YunoHost-Apps/leed_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/leed_ynh.git synced 2024-09-03 19:26:32 +02:00
Code Issues Activity Actions

Fix alias_traversal

Browse source
This commit is contained in:
Maniack Crudelis 2018-01-04 19:29:28 +01:00
parent 379cfa3446
commit 3d45ac88c7
5 changed files with 29 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
conf/nginx.conf
View file

@ -1,4 +1,5 @@
location __PATH__ {
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
location __PATH__/ {
alias __FINALPATH__/ ;
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;

5
scripts/_common.sh
View file

@ -454,6 +454,11 @@ EOF
ynh_store_file_checksum "$finalfail2banfilterconf"
sudo systemctl restart fail2ban
if local fail2ban_error="$(tail -n50 /var/log/fail2ban.log | grep "WARNING Command.*$app.*addfailregex")"
then
echo "[ERR] Fail2ban fail to load the jail for $app" >&2
echo "WARNING${fail2ban_error#*WARNING}" >&2
fi
}
# Remove the dedicated fail2ban config (jail and filter conf files)

17
scripts/change_url
View file

@ -68,9 +68,20 @@ then
# Make a backup of the original nginx config file if modified
ynh_backup_if_checksum_is_different "$nginx_conf_path"
# Replace locations starting with old_path
# Look for every location possible patterns (see https://nginx.org/en/docs/http/ngx_http_core_module.html#location)
ynh_replace_string "location\( \(=\|~\|~\*\|\^~\)\)\? $old_path" "location\1 $new_path" "$nginx_conf_path"
# Move from sub path to root
if [ "$new_path" == "/" ]
then
ynh_replace_string "^.*rewrite.*\^$old_path" "#sub_path_only&" "$nginx_conf_path"
ynh_replace_string "\(rewrite *\^\)$old_path\$ $old_path/*" "\1$new_path$ $new_path" "$nginx_conf_path"
# Move to a sub path
else
ynh_replace_string "^#sub_path_only" "" "$nginx_conf_path"
ynh_replace_string "\(rewrite *\^\)$old_path\$ $old_path/*" "\1$new_path$ $new_path/" "$nginx_conf_path"
fi
ynh_replace_string "location ${old_path%/}/" "location ${new_path%/}/" "$nginx_conf_path"
# Calculate and store the nginx config file checksum
ynh_store_file_checksum "$nginx_conf_path"

4
scripts/install
View file

@ -72,6 +72,10 @@ ynh_setup_source "$final_path" # Télécharge la source, décompresse et copie d
# NGINX CONFIGURATION
#=================================================
if [ "$path_url" != "/" ]
then
ynh_replace_string "^#sub_path_only" "" "../conf/nginx.conf"
fi
ynh_add_nginx_config
#=================================================

4
scripts/upgrade
View file

@ -92,6 +92,10 @@ ynh_setup_source "$final_path" # Télécharge la source, décompresse et copie d
# NGINX CONFIGURATION
#=================================================
if [ "$path_url" != "/" ]
then
ynh_replace_string "^#sub_path_only" "" "../conf/nginx.conf"
fi
ynh_add_nginx_config
#=================================================