clean config, support read-only non-root docker
All checks were successful
docker / docker (push) Successful in 22s
All checks were successful
docker / docker (push) Successful in 22s
Signed-off-by: ngn <ngn@ngn.tf>
This commit is contained in:
@ -1,90 +0,0 @@
|
||||
<?php
|
||||
|
||||
include "/var/www/html/4get/data/config.php";
|
||||
|
||||
$refl = new ReflectionClass('config');
|
||||
$from_config = ($refl->getConstants());
|
||||
$from_env = array();
|
||||
|
||||
$env = getenv();
|
||||
$fourget_env = array_filter($env, function($v, $k) {
|
||||
return str_starts_with($k, "FOURGET");
|
||||
}, ARRAY_FILTER_USE_BOTH);
|
||||
|
||||
foreach($fourget_env as $key => $val) {
|
||||
$target_key = preg_replace('/^FOURGET_/', '', $key);
|
||||
$from_env[$target_key] = trim($val, '\'"');
|
||||
};
|
||||
|
||||
$merged_config = array_merge($from_config, $from_env);
|
||||
|
||||
function type_to_string($n) {
|
||||
$type = gettype($n);
|
||||
if ($type === "NULL") {
|
||||
return "null";
|
||||
}
|
||||
if ($type === "boolean") {
|
||||
return $n ? 'true' : 'false';
|
||||
}
|
||||
if ($type === "string") {
|
||||
if(is_numeric($n)) {
|
||||
return $n;
|
||||
}
|
||||
return "\"$n\"";
|
||||
}
|
||||
if ($type === "array") {
|
||||
return json_encode($n, JSON_UNESCAPED_SLASHES);
|
||||
}
|
||||
return $n;
|
||||
}
|
||||
|
||||
|
||||
function detect_captcha_dirs() {
|
||||
$captcha_dir = "/var/www/html/4get/data/captcha/";
|
||||
$categories = (array_map(function ($n) {
|
||||
return explode("/", $n)[7];
|
||||
}, glob($captcha_dir . "*")));
|
||||
|
||||
|
||||
$result = array_map(function($category) {
|
||||
return [$category, count(glob("/var/www/html/4get/data/captcha/" . $category . "/*" ))];
|
||||
}, $categories);
|
||||
|
||||
return $result;
|
||||
}
|
||||
|
||||
|
||||
$special_keys = ["PROTO", "CAPTCHA_DATASET"];
|
||||
|
||||
$output = "<?php\n // This file was generated by docker/gen_config.php\n";
|
||||
|
||||
$output = $output . "class config {\n";
|
||||
foreach(($merged_config) as $key => $val){
|
||||
if(!in_array($key, $special_keys)) {
|
||||
$stored_value = $val;
|
||||
// conversion between arrays and comma separated env value.
|
||||
// Handle case when original type of field is array and there is a type mismatch when a comma separted string is passed,
|
||||
// then split on comma if string (and not numeric, boolean, null, etc)
|
||||
//
|
||||
// except in the case where the inital value in default config is null or boolean. Assuming null and boolean
|
||||
// in default config will be never be assigned an array
|
||||
|
||||
if(gettype($from_config[$key]) != gettype($val) && !is_numeric($val) && !is_null($from_config[$key]) && gettype($from_config[$key]) != "boolean") {
|
||||
$stored_value = explode(",", $val);
|
||||
}
|
||||
$output = $output . "\tconst " . $key . " = " . type_to_string($stored_value) . ";\n";
|
||||
|
||||
continue;
|
||||
}
|
||||
|
||||
|
||||
if($key === "CAPTCHA_DATASET") {
|
||||
$output = $output . "\tconst " . $key . " = " . type_to_string(detect_captcha_dirs()) . ";\n";
|
||||
}
|
||||
}
|
||||
|
||||
$output = $output . "}\n";
|
||||
$output = $output . "?>";
|
||||
|
||||
file_put_contents("./data/config.php", $output);
|
||||
?>
|
||||
@ -1,16 +1,19 @@
|
||||
Listen 80
|
||||
ServerTokens OS
|
||||
Listen 8080
|
||||
|
||||
ServerRoot /var/www
|
||||
ServerSignature On
|
||||
ServerName localhost
|
||||
|
||||
DocumentRoot "/var/www/html/4get"
|
||||
ServerSignature Off
|
||||
ServerTokens Prod
|
||||
|
||||
LogLevel error
|
||||
PidFile /dev/shm/httpd.pid
|
||||
DocumentRoot /srv/4get
|
||||
|
||||
LogLevel error
|
||||
CustomLog /dev/null common
|
||||
ErrorLog /dev/null
|
||||
ErrorLog /dev/stderr
|
||||
|
||||
<Directory "/var/www/html/4get">
|
||||
<Directory /srv/4get>
|
||||
RewriteEngine On
|
||||
RewriteCond %{THE_REQUEST} ^\w+\ /(.*)\.php(\?.*)?\ HTTP/
|
||||
RewriteRule ^ http://%{HTTP_HOST}/%1 [R=301]
|
||||
@ -22,68 +25,32 @@ ErrorLog /dev/null
|
||||
</Directory>
|
||||
|
||||
# deny access to private resources
|
||||
<Directory "/var/www/html/4get/data">
|
||||
<Directory /srv/4get/data>
|
||||
Require all denied
|
||||
<Files "*">
|
||||
<Files *>
|
||||
Require all denied
|
||||
</Files>
|
||||
</Directory>
|
||||
|
||||
LoadModule rewrite_module modules/mod_rewrite.so
|
||||
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
|
||||
LoadModule authn_file_module modules/mod_authn_file.so
|
||||
LoadModule authn_core_module modules/mod_authn_core.so
|
||||
LoadModule authz_host_module modules/mod_authz_host.so
|
||||
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
|
||||
LoadModule authz_user_module modules/mod_authz_user.so
|
||||
LoadModule authz_core_module modules/mod_authz_core.so
|
||||
LoadModule rewrite_module modules/mod_rewrite.so
|
||||
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
|
||||
LoadModule authz_core_module modules/mod_authz_core.so
|
||||
LoadModule access_compat_module modules/mod_access_compat.so
|
||||
LoadModule auth_basic_module modules/mod_auth_basic.so
|
||||
LoadModule reqtimeout_module modules/mod_reqtimeout.so
|
||||
LoadModule filter_module modules/mod_filter.so
|
||||
LoadModule mime_module modules/mod_mime.so
|
||||
LoadModule log_config_module modules/mod_log_config.so
|
||||
LoadModule env_module modules/mod_env.so
|
||||
LoadModule headers_module modules/mod_headers.so
|
||||
LoadModule setenvif_module modules/mod_setenvif.so
|
||||
LoadModule version_module modules/mod_version.so
|
||||
LoadModule unixd_module modules/mod_unixd.so
|
||||
LoadModule status_module modules/mod_status.so
|
||||
LoadModule autoindex_module modules/mod_autoindex.so
|
||||
LoadModule dir_module modules/mod_dir.so
|
||||
LoadModule alias_module modules/mod_alias.so
|
||||
LoadModule negotiation_module modules/mod_negotiation.so
|
||||
|
||||
<IfModule unixd_module>
|
||||
User apache
|
||||
Group apache
|
||||
</IfModule>
|
||||
LoadModule filter_module modules/mod_filter.so
|
||||
LoadModule mime_module modules/mod_mime.so
|
||||
LoadModule log_config_module modules/mod_log_config.so
|
||||
LoadModule unixd_module modules/mod_unixd.so
|
||||
LoadModule negotiation_module modules/mod_negotiation.so
|
||||
LoadModule dir_module modules/mod_dir.so
|
||||
|
||||
<Directory />
|
||||
AllowOverride none
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
<IfModule dir_module>
|
||||
DirectoryIndex index.html
|
||||
</IfModule>
|
||||
|
||||
<Files ".ht*">
|
||||
Require all denied
|
||||
</Files>
|
||||
|
||||
<IfModule headers_module>
|
||||
RequestHeader unset Proxy early
|
||||
</IfModule>
|
||||
|
||||
<IfModule mime_module>
|
||||
TypesConfig /etc/apache2/mime.types
|
||||
AddType application/x-compress .Z
|
||||
AddType application/x-gzip .gz .tgz
|
||||
</IfModule>
|
||||
|
||||
<IfModule mime_magic_module>
|
||||
MIMEMagicFile /etc/apache2/magic
|
||||
</IfModule>
|
||||
|
||||
IncludeOptional /etc/apache2/conf.d/*.conf
|
||||
Include /etc/apache2/conf.d/languages.conf
|
||||
Include /etc/apache2/conf.d/php83-module.conf
|
||||
|
||||
@ -1,11 +1,17 @@
|
||||
#!/bin/sh
|
||||
set -e
|
||||
#!/bin/sh -e
|
||||
|
||||
if [ ! -f '/var/www/html/4get/data/config.php' ] && [ -f './gen_config.php' ]
|
||||
then
|
||||
php ./gen_config.php
|
||||
rm -f ./gen_config.php
|
||||
config='/srv/4get/data/config.php'
|
||||
defconfig='/srv/4get/data/config.def.php'
|
||||
|
||||
# check for the configuration file
|
||||
if [ ! -f "${config}" ]; then
|
||||
echo "configuration file not specified"
|
||||
echo "here's the default configuration, modify and mount this to ${config}"
|
||||
echo
|
||||
cat "${defconfig}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Starting up apache2"
|
||||
exec httpd -DFOREGROUND
|
||||
# execute apache
|
||||
echo "starting apache web server"
|
||||
exec httpd -D FOREGROUND
|
||||
|
||||
Reference in New Issue
Block a user