mirror of
https://github.com/YunoHost-Apps/ttrss_ynh.git
synced 2024-10-01 13:34:46 +02:00
Merge pull request #53 from YunoHost-Apps/enh_alias_traversal_changeurl
Fix alias traversal and add change_url script
This commit is contained in:
commit
849882bf99
9 changed files with 162 additions and 22 deletions
|
@ -15,7 +15,7 @@
|
||||||
multi_instance=1
|
multi_instance=1
|
||||||
incorrect_path=1
|
incorrect_path=1
|
||||||
port_already_use=0
|
port_already_use=0
|
||||||
change_url=0
|
change_url=1
|
||||||
;;; Levels
|
;;; Levels
|
||||||
Level 1=auto
|
Level 1=auto
|
||||||
Level 2=auto
|
Level 2=auto
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
location __PATH__ {
|
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
|
||||||
|
location __PATH__/ {
|
||||||
alias __FINALPATH__/ ;
|
alias __FINALPATH__/ ;
|
||||||
if ($scheme = http) {
|
if ($scheme = http) {
|
||||||
rewrite ^ https://$server_name$request_uri? permanent;
|
rewrite ^ https://$server_name$request_uri? permanent;
|
||||||
|
|
|
@ -7,14 +7,14 @@
|
||||||
"fr": "Un lecteur de flux en PHP et Ajax"
|
"fr": "Un lecteur de flux en PHP et Ajax"
|
||||||
},
|
},
|
||||||
"url": "http://tt-rss.org",
|
"url": "http://tt-rss.org",
|
||||||
"license": "GPL-3",
|
"license": "GPL-3.0-only",
|
||||||
"version": "153cb6d30510f9804fe596ac6777bc2f35111ae2",
|
"version": "153cb6d30510f9804fe596ac6777bc2f35111ae2",
|
||||||
"maintainer": {
|
"maintainer": {
|
||||||
"name": "titoko",
|
"name": "titoko",
|
||||||
"email": "titoko@titoko.fr"
|
"email": "titoko@titoko.fr"
|
||||||
},
|
},
|
||||||
"requirements": {
|
"requirements": {
|
||||||
"yunohost": ">= 2.6.4"
|
"yunohost": ">= 2.7.12"
|
||||||
},
|
},
|
||||||
"multi_instance": true,
|
"multi_instance": true,
|
||||||
"services": [
|
"services": [
|
||||||
|
|
16
scripts/_common.sh
Normal file
16
scripts/_common.sh
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# EXPERIMENTAL HELPERS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Delete a file checksum from the app settings
|
||||||
|
#
|
||||||
|
# $app should be defined when calling this helper
|
||||||
|
#
|
||||||
|
# usage: ynh_remove_file_checksum file
|
||||||
|
# | arg: file - The file for which the checksum will be deleted
|
||||||
|
ynh_delete_file_checksum () {
|
||||||
|
local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
|
||||||
|
ynh_app_setting_delete $app $checksum_setting_name
|
||||||
|
}
|
|
@ -1,14 +1,5 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# GENERIC START
|
|
||||||
#=================================================
|
|
||||||
# MANAGE SCRIPT FAILURE
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
# Exit on command errors and treat access to unset variables as an error
|
|
||||||
set -eu
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# IMPORT GENERIC HELPERS
|
# IMPORT GENERIC HELPERS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -21,6 +12,13 @@ set -eu
|
||||||
# source _common.sh
|
# source _common.sh
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# MANAGE SCRIPT FAILURE
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Exit if an error occurs during the execution of the script
|
||||||
|
ynh_abort_if_errors
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
105
scripts/change_url
Normal file
105
scripts/change_url
Normal file
|
@ -0,0 +1,105 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC STARTING
|
||||||
|
#=================================================
|
||||||
|
# IMPORT GENERIC HELPERS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
source _common.sh
|
||||||
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RETRIEVE ARGUMENTS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
old_domain=$YNH_APP_OLD_DOMAIN
|
||||||
|
old_path=$YNH_APP_OLD_PATH
|
||||||
|
|
||||||
|
new_domain=$YNH_APP_NEW_DOMAIN
|
||||||
|
new_path=$YNH_APP_NEW_PATH
|
||||||
|
|
||||||
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# LOAD SETTINGS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
final_path=$(ynh_app_setting_get "$app" final_path)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# CHECK PATHS SYNTAX
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
test -n "$old_path" || old_path="/"
|
||||||
|
test -n "$new_path" || new_path="/"
|
||||||
|
new_path=$(ynh_normalize_url_path $new_path)
|
||||||
|
old_path=$(ynh_normalize_url_path $old_path)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# CHECK WHICH PARTS SHOULD BE CHANGED
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
change_domain=0
|
||||||
|
if [ "$old_domain" != "$new_domain" ]
|
||||||
|
then
|
||||||
|
change_domain=1
|
||||||
|
fi
|
||||||
|
|
||||||
|
change_path=0
|
||||||
|
if [ "$old_path" != "$new_path" ]
|
||||||
|
then
|
||||||
|
change_path=1
|
||||||
|
fi
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# STANDARD MODIFICATIONS
|
||||||
|
#=================================================
|
||||||
|
# MODIFY URL IN NGINX CONF
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
||||||
|
|
||||||
|
# Change the path in the nginx config file
|
||||||
|
if [ $change_path -eq 1 ]
|
||||||
|
then
|
||||||
|
# Make a backup of the original nginx config file if modified
|
||||||
|
ynh_backup_if_checksum_is_different "$nginx_conf_path"
|
||||||
|
# Set global variables for nginx helper
|
||||||
|
domain="$old_domain"
|
||||||
|
path_url="$new_path"
|
||||||
|
# Store path_url setting
|
||||||
|
ynh_app_setting_set $app path_url "$path_url"
|
||||||
|
# Create a dedicated nginx config
|
||||||
|
ynh_add_nginx_config
|
||||||
|
if [ "$path_url" != "/" ]
|
||||||
|
then
|
||||||
|
ynh_replace_string "^#sub_path_only" "" "$nginx_conf_path"
|
||||||
|
fi
|
||||||
|
ynh_store_file_checksum "$nginx_conf_path"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Change the domain for nginx
|
||||||
|
if [ $change_domain -eq 1 ]
|
||||||
|
then
|
||||||
|
# Delete file checksum for the old conf file location
|
||||||
|
ynh_delete_file_checksum "$nginx_conf_path"
|
||||||
|
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
|
||||||
|
# Store file checksum for the new config file location
|
||||||
|
ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
||||||
|
fi
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SPECIFIC MODIFICATIONS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Change domain name in parameters.yml
|
||||||
|
ynh_replace_string "define('SELF_URL_PATH'.*" "define('SELF_URL_PATH', 'https://$new_domain$new_path');" "$final_path/config.php"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC FINALIZATION
|
||||||
|
#=================================================
|
||||||
|
# RELOAD NGINX
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
systemctl reload nginx
|
|
@ -77,6 +77,11 @@ ynh_setup_source "$final_path"
|
||||||
|
|
||||||
# Create a dedicated nginx config
|
# Create a dedicated nginx config
|
||||||
ynh_add_nginx_config
|
ynh_add_nginx_config
|
||||||
|
if [ "$path_url" != "/" ]
|
||||||
|
then
|
||||||
|
ynh_replace_string "^#sub_path_only" "" "/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
|
fi
|
||||||
|
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CREATE DEDICATED USER
|
# CREATE DEDICATED USER
|
||||||
|
@ -137,6 +142,12 @@ sudo -u $app php ${final_path}/update.php --update-schema
|
||||||
|
|
||||||
sudo systemctl start $app
|
sudo systemctl start $app
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# ADVERTISE SERVICE IN ADMIN PANEL
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
yunohost service add $app
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC FINALIZATION
|
# GENERIC FINALIZATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
|
@ -1,14 +1,5 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# GENERIC START
|
|
||||||
#=================================================
|
|
||||||
# MANAGE SCRIPT FAILURE
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
# Exit on command errors and treat access to unset variables as an error
|
|
||||||
set -eu
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# IMPORT GENERIC HELPERS
|
# IMPORT GENERIC HELPERS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -21,6 +12,13 @@ set -eu
|
||||||
# source _common.sh
|
# source _common.sh
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# MANAGE SCRIPT FAILURE
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Exit if an error occurs during the execution of the script
|
||||||
|
ynh_abort_if_errors
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
|
@ -69,6 +69,11 @@ ynh_setup_source "$final_path"
|
||||||
|
|
||||||
# Create a dedicated nginx config
|
# Create a dedicated nginx config
|
||||||
ynh_add_nginx_config
|
ynh_add_nginx_config
|
||||||
|
if [ "$path_url" != "/" ]
|
||||||
|
then
|
||||||
|
ynh_replace_string "^#sub_path_only" "" "/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
|
fi
|
||||||
|
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CREATE DEDICATED USER
|
# CREATE DEDICATED USER
|
||||||
|
@ -126,6 +131,12 @@ chown -R $app $final_path/{cache,feed-icons,lock}
|
||||||
ynh_add_systemd_config
|
ynh_add_systemd_config
|
||||||
systemctl restart $app
|
systemctl restart $app
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# ADVERTISE SERVICE IN ADMIN PANEL
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
yunohost service add $app
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC FINALIZATION
|
# GENERIC FINALIZATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
Loading…
Reference in a new issue