00
commit b7bfa3c1a5
3 changed files with 31 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
conf/systemd.service
View file

@ -18,7 +18,7 @@ NoNewPrivileges=yes
PrivateTmp=yes
#Private device restrict access to device in /dev/, so to any devices like razberry, zigate, etc.
#PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_BLUETOOTH
RestrictNamespaces=yes
RestrictRealtime=yes
#Same : restrict access to devices

27
scripts/install
View file

@ -140,6 +140,33 @@ ynh_add_fail2ban_config --logpath="$log_file" --failregex="^.*Error: Failed logi
#=================================================
ynh_script_progression --message="Configuring permissions..."
<<<<<<< HEAD
=======
# Make app public if necessary
if [ "$is_public" -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi
#remove the authentication header preventing login from 2023.2 and 11.2.3 onward
ynh_permission_url --permission="main" --auth_header=false
#API & MQTT should stay publicly accessible.
ynh_permission_create --permission="domoticz_API" --label="api" --url="$domain$api_path" --allowed="visitors" --show_tile="false" --protected="true"
[[ ! -z "$mqtt_domain" ]] && ynh_permission_create --permission="domoticz_MQTT" --label="MQTT" --url="$mqtt_domain" --allowed="visitors" --show_tile="false" --protected="true"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
>>>>>>> refs/heads/testing
#=================================================
# END OF SCRIPT
#=================================================

3
scripts/upgrade
View file

@ -71,6 +71,9 @@ if [ -d "/var/log/$app/$app" ]; then
ynh_secure_remove "/var/log/$app/$app"
fi
#remove the authentication header preventing login from 2023.2 and 11.2.3 onward
ynh_permission_url --permission="main" --auth_header=false
#=================================================
# CREATE DEDICATED USER
#=================================================