mirror of
https://github.com/YunoHost/yunohost.git
synced 2024-09-03 20:06:10 +02:00
Search and replace old settings, first pass
This commit is contained in:
Tagadda
parent
1d782b3a66
commit
eb747cc15e
9 changed files with 18 additions and 18 deletions
|
|
@ -3,7 +3,7 @@
|
|||
|
||||
Protocol 2
|
||||
# PLEASE: if you wish to change the ssh port properly in YunoHost, use this command:
|
||||
# yunohost settings set security.ssh.port -v <port>
|
||||
# yunohost settings set security.ssh.ssh_port -v <port>
|
||||
Port {{ port }}
|
||||
|
||||
{% if ipv6_enabled == "true" %}ListenAddress ::{% endif %}
|
||||
|
|
@ -56,7 +56,7 @@ ChallengeResponseAuthentication no
|
|||
UsePAM yes
|
||||
|
||||
# PLEASE: if you wish to force everybody to authenticate using ssh keys, run this command:
|
||||
# yunohost settings set security.ssh.password_authentication -v no
|
||||
# yunohost settings set security.ssh.ssh_password_authentication -v no
|
||||
{% if password_authentication == "False" %}
|
||||
PasswordAuthentication no
|
||||
{% else %}
|
||||
|
|
|
|||
|
|
@ -15,14 +15,14 @@ do_pre_regen() {
|
|||
ssh_keys=$(ls /etc/ssh/ssh_host_{ed25519,rsa,ecdsa}_key 2>/dev/null || true)
|
||||
|
||||
# Support legacy setting (this setting might be disabled by a user during a migration)
|
||||
if [[ "$(yunohost settings get 'service.ssh.allow_deprecated_dsa_hostkey')" == "True" ]]; then
|
||||
if [[ "$(yunohost settings get 'security.ssh.ssh_allow_deprecated_dsa_hostkey')" == "True" ]]; then
|
||||
ssh_keys="$ssh_keys $(ls /etc/ssh/ssh_host_dsa_key 2>/dev/null || true)"
|
||||
fi
|
||||
|
||||
# Support different strategy for security configurations
|
||||
export compatibility="$(yunohost settings get 'security.ssh.compatibility')"
|
||||
export port="$(yunohost settings get 'security.ssh.port')"
|
||||
export password_authentication="$(yunohost settings get 'security.ssh.password_authentication')"
|
||||
export compatibility="$(yunohost settings get 'security.ssh.ssh_compatibility')"
|
||||
export port="$(yunohost settings get 'security.ssh.ssh_port')"
|
||||
export password_authentication="$(yunohost settings get 'security.ssh.ssh_password_authentication')"
|
||||
export ssh_keys
|
||||
export ipv6_enabled
|
||||
ynh_render_template "sshd_config" "${pending_dir}/etc/ssh/sshd_config"
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ do_pre_regen() {
|
|||
# install / update plain conf files
|
||||
cp plain/* "$nginx_conf_dir"
|
||||
# remove the panel overlay if this is specified in settings
|
||||
panel_overlay=$(yunohost settings get 'ssowat.panel_overlay.enabled')
|
||||
panel_overlay=$(yunohost settings get 'misc.ssowat.ssowat_panel_overlay_enabled')
|
||||
if [ "$panel_overlay" == "false" ] || [ "$panel_overlay" == "False" ]; then
|
||||
echo "#" >"${nginx_conf_dir}/yunohost_panel.conf.inc"
|
||||
fi
|
||||
|
|
@ -65,9 +65,9 @@ do_pre_regen() {
|
|||
main_domain=$(cat /etc/yunohost/current_host)
|
||||
|
||||
# Support different strategy for security configurations
|
||||
export redirect_to_https="$(yunohost settings get 'security.nginx.redirect_to_https')"
|
||||
export compatibility="$(yunohost settings get 'security.nginx.compatibility')"
|
||||
export experimental="$(yunohost settings get 'security.experimental.enabled')"
|
||||
export redirect_to_https="$(yunohost settings get 'security.nginx.nginx_redirect_to_https')"
|
||||
export compatibility="$(yunohost settings get 'security.nginx.nginx_compatibility')"
|
||||
export experimental="$(yunohost settings get 'security.experimental.security_experimental_enabled')"
|
||||
ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc"
|
||||
|
||||
cert_status=$(yunohost domain cert status --json)
|
||||
|
|
@ -92,9 +92,9 @@ do_pre_regen() {
|
|||
|
||||
done
|
||||
|
||||
export webadmin_allowlist_enabled=$(yunohost settings get security.webadmin.allowlist.enabled)
|
||||
export webadmin_allowlist_enabled=$(yunohost settings get security.webadmin.webadmin_allowlist_enabled)
|
||||
if [ "$webadmin_allowlist_enabled" == "True" ]; then
|
||||
export webadmin_allowlist=$(yunohost settings get security.webadmin.allowlist)
|
||||
export webadmin_allowlist=$(yunohost settings get security.webadmin.webadmin_allowlist)
|
||||
fi
|
||||
ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc"
|
||||
ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc"
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ do_pre_regen() {
|
|||
cp dovecot-ldap.conf "${dovecot_dir}/dovecot-ldap.conf"
|
||||
cp dovecot.sieve "${dovecot_dir}/global_script/dovecot.sieve"
|
||||
|
||||
export pop3_enabled="$(yunohost settings get 'pop3.enabled')"
|
||||
export pop3_enabled="$(yunohost settings get 'email.pop3.pop3_enabled')"
|
||||
export main_domain=$(cat /etc/yunohost/current_host)
|
||||
export domain_list="$YNH_DOMAINS"
|
||||
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ do_pre_regen() {
|
|||
cp yunohost.conf "${fail2ban_dir}/filter.d/yunohost.conf"
|
||||
cp jail.conf "${fail2ban_dir}/jail.conf"
|
||||
|
||||
export ssh_port="$(yunohost settings get 'security.ssh.port')"
|
||||
export ssh_port="$(yunohost settings get 'security.ssh.ssh_port')"
|
||||
ynh_render_template "yunohost-jails.conf" "${fail2ban_dir}/jail.d/yunohost-jails.conf"
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -100,7 +100,7 @@ def find_expected_string_keys():
|
|||
yield m
|
||||
|
||||
# Global settings descriptions
|
||||
# Will be on a line like : ("service.ssh.allow_deprecated_dsa_hostkey", {"type": "bool", ...
|
||||
# Will be on a line like : ("security.ssh.ssh_allow_deprecated_dsa_hostkey", {"type": "bool", ...
|
||||
p5 = re.compile(r" \(\n*\s*[\"\'](\w[\w\.]+)[\"\'],")
|
||||
content = open(ROOT + "src/settings.py").read()
|
||||
for m in (
|
||||
|
|
|
|||
|
|
@ -1928,7 +1928,7 @@ class TarBackupMethod(BackupMethod):
|
|||
def _archive_file(self):
|
||||
|
||||
if isinstance(self.manager, BackupManager) and settings_get(
|
||||
"backup.compress_tar_archives"
|
||||
"misc.backup.backup_compress_tar_archives"
|
||||
):
|
||||
return os.path.join(self.repo, self.name + ".tar.gz")
|
||||
|
||||
|
|
|
|||
|
|
@ -291,7 +291,7 @@ class MyDiagnoser(Diagnoser):
|
|||
if global_ipv4:
|
||||
outgoing_ips.append(global_ipv4)
|
||||
|
||||
if settings_get("smtp.allow_ipv6"):
|
||||
if settings_get("email.smtp.smtp_allow_ipv6"):
|
||||
ipv6 = Diagnoser.get_cached_report("ip", {"test": "ipv6"}) or {}
|
||||
if ipv6.get("status") == "SUCCESS":
|
||||
outgoing_ipversions.append(6)
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ class MyDiagnoser(Diagnoser):
|
|||
)
|
||||
|
||||
# Check consistency between actual ssh port in sshd_config vs. setting
|
||||
ssh_port_setting = settings_get("security.ssh.port")
|
||||
ssh_port_setting = settings_get("security.ssh.ssh_port")
|
||||
ssh_port_line = re.findall(
|
||||
r"\bPort *([0-9]{2,5})\b", read_file("/etc/ssh/sshd_config")
|
||||
)
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue