smecontribs/smeserver-dl
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

initial commit of file from CVS for smeserver-dl on Sat Sep 7 20:17:57 AEST 2024

Browse Source
This commit is contained in:
Trevor Batley
2024-09-07 20:17:57 +10:00
parent 801eb52dba
commit ff1e2ecd0f
37 changed files with 587 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
root/etc/e-smith/db/accounts/defaults/dl/type Normal file
View File

@@ -0,0 +1 @@
url

1
root/etc/e-smith/db/configuration/defaults/dl/DbName Normal file
View File

@@ -0,0 +1 @@
dl

1
root/etc/e-smith/db/configuration/defaults/dl/DbUser Normal file
View File

@@ -0,0 +1 @@
dl

1
root/etc/e-smith/db/configuration/defaults/dl/access Normal file
View File

@@ -0,0 +1 @@
public

1
root/etc/e-smith/db/configuration/defaults/dl/status Normal file
View File

@@ -0,0 +1 @@
enabled

1
root/etc/e-smith/db/configuration/defaults/dl/type Normal file
View File

@@ -0,0 +1 @@
webapp

27
root/etc/e-smith/db/configuration/migrate/dl-database Normal file
View File

@@ -0,0 +1,27 @@
{
my $rec = $DB->get('dl')
|| $DB->new_record('dl', {type => 'webapp'});
my $pw = $rec->prop('DbPassword');
if (not $pw or length($pw) < 57){
use MIME::Base64 qw(encode_base64);
$pw = "not set due to error";
if ( open( RANDOM, "/dev/urandom" ) ){
my $buf;
# 57 bytes is a full line of Base64 coding, and contains
# 456 bits of randomness - given a perfectly random /dev/random
if ( read( RANDOM, $buf, 57 ) != 57 ){
warn("Short read from /dev/random: $!");
}
else{
$pw = encode_base64($buf);
chomp $pw;
}
close RANDOM;
}
else{
warn "Could not open /dev/urandom: $!";
}
$rec->set_prop('DbPassword', $pw);
}
}

3
root/etc/e-smith/templates.metadata/etc/dl.php Normal file
View File

@@ -0,0 +1,3 @@
PERMS=0640
UID="root"
GID="www"

1
root/etc/e-smith/templates.metadata/etc/e-smith/sql/init/dl Normal file
View File

@@ -0,0 +1 @@
PERMS=0750

6
root/etc/e-smith/templates/etc/dl.php/10Url Normal file
View File

@@ -0,0 +1,6 @@
{
my $uri = $dl{'Uri'} || "https://$SystemName.$DomainName/dl";
$uri .= '/' if ($uri !~ /\/$/);
$OUT .= "\$masterPath = '$uri';";
}

1
root/etc/e-smith/templates/etc/dl.php/15From Normal file
View File

@@ -0,0 +1 @@
$fromAddr = "{$ldap{'defaultCompany'}} <nobody@{$DomainName}>";

1
root/etc/e-smith/templates/etc/dl.php/20Spool Normal file
View File

@@ -0,0 +1 @@
$spoolDir = "/var/lib/dl/";

5
root/etc/e-smith/templates/etc/dl.php/25Locale Normal file
View File

@@ -0,0 +1,5 @@
{
my $locale = $sysconfig{'Language'} || 'en_US';
$locale = (-e "/usr/share/dl/include/locale/$locale") ? "$locale":'en_US';
$OUT .= "\$defLocale = '$locale';";
}

4
root/etc/e-smith/templates/etc/dl.php/30Defaults Normal file
View File

@@ -0,0 +1,4 @@
$defaultTicketTotalDays = 30;
$defaultTicketLastDlDays = 7;
$defaultTicketMaxDl = 0;
$defaultGrantTotalDays = 30;

4
root/etc/e-smith/templates/etc/dl.php/35ConfVer Normal file
View File

@@ -0,0 +1,4 @@
{
my $ver = `rpm -q --qf %{version} dl`;
$OUT .= "\$cfgVersion = '$ver';";
}

1
root/etc/e-smith/templates/etc/dl.php/40Logs Normal file
View File

@@ -0,0 +1 @@
$logFile = "/var/log/dl.log";

1
root/etc/e-smith/templates/etc/dl.php/45Auth Normal file
View File

@@ -0,0 +1 @@
$authRealm = "dl";

10
root/etc/e-smith/templates/etc/dl.php/50Database Normal file
View File

@@ -0,0 +1,10 @@
{
my $dbn = $dl{'DbName'} || 'dl';
my $dbu = $dl{'DbUser'} || 'dl';
my $dbp = $dl{'DbPassword'} || 'secret';
$OUT .=<<"EOF"
\$dsn = "mysql:host=localhost;dbname=$dbn";
\$dbUser = "$dbu";
\$dbPassword = "$dbp";
EOF
}

1
root/etc/e-smith/templates/etc/dl.php/55Expire Normal file
View File

@@ -0,0 +1 @@
$gcInternal = false;

22
root/etc/e-smith/templates/etc/dl.php/60ClamScan Normal file
View File

@@ -0,0 +1,22 @@
{
my $clam = $clamd{'status'} || 'disabled';
return '' unless ($clam eq 'enabled');
my $max = $clamav{StreamMaxLength} || '25M';
my $limit = $max;
$limit =~ s/[KMG]$//;
if ($max =~ m/G$/){
$limit = $limit * 1024 * 1024 * 1024;
}
elsif ($max =~ m/M$/){
$limit = $limit * 1024 * 1024;
}
elsif ($max =~ m/K$/){
$limit = $limit * 1024;
}
# 1MB of margin to be sure we don't go over clamd limit
$limit -= 1024 * 1024;
$OUT .=<<"EOF";
\$clamdSocket = 'unix:///var/run/clamd/clamd.socket';
\$scanMax = $limit;
EOF
}

52
root/etc/e-smith/templates/etc/e-smith/sql/init/dl Normal file
View File

@@ -0,0 +1,52 @@
{
my $db = $dl{'DbName'} || 'dl';
my $user = $dl{'DbUser'} || 'dl';
my $pass = $dl{'DbPassword'} || 'secret';
my $dbstruct = `rpm -ql dl | grep mysql.sql`;
$OUT .= <<"END";
#! /bin/sh
if [ ! -d /var/lib/mysql/$db ]; then
/usr/bin/mysql -e 'create database $db'
/usr/bin/mysql $db < $dbstruct
else
su -s /bin/bash - www -c "cd /usr/share/dl/include/scripts && /usr/bin/php__PHP_VERSION__ ./dbupgrade.php"
fi
/usr/bin/mysql <<EOF
USE mysql;
REPLACE INTO user (
host,
user,
password)
VALUES (
'localhost',
'$user',
PASSWORD ('$pass'));
REPLACE INTO db (
host,
db,
user,
select_priv, insert_priv, update_priv, delete_priv,
create_priv, alter_priv, index_priv, drop_priv, create_tmp_table_priv,
grant_priv, lock_tables_priv, references_priv)
VALUES (
'localhost',
'$db',
'$user',
'Y', 'Y', 'Y', 'Y',
'Y', 'Y', 'Y', 'Y', 'Y',
'N', 'Y', 'Y');
FLUSH PRIVILEGES;
use $db
INSERT INTO user (\\`name\\`,\\`role_id\\`) VALUES ('admin', '1') ON DUPLICATE KEY update role_id='1';
EOF
END
}

9
root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/68FastCGIConfig15Dl Normal file
View File

@@ -0,0 +1,9 @@
{
if ($fastcgi_mod eq 'mod_fastcgi'){
$OUT .=<<_EOF;
Action phpdl-fastcgi /php-cgi-bin/phpdl-wrapper
Alias /php-cgi-bin/phpdl-wrapper /var/www/php-cgi-bin/phpdl-wrapper
FastCgiExternalServer /var/www/php-cgi-bin/phpdl-wrapper -socket /var/run/php-fpm/php__PHP_VERSION__-dl.sock -pass-header Authorization -idle-timeout 120
_EOF
}
}

78
root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/98Dl Normal file
View File

@@ -0,0 +1,78 @@
{
my $access = $dl{'access'} || 'private';
my $allow = ($access eq 'public')?'all granted':"ip $localAccess $externalSSLAccess";
my $authtype = $dl{'Authentication'} || 'http';
my $alias = (($dl{'AliasOnPrimary'} || 'enabled') eq 'enabled') ?
'Alias /dl /usr/share/dl' : '';
my $maxupload = $dl{'MaxUploadSize'} || '1024';
my $maxpost = $maxupload+1;
$maxupload .= 'M';
$maxpost .= 'M';
my $auth = '';
if ($authtype eq 'http'){
$auth =<<'EOF';
<FilesMatch "^(admin|rest)\.php">
SSLRequireSSL on
AuthName "dl"
AuthType Basic
AuthBasicProvider external
AuthExternal pwauth
Require valid-user
</FilesMatch>
EOF
}
if ($dl{'status'} eq 'enabled'){
my $php =<<_EOF;
AddType application/x-httpd-php .php
<FilesMatch .php>
SetHandler "proxy:unix:/var/run/php-fpm/php__PHP_VERSION__-dl.sock|fcgi://localhost"
</FilesMatch>
#php_admin_flag file_uploads On
#php_admin_flag magic_quotes Off
#php_admin_flag magic_quotes_gpc Off
#php_admin_value upload_max_filesize $maxupload
#php_admin_value post_max_size $maxpost
#php_admin_value memory_limit 100M
#php_admin_flag output_buffering Off
#php_admin_value max_execution_time 0
#php_admin_value upload_tmp_dir /var/lib/dl/tmp
#php_admin_value session.save_path /var/lib/dl/tmp
#php_admin_value session.gc_maxlifetime 86400
_EOF
if ($fastcgi_mod eq 'mod_fastcgi'){
$php = " AddHandler phpdl-fastcgi .php\n";
}
elsif ($fastcgi_mod eq 'mod_proxy_fcgi'){
$php =<<'_EOF';
<FilesMatch \.php$>
SetHandler "proxy:unix:/var/run/php-fpm/php__PHP_VERSION__-dl.sock|fcgi://localhost"
</FilesMatch>
_EOF
}
$OUT .=<<"END"
# dl Configuration
$alias
<Directory /usr/share/dl>
AllowOverride Limit
$php
Require $allow
$auth
</Directory>
<Directory /usr/share/dl/include>
Require all denied
</Directory>
<Directory /usr/share/dl/style/include>
Require all denied
</Directory>
END
}
else{
$OUT .= "# dl is disabled\n";
}
}

10
root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/61RedirDl Normal file
View File

@@ -0,0 +1,10 @@
{
my $sslport = $modSSL{'TCPPort'} || '443';
my $status = $dl{'status'} || 'enabled';
my $alias = $dl{'AliasOnPrimary'} || 'enabled';
if (($port ne $sslport) && ($status eq 'enabled') && ($alias eq 'enabled')){
$OUT .= " RewriteEngine on\n";
$OUT .= " RewriteRule ^/dl(/.*|\$) https://%{HTTP_HOST}/dl\$1 \[L,R\]\n";
}
}

52
root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15Dl Normal file
View File

@@ -0,0 +1,52 @@
{
if ($PHP_VERSION eq '__PHP_VERSION__'){
if (($dl{'status'} || 'disabled') eq 'enabled'){
my $max_upload_size = ($dl{MaxUploadSize} || '4096');
$max_upload_size .= 'M' if ($max_upload_size =~ m/^\d+$/);
my $id = 'dl';
$OUT .=<<_EOF;
[php$PHP_VERSION-$id]
user = www
group = www
listen.owner = root
listen.group = www
listen.mode = 0660
listen = /var/run/php-fpm/php$PHP_VERSION-$id.sock
pm = dynamic
pm.max_children = 15
pm.start_servers = 3
pm.min_spare_servers = 3
pm.max_spare_servers = 4
pm.max_requests = 1000
php_admin_value[session.save_path] = /var/lib/php/$id/session
php_admin_value[opcache.file_cache] = /var/lib/php/$id/opcache
php_admin_value[upload_tmp_dir] = /var/lib/php/$id/tmp
php_admin_value[error_log] = /var/log/php/$id/error.log
slowlog = /var/log/php/dl/slow.log
php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName }
php_admin_flag[display_errors] = off
php_admin_flag[log_errors] = on
php_admin_value[error_log] = syslog
php_admin_value[memory_limit] = 128M
php_admin_value[max_execution_time] = 0
php_admin_value[post_max_size] = $max_upload_size
php_admin_value[upload_max_filesize] = $max_upload_size
php_admin_value[disable_functions] = system, show_source, symlink, exec, dl, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd
php_admin_value[open_basedir] = /usr/share/dl:/etc/dl.php:/var/lib/dl:/var/log/dl.log:/var/lib/php/dl
php_admin_flag[allow_url_fopen] = off
php_admin_flag[file_upload] = on
php_admin_flag[session.cookie_httponly] = on
php_admin_flag[allow_url_include] = off
php_admin_value[session.save_handler] = files
php_admin_flag[output_buffering] = off
_EOF
}
else{
$OUT .= '; Dl is disabled';
}
}
}