general cleanup
All checks were successful
Build and publish the docker image / build (push) Successful in 18s

Signed-off-by: ngn <ngn@ngn.tf>
This commit is contained in:
ngn
2025-01-19 06:42:44 +03:00
parent 033e4cb959
commit ce81a54de1
147 changed files with 90 additions and 2222 deletions

View File

@ -1,19 +0,0 @@
LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect builtin
Listen 443
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES:!ADH
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES:!ADH
SSLHonorCipherOrder on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/var/cache/mod_ssl/scache(512000)"
SSLSessionCacheTimeout 300

View File

@ -1,102 +0,0 @@
ServerTokens OS
ServerRoot /var/www
ServerSignature On
ServerName localhost
DocumentRoot "/var/www/html/4get"
LogLevel warn
CustomLog /dev/null common
ErrorLog /dev/null
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/4get/certs/fullchain.pem
SSLCertificateKeyFile /etc/4get/certs/privkey.pem
</VirtualHost>
<Directory "/var/www/html/4get">
RewriteEngine On
RewriteCond %{THE_REQUEST} ^\w+\ /(.*)\.php(\?.*)?\ HTTP/
RewriteRule ^ http://%{HTTP_HOST}/%1 [R=301]
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule .* $0.php
Options FollowSymLinks
AllowOverride None
Require all granted
</Directory>
# deny access to private resources
<Directory "/var/www/html/4get/data">
Require all denied
<Files "*">
Require all denied
</Files>
</Directory>
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule filter_module modules/mod_filter.so
LoadModule mime_module modules/mod_mime.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule headers_module modules/mod_headers.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule dir_module modules/mod_dir.so
LoadModule alias_module modules/mod_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
<IfModule unixd_module>
User apache
Group apache
</IfModule>
<Directory />
AllowOverride none
Require all denied
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
<IfModule headers_module>
RequestHeader unset Proxy early
</IfModule>
<IfModule mime_module>
TypesConfig /etc/apache2/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
</IfModule>
<IfModule mime_magic_module>
MIMEMagicFile /etc/apache2/magic
</IfModule>
IncludeOptional /etc/apache2/conf.d/*.conf

View File

@ -1,25 +0,0 @@
#!/bin/sh
set -e
# remove quotes from variable if present
FOURGET_PROTO="${FOURGET_PROTO%\"}"
FOURGET_PROTO="${FOURGET_PROTO#\"}"
# make lowercase
FOURGET_PROTO=`echo $FOURGET_PROTO | awk '{print tolower($0)}'`
if [ "$FOURGET_PROTO" = "https" ]; then
echo "Using https configuration"
cp /etc/apache2/https.conf /etc/apache2/httpd.conf
else
echo "Using http configuration"
cp /etc/apache2/http.conf /etc/apache2/httpd.conf
fi
php ./docker/gen_config.php
echo "4get is running"
exec httpd -DFOREGROUND

View File

@ -62,16 +62,16 @@ $output = $output . "class config {\n";
foreach(($merged_config) as $key => $val){
if(!in_array($key, $special_keys)) {
$stored_value = $val;
// conversion between arrays and comma separated env value.
// Handle case when original type of field is array and there is a type mismatch when a comma separted string is passed,
// conversion between arrays and comma separated env value.
// Handle case when original type of field is array and there is a type mismatch when a comma separted string is passed,
// then split on comma if string (and not numeric, boolean, null, etc)
//
//
// except in the case where the inital value in default config is null or boolean. Assuming null and boolean
// in default config will be never be assigned an array
if(gettype($from_config[$key]) != gettype($val) && !is_numeric($val) && !is_null($from_config[$key]) && gettype($from_config[$key]) != "boolean") {
$stored_value = explode(",", $val);
}
}
$output = $output . "\tconst " . $key . " = " . type_to_string($stored_value) . ";\n";
continue;

8
docker/init.sh Normal file
View File

@ -0,0 +1,8 @@
#!/bin/sh
set -e
php ./gen_config.php
rm ./gen_config.php
echo "Starting up apache2"
exec httpd -DFOREGROUND

View File

@ -1,18 +0,0 @@
FROM alpine:edge
RUN apk add --no-cache curl tor
EXPOSE 9050
HEALTHCHECK --interval=60s --timeout=15s --start-period=20s \
CMD curl -x socks5h://127.0.0.1:9050 'https://check.torproject.org/api/ip' | grep -qm1 -E '"IsTor"\s*:\s*true'
# default owner is tor, but running as root to avoid docker volume mount issue
RUN chown -R root:root /var/lib/tor
VOLUME ["/var/lib/tor/4get"]
COPY ./torrc /etc/tor/torrc
ENTRYPOINT ["/usr/bin/tor"]

View File

@ -1 +0,0 @@
SocksPort 0.0.0.0:9050