From: vincent@cubedesigners.com Date: Sun, 20 Nov 2022 23:17:46 +0000 (+0000) Subject: wip #5590 @10 X-Git-Url: http://git.cubedesigners.com/?a=commitdiff_plain;h=21b0824e73b500383d9b81f064d0884ffe8580bd;p=cubeextranet.git wip #5590 @10 --- diff --git a/.docker/build b/.docker/build new file mode 100644 index 000000000..83bc906b4 --- /dev/null +++ b/.docker/build @@ -0,0 +1,4 @@ +#!/bin/sh +cd /docker/extranet +COMPOSE_DOCKER_CLI_BUILD=1 DOCKER_BUILDKIT=1 docker compose pull +COMPOSE_DOCKER_CLI_BUILD=1 DOCKER_BUILDKIT=1 docker compose build diff --git a/.docker/config/composer/.htaccess b/.docker/config/composer/.htaccess new file mode 100644 index 000000000..14249c50b --- /dev/null +++ b/.docker/config/composer/.htaccess @@ -0,0 +1 @@ +Deny from all \ No newline at end of file diff --git a/.docker/config/composer/auth.json b/.docker/config/composer/auth.json new file mode 100644 index 000000000..6b9274a8b --- /dev/null +++ b/.docker/config/composer/auth.json @@ -0,0 +1,5 @@ +{ + "github-oauth": { + "github.com": "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" + } +} diff --git a/.docker/config/crontab b/.docker/config/crontab new file mode 100644 index 000000000..e11d455eb --- /dev/null +++ b/.docker/config/crontab @@ -0,0 +1,6 @@ +MAILTO=sysadmin@cubedesigners.com +SHELL=/bin/sh +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin + +#* * * * * runuser -l toolbox -c '/usr/bin/php /application/artisan schedule:run' > /proc/1/fd/1 2>/proc/1/fd/2 +#20 5 * * * /application/scripts/restartworkers > /proc/1/fd/1 2>/proc/1/fd/2 diff --git a/.docker/config/gitconfig b/.docker/config/gitconfig new file mode 100644 index 000000000..da3e61abb --- /dev/null +++ b/.docker/config/gitconfig @@ -0,0 +1,6 @@ +[safe] + directory = * + +[user] + name = Extranet + email = extranet@cubedesigners.com diff --git a/.docker/config/httpd/httpd-nb.conf b/.docker/config/httpd/httpd-nb.conf new file mode 100644 index 000000000..652a77e3f --- /dev/null +++ b/.docker/config/httpd/httpd-nb.conf @@ -0,0 +1,558 @@ +# +# This is the main Apache HTTP server configuration file. It contains the +# configuration directives that give the server its instructions. +# See for detailed information. +# In particular, see +# +# for a discussion of each configuration directive. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# Configuration and logfile names: If the filenames you specify for many +# of the server's control files begin with "/" (or "drive:/" for Win32), the +# server will use that explicit path. If the filenames do *not* begin +# with "/", the value of ServerRoot is prepended -- so "logs/access_log" +# with ServerRoot set to "/usr/local/apache2" will be interpreted by the +# server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log" +# will be interpreted as '/logs/access_log'. + +# +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# Do not add a slash at the end of the directory path. If you point +# ServerRoot at a non-local disk, be sure to specify a local disk on the +# Mutex directive, if file-based mutexes are used. If you wish to share the +# same ServerRoot for multiple httpd daemons, you will need to change at +# least PidFile. +# +ServerRoot "/usr/local/apache2" + +# +# Mutex: Allows you to set the mutex mechanism and mutex file directory +# for individual mutexes, or change the global defaults +# +# Uncomment and change the directory if mutexes are file-based and the default +# mutex file directory is not on a local disk or is not appropriate for some +# other reason. +# +# Mutex default:logs + +# +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, instead of the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses. +# +#Listen 12.34.56.78:80 +Listen 80 + +# +# Dynamic Shared Object (DSO) Support +# +# To be able to use the functionality of a module which was built as a DSO you +# have to place corresponding `LoadModule' lines at this location so the +# directives contained in it are actually available _before_ they are used. +# Statically compiled modules (those listed by `httpd -l') do not need +# to be loaded here. +# +# Example: +# LoadModule foo_module modules/mod_foo.so +# +LoadModule mpm_event_module modules/mod_mpm_event.so +#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so +#LoadModule mpm_worker_module modules/mod_mpm_worker.so +LoadModule authn_file_module modules/mod_authn_file.so +#LoadModule authn_dbm_module modules/mod_authn_dbm.so +#LoadModule authn_anon_module modules/mod_authn_anon.so +#LoadModule authn_dbd_module modules/mod_authn_dbd.so +#LoadModule authn_socache_module modules/mod_authn_socache.so +LoadModule authn_core_module modules/mod_authn_core.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_user_module modules/mod_authz_user.so +#LoadModule authz_dbm_module modules/mod_authz_dbm.so +#LoadModule authz_owner_module modules/mod_authz_owner.so +#LoadModule authz_dbd_module modules/mod_authz_dbd.so +LoadModule authz_core_module modules/mod_authz_core.so +#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so +#LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so +LoadModule access_compat_module modules/mod_access_compat.so +LoadModule auth_basic_module modules/mod_auth_basic.so +#LoadModule auth_form_module modules/mod_auth_form.so +#LoadModule auth_digest_module modules/mod_auth_digest.so +#LoadModule allowmethods_module modules/mod_allowmethods.so +#LoadModule isapi_module modules/mod_isapi.so +#LoadModule file_cache_module modules/mod_file_cache.so +#LoadModule cache_module modules/mod_cache.so +#LoadModule cache_disk_module modules/mod_cache_disk.so +#LoadModule cache_socache_module modules/mod_cache_socache.so +#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so +#LoadModule socache_dbm_module modules/mod_socache_dbm.so +#LoadModule socache_memcache_module modules/mod_socache_memcache.so +#LoadModule socache_redis_module modules/mod_socache_redis.so +#LoadModule watchdog_module modules/mod_watchdog.so +#LoadModule macro_module modules/mod_macro.so +#LoadModule dbd_module modules/mod_dbd.so +#LoadModule bucketeer_module modules/mod_bucketeer.so +#LoadModule dumpio_module modules/mod_dumpio.so +#LoadModule echo_module modules/mod_echo.so +#LoadModule example_hooks_module modules/mod_example_hooks.so +#LoadModule case_filter_module modules/mod_case_filter.so +#LoadModule case_filter_in_module modules/mod_case_filter_in.so +#LoadModule example_ipc_module modules/mod_example_ipc.so +#LoadModule buffer_module modules/mod_buffer.so +#LoadModule data_module modules/mod_data.so +#LoadModule ratelimit_module modules/mod_ratelimit.so +LoadModule reqtimeout_module modules/mod_reqtimeout.so +#LoadModule ext_filter_module modules/mod_ext_filter.so +#LoadModule request_module modules/mod_request.so +#LoadModule include_module modules/mod_include.so +LoadModule filter_module modules/mod_filter.so +#LoadModule reflector_module modules/mod_reflector.so +#LoadModule substitute_module modules/mod_substitute.so +#LoadModule sed_module modules/mod_sed.so +#LoadModule charset_lite_module modules/mod_charset_lite.so +#LoadModule deflate_module modules/mod_deflate.so +#LoadModule xml2enc_module modules/mod_xml2enc.so +#LoadModule proxy_html_module modules/mod_proxy_html.so +#LoadModule brotli_module modules/mod_brotli.so +LoadModule mime_module modules/mod_mime.so +#LoadModule ldap_module modules/mod_ldap.so +LoadModule log_config_module modules/mod_log_config.so +#LoadModule log_debug_module modules/mod_log_debug.so +#LoadModule log_forensic_module modules/mod_log_forensic.so +#LoadModule logio_module modules/mod_logio.so +#LoadModule lua_module modules/mod_lua.so +LoadModule env_module modules/mod_env.so +#LoadModule mime_magic_module modules/mod_mime_magic.so +#LoadModule cern_meta_module modules/mod_cern_meta.so +#LoadModule expires_module modules/mod_expires.so +LoadModule headers_module modules/mod_headers.so +#LoadModule ident_module modules/mod_ident.so +#LoadModule usertrack_module modules/mod_usertrack.so +#LoadModule unique_id_module modules/mod_unique_id.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule version_module modules/mod_version.so +LoadModule remoteip_module modules/mod_remoteip.so +LoadModule proxy_module modules/mod_proxy.so +#LoadModule proxy_connect_module modules/mod_proxy_connect.so +#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so +#LoadModule proxy_http_module modules/mod_proxy_http.so +LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so +#LoadModule proxy_scgi_module modules/mod_proxy_scgi.so +#LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so +#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so +#LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so +#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so +#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so +#LoadModule proxy_express_module modules/mod_proxy_express.so +#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so +#LoadModule session_module modules/mod_session.so +#LoadModule session_cookie_module modules/mod_session_cookie.so +#LoadModule session_crypto_module modules/mod_session_crypto.so +#LoadModule session_dbd_module modules/mod_session_dbd.so +#LoadModule slotmem_shm_module modules/mod_slotmem_shm.so +#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so +#LoadModule ssl_module modules/mod_ssl.so +#LoadModule optional_hook_export_module modules/mod_optional_hook_export.so +#LoadModule optional_hook_import_module modules/mod_optional_hook_import.so +#LoadModule optional_fn_import_module modules/mod_optional_fn_import.so +#LoadModule optional_fn_export_module modules/mod_optional_fn_export.so +#LoadModule dialup_module modules/mod_dialup.so +#LoadModule http2_module modules/mod_http2.so +#LoadModule proxy_http2_module modules/mod_proxy_http2.so +#LoadModule md_module modules/mod_md.so +#LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so +#LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so +#LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so +#LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so +LoadModule unixd_module modules/mod_unixd.so +#LoadModule heartbeat_module modules/mod_heartbeat.so +#LoadModule heartmonitor_module modules/mod_heartmonitor.so +#LoadModule dav_module modules/mod_dav.so +LoadModule status_module modules/mod_status.so +LoadModule autoindex_module modules/mod_autoindex.so +#LoadModule asis_module modules/mod_asis.so +#LoadModule info_module modules/mod_info.so +#LoadModule suexec_module modules/mod_suexec.so + + #LoadModule cgid_module modules/mod_cgid.so + + + #LoadModule cgi_module modules/mod_cgi.so + +#LoadModule dav_fs_module modules/mod_dav_fs.so +#LoadModule dav_lock_module modules/mod_dav_lock.so +#LoadModule vhost_alias_module modules/mod_vhost_alias.so +#LoadModule negotiation_module modules/mod_negotiation.so +LoadModule dir_module modules/mod_dir.so +#LoadModule imagemap_module modules/mod_imagemap.so +#LoadModule actions_module modules/mod_actions.so +#LoadModule speling_module modules/mod_speling.so +#LoadModule userdir_module modules/mod_userdir.so +LoadModule alias_module modules/mod_alias.so +LoadModule rewrite_module modules/mod_rewrite.so + +LoadModule xsendfile_module /usr/lib/apache2/modules/mod_xsendfile.so + + +# +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +# +User www-data +Group www-data + + + +# 'Main' server configuration +# +# The directives in this section set up the values used by the 'main' +# server, which responds to any requests that aren't handled by a +# definition. These values also provide defaults for +# any containers you may define later in the file. +# +# All of these directives may appear inside containers, +# in which case these default settings will be overridden for the +# virtual host being defined. +# + +# +# ServerAdmin: Your address, where problems with the server should be +# e-mailed. This address appears on some server-generated pages, such +# as error documents. e.g. admin@your-domain.com +# +ServerAdmin you@example.com + +# +# ServerName gives the name and port that the server uses to identify itself. +# This can often be determined automatically, but we recommend you specify +# it explicitly to prevent problems during startup. +# +# If your host doesn't have a registered DNS name, enter its IP address here. +# +#ServerName www.example.com:80 + +# +# Deny access to the entirety of your server's filesystem. You must +# explicitly permit access to web content directories in other +# blocks below. +# + + AllowOverride none + Require all denied + + +# +# Note that from this point forward you must specifically allow +# particular features to be enabled - so if something's not working as +# you might expect, make sure that you have specifically enabled it +# below. +# + +# +# DocumentRoot: The directory out of which you will serve your +# documents. By default, all requests are taken from this directory, but +# symbolic links and aliases may be used to point to other locations. +# +DocumentRoot "/application" + + # + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.4/mod/core.html#options + # for more information. + # + Options Indexes FollowSymLinks + + # + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # AllowOverride FileInfo AuthConfig Limit + # + AllowOverride All + + # + # Controls who can get stuff from this server. + # + Require all granted + + +ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://extranet:9001/application/$1" timeout=1800 + +XSendFile on +XSendFilePath /application + +# +# DirectoryIndex: sets the file that Apache will serve if a directory +# is requested. +# + + DirectoryIndex index.html index.php + + +# +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. +# + + Require all denied + + +# +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +# +ErrorLog /proc/self/fd/2 + +# +# LogLevel: Control the number of messages logged to the error_log. +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +# +LogLevel warn + + + # + # The following directives define some format nicknames for use with + # a CustomLog directive (see below). + # + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined + LogFormat "%h %l %u %t \"%r\" %>s %b" common + + + # You need to enable mod_logio.c to use %I and %O + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio + + + # + # The location and format of the access logfile (Common Logfile Format). + # If you do not define any access logfiles within a + # container, they will be logged here. Contrariwise, if you *do* + # define per- access logfiles, transactions will be + # logged therein and *not* in this file. + # + CustomLog /proc/self/fd/1 common + + # + # If you prefer a logfile with access, agent, and referer information + # (Combined Logfile Format) you can use the following directive. + # + #CustomLog "logs/access_log" combined + + + + # + # Redirect: Allows you to tell clients about documents that used to + # exist in your server's namespace, but do not anymore. The client + # will make a new request for the document at its new location. + # Example: + # Redirect permanent /foo http://www.example.com/bar + + # + # Alias: Maps web paths into filesystem paths and is used to + # access content that does not live under the DocumentRoot. + # Example: + # Alias /webpath /full/filesystem/path + # + # If you include a trailing / on /webpath then the server will + # require it to be present in the URL. You will also likely + # need to provide a section to allow access to + # the filesystem path. + + # + # ScriptAlias: This controls which directories contain server scripts. + # ScriptAliases are essentially the same as Aliases, except that + # documents in the target directory are treated as applications and + # run by the server when requested rather than as documents sent to the + # client. The same rules about trailing "/" apply to ScriptAlias + # directives as to Alias. + # + ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/" + + + + + # + # ScriptSock: On threaded servers, designate the path to the UNIX + # socket used to communicate with the CGI daemon of mod_cgid. + # + #Scriptsock cgisock + + +# +# "/usr/local/apache2/cgi-bin" should be changed to whatever your ScriptAliased +# CGI directory exists, if you have that configured. +# + + AllowOverride None + Options None + Require all granted + + + + # + # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied + # backend servers which have lingering "httpoxy" defects. + # 'Proxy' request header is undefined by the IETF, not listed by IANA + # + RequestHeader unset Proxy early + + + + # + # TypesConfig points to the file containing the list of mappings from + # filename extension to MIME-type. + # + TypesConfig conf/mime.types + + # + # AddType allows you to add to or override the MIME configuration + # file specified in TypesConfig for specific file types. + # + #AddType application/x-gzip .tgz + # + # AddEncoding allows you to have certain browsers uncompress + # information on the fly. Note: Not all browsers support this. + # + #AddEncoding x-compress .Z + #AddEncoding x-gzip .gz .tgz + # + # If the AddEncoding directives above are commented-out, then you + # probably should define those extensions to indicate media types: + # + AddType application/x-compress .Z + AddType application/x-gzip .gz .tgz + + # + # AddHandler allows you to map certain file extensions to "handlers": + # actions unrelated to filetype. These can be either built into the server + # or added with the Action directive (see below) + # + # To use CGI scripts outside of ScriptAliased directories: + # (You will also need to add "ExecCGI" to the "Options" directive.) + # + #AddHandler cgi-script .cgi + + # For type maps (negotiated resources): + #AddHandler type-map var + + # + # Filters allow you to process content before it is sent to the client. + # + # To parse .shtml files for server-side includes (SSI): + # (You will also need to add "Includes" to the "Options" directive.) + # + #AddType text/html .shtml + #AddOutputFilter INCLUDES .shtml + + +# +# The mod_mime_magic module allows the server to use various hints from the +# contents of the file itself to determine its type. The MIMEMagicFile +# directive tells the module where the hint definitions are located. +# +#MIMEMagicFile conf/magic + +# +# Customizable error responses come in three flavors: +# 1) plain text 2) local redirects 3) external redirects +# +# Some examples: +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html +# + +# +# MaxRanges: Maximum number of Ranges in a request before +# returning the entire resource, or one of the special +# values 'default', 'none' or 'unlimited'. +# Default setting is to accept 200 Ranges. +#MaxRanges unlimited + +# +# EnableMMAP and EnableSendfile: On systems that support it, +# memory-mapping or the sendfile syscall may be used to deliver +# files. This usually improves server performance, but must +# be turned off when serving from networked-mounted +# filesystems or if support for these functions is otherwise +# broken on your system. +# Defaults: EnableMMAP On, EnableSendfile Off +# +#EnableMMAP off +#EnableSendfile on + +# Supplemental configuration +# +# The configuration files in the conf/extra/ directory can be +# included to add extra features or to modify the default configuration of +# the server, or you may simply copy their contents here and change as +# necessary. + +# Server-pool management (MPM specific) +#Include conf/extra/httpd-mpm.conf + +# Multi-language error messages +#Include conf/extra/httpd-multilang-errordoc.conf + +# Fancy directory listings +#Include conf/extra/httpd-autoindex.conf + +# Language settings +#Include conf/extra/httpd-languages.conf + +# User home directories +#Include conf/extra/httpd-userdir.conf + +# Real-time info on requests and configuration +#Include conf/extra/httpd-info.conf + +# Virtual hosts +#Include conf/extra/httpd-vhosts.conf + +# Local access to the Apache HTTP Server Manual +#Include conf/extra/httpd-manual.conf + +# Distributed authoring and versioning (WebDAV) +#Include conf/extra/httpd-dav.conf + +# Various default settings +#Include conf/extra/httpd-default.conf + +# Configure mod_proxy_html to understand HTML4/XHTML1 + +Include conf/extra/proxy-html.conf + + +# Secure (SSL/TLS) connections +#Include conf/extra/httpd-ssl.conf +# +# Note: The following must must be present to support +# starting without SSL on platforms with no /dev/random equivalent +# but a statically compiled-in mod_ssl. +# + +SSLRandomSeed startup builtin +SSLRandomSeed connect builtin + + diff --git a/.docker/config/httpd/httpd.conf b/.docker/config/httpd/httpd.conf new file mode 100644 index 000000000..fdc23bb73 --- /dev/null +++ b/.docker/config/httpd/httpd.conf @@ -0,0 +1,558 @@ +# +# This is the main Apache HTTP server configuration file. It contains the +# configuration directives that give the server its instructions. +# See for detailed information. +# In particular, see +# +# for a discussion of each configuration directive. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# Configuration and logfile names: If the filenames you specify for many +# of the server's control files begin with "/" (or "drive:/" for Win32), the +# server will use that explicit path. If the filenames do *not* begin +# with "/", the value of ServerRoot is prepended -- so "logs/access_log" +# with ServerRoot set to "/usr/local/apache2" will be interpreted by the +# server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log" +# will be interpreted as '/logs/access_log'. + +# +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# Do not add a slash at the end of the directory path. If you point +# ServerRoot at a non-local disk, be sure to specify a local disk on the +# Mutex directive, if file-based mutexes are used. If you wish to share the +# same ServerRoot for multiple httpd daemons, you will need to change at +# least PidFile. +# +ServerRoot "/usr/local/apache2" + +# +# Mutex: Allows you to set the mutex mechanism and mutex file directory +# for individual mutexes, or change the global defaults +# +# Uncomment and change the directory if mutexes are file-based and the default +# mutex file directory is not on a local disk or is not appropriate for some +# other reason. +# +# Mutex default:logs + +# +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, instead of the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses. +# +#Listen 12.34.56.78:80 +Listen 80 + +# +# Dynamic Shared Object (DSO) Support +# +# To be able to use the functionality of a module which was built as a DSO you +# have to place corresponding `LoadModule' lines at this location so the +# directives contained in it are actually available _before_ they are used. +# Statically compiled modules (those listed by `httpd -l') do not need +# to be loaded here. +# +# Example: +# LoadModule foo_module modules/mod_foo.so +# +LoadModule mpm_event_module modules/mod_mpm_event.so +#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so +#LoadModule mpm_worker_module modules/mod_mpm_worker.so +LoadModule authn_file_module modules/mod_authn_file.so +#LoadModule authn_dbm_module modules/mod_authn_dbm.so +#LoadModule authn_anon_module modules/mod_authn_anon.so +#LoadModule authn_dbd_module modules/mod_authn_dbd.so +#LoadModule authn_socache_module modules/mod_authn_socache.so +LoadModule authn_core_module modules/mod_authn_core.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_user_module modules/mod_authz_user.so +#LoadModule authz_dbm_module modules/mod_authz_dbm.so +#LoadModule authz_owner_module modules/mod_authz_owner.so +#LoadModule authz_dbd_module modules/mod_authz_dbd.so +LoadModule authz_core_module modules/mod_authz_core.so +#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so +#LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so +LoadModule access_compat_module modules/mod_access_compat.so +LoadModule auth_basic_module modules/mod_auth_basic.so +#LoadModule auth_form_module modules/mod_auth_form.so +#LoadModule auth_digest_module modules/mod_auth_digest.so +#LoadModule allowmethods_module modules/mod_allowmethods.so +#LoadModule isapi_module modules/mod_isapi.so +#LoadModule file_cache_module modules/mod_file_cache.so +#LoadModule cache_module modules/mod_cache.so +#LoadModule cache_disk_module modules/mod_cache_disk.so +#LoadModule cache_socache_module modules/mod_cache_socache.so +#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so +#LoadModule socache_dbm_module modules/mod_socache_dbm.so +#LoadModule socache_memcache_module modules/mod_socache_memcache.so +#LoadModule socache_redis_module modules/mod_socache_redis.so +#LoadModule watchdog_module modules/mod_watchdog.so +#LoadModule macro_module modules/mod_macro.so +#LoadModule dbd_module modules/mod_dbd.so +#LoadModule bucketeer_module modules/mod_bucketeer.so +#LoadModule dumpio_module modules/mod_dumpio.so +#LoadModule echo_module modules/mod_echo.so +#LoadModule example_hooks_module modules/mod_example_hooks.so +#LoadModule case_filter_module modules/mod_case_filter.so +#LoadModule case_filter_in_module modules/mod_case_filter_in.so +#LoadModule example_ipc_module modules/mod_example_ipc.so +#LoadModule buffer_module modules/mod_buffer.so +#LoadModule data_module modules/mod_data.so +#LoadModule ratelimit_module modules/mod_ratelimit.so +LoadModule reqtimeout_module modules/mod_reqtimeout.so +#LoadModule ext_filter_module modules/mod_ext_filter.so +#LoadModule request_module modules/mod_request.so +#LoadModule include_module modules/mod_include.so +LoadModule filter_module modules/mod_filter.so +#LoadModule reflector_module modules/mod_reflector.so +#LoadModule substitute_module modules/mod_substitute.so +#LoadModule sed_module modules/mod_sed.so +#LoadModule charset_lite_module modules/mod_charset_lite.so +#LoadModule deflate_module modules/mod_deflate.so +#LoadModule xml2enc_module modules/mod_xml2enc.so +#LoadModule proxy_html_module modules/mod_proxy_html.so +#LoadModule brotli_module modules/mod_brotli.so +LoadModule mime_module modules/mod_mime.so +#LoadModule ldap_module modules/mod_ldap.so +LoadModule log_config_module modules/mod_log_config.so +#LoadModule log_debug_module modules/mod_log_debug.so +#LoadModule log_forensic_module modules/mod_log_forensic.so +#LoadModule logio_module modules/mod_logio.so +#LoadModule lua_module modules/mod_lua.so +LoadModule env_module modules/mod_env.so +#LoadModule mime_magic_module modules/mod_mime_magic.so +#LoadModule cern_meta_module modules/mod_cern_meta.so +#LoadModule expires_module modules/mod_expires.so +LoadModule headers_module modules/mod_headers.so +#LoadModule ident_module modules/mod_ident.so +#LoadModule usertrack_module modules/mod_usertrack.so +#LoadModule unique_id_module modules/mod_unique_id.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule version_module modules/mod_version.so +LoadModule remoteip_module modules/mod_remoteip.so +LoadModule proxy_module modules/mod_proxy.so +#LoadModule proxy_connect_module modules/mod_proxy_connect.so +#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so +#LoadModule proxy_http_module modules/mod_proxy_http.so +LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so +#LoadModule proxy_scgi_module modules/mod_proxy_scgi.so +#LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so +#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so +#LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so +#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so +#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so +#LoadModule proxy_express_module modules/mod_proxy_express.so +#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so +#LoadModule session_module modules/mod_session.so +#LoadModule session_cookie_module modules/mod_session_cookie.so +#LoadModule session_crypto_module modules/mod_session_crypto.so +#LoadModule session_dbd_module modules/mod_session_dbd.so +#LoadModule slotmem_shm_module modules/mod_slotmem_shm.so +#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so +#LoadModule ssl_module modules/mod_ssl.so +#LoadModule optional_hook_export_module modules/mod_optional_hook_export.so +#LoadModule optional_hook_import_module modules/mod_optional_hook_import.so +#LoadModule optional_fn_import_module modules/mod_optional_fn_import.so +#LoadModule optional_fn_export_module modules/mod_optional_fn_export.so +#LoadModule dialup_module modules/mod_dialup.so +#LoadModule http2_module modules/mod_http2.so +#LoadModule proxy_http2_module modules/mod_proxy_http2.so +#LoadModule md_module modules/mod_md.so +#LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so +#LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so +#LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so +#LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so +LoadModule unixd_module modules/mod_unixd.so +#LoadModule heartbeat_module modules/mod_heartbeat.so +#LoadModule heartmonitor_module modules/mod_heartmonitor.so +#LoadModule dav_module modules/mod_dav.so +LoadModule status_module modules/mod_status.so +LoadModule autoindex_module modules/mod_autoindex.so +#LoadModule asis_module modules/mod_asis.so +#LoadModule info_module modules/mod_info.so +#LoadModule suexec_module modules/mod_suexec.so + + #LoadModule cgid_module modules/mod_cgid.so + + + #LoadModule cgi_module modules/mod_cgi.so + +#LoadModule dav_fs_module modules/mod_dav_fs.so +#LoadModule dav_lock_module modules/mod_dav_lock.so +#LoadModule vhost_alias_module modules/mod_vhost_alias.so +#LoadModule negotiation_module modules/mod_negotiation.so +LoadModule dir_module modules/mod_dir.so +#LoadModule imagemap_module modules/mod_imagemap.so +#LoadModule actions_module modules/mod_actions.so +#LoadModule speling_module modules/mod_speling.so +#LoadModule userdir_module modules/mod_userdir.so +LoadModule alias_module modules/mod_alias.so +LoadModule rewrite_module modules/mod_rewrite.so + +LoadModule xsendfile_module /usr/lib/apache2/modules/mod_xsendfile.so + + +# +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +# +User www-data +Group www-data + + + +# 'Main' server configuration +# +# The directives in this section set up the values used by the 'main' +# server, which responds to any requests that aren't handled by a +# definition. These values also provide defaults for +# any containers you may define later in the file. +# +# All of these directives may appear inside containers, +# in which case these default settings will be overridden for the +# virtual host being defined. +# + +# +# ServerAdmin: Your address, where problems with the server should be +# e-mailed. This address appears on some server-generated pages, such +# as error documents. e.g. admin@your-domain.com +# +ServerAdmin you@example.com + +# +# ServerName gives the name and port that the server uses to identify itself. +# This can often be determined automatically, but we recommend you specify +# it explicitly to prevent problems during startup. +# +# If your host doesn't have a registered DNS name, enter its IP address here. +# +#ServerName www.example.com:80 + +# +# Deny access to the entirety of your server's filesystem. You must +# explicitly permit access to web content directories in other +# blocks below. +# + + AllowOverride none + Require all denied + + +# +# Note that from this point forward you must specifically allow +# particular features to be enabled - so if something's not working as +# you might expect, make sure that you have specifically enabled it +# below. +# + +# +# DocumentRoot: The directory out of which you will serve your +# documents. By default, all requests are taken from this directory, but +# symbolic links and aliases may be used to point to other locations. +# +DocumentRoot "/application" + + # + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.4/mod/core.html#options + # for more information. + # + Options Indexes FollowSymLinks + + # + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # AllowOverride FileInfo AuthConfig Limit + # + AllowOverride All + + # + # Controls who can get stuff from this server. + # + Require all granted + + +ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://extranet:9000/application/$1" timeout=1800 + +XSendFile on +XSendFilePath /application + +# +# DirectoryIndex: sets the file that Apache will serve if a directory +# is requested. +# + + DirectoryIndex index.html index.php + + +# +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. +# + + Require all denied + + +# +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +# +ErrorLog /proc/self/fd/2 + +# +# LogLevel: Control the number of messages logged to the error_log. +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +# +LogLevel warn + + + # + # The following directives define some format nicknames for use with + # a CustomLog directive (see below). + # + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined + LogFormat "%h %l %u %t \"%r\" %>s %b" common + + + # You need to enable mod_logio.c to use %I and %O + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio + + + # + # The location and format of the access logfile (Common Logfile Format). + # If you do not define any access logfiles within a + # container, they will be logged here. Contrariwise, if you *do* + # define per- access logfiles, transactions will be + # logged therein and *not* in this file. + # + CustomLog /proc/self/fd/1 common + + # + # If you prefer a logfile with access, agent, and referer information + # (Combined Logfile Format) you can use the following directive. + # + #CustomLog "logs/access_log" combined + + + + # + # Redirect: Allows you to tell clients about documents that used to + # exist in your server's namespace, but do not anymore. The client + # will make a new request for the document at its new location. + # Example: + # Redirect permanent /foo http://www.example.com/bar + + # + # Alias: Maps web paths into filesystem paths and is used to + # access content that does not live under the DocumentRoot. + # Example: + # Alias /webpath /full/filesystem/path + # + # If you include a trailing / on /webpath then the server will + # require it to be present in the URL. You will also likely + # need to provide a section to allow access to + # the filesystem path. + + # + # ScriptAlias: This controls which directories contain server scripts. + # ScriptAliases are essentially the same as Aliases, except that + # documents in the target directory are treated as applications and + # run by the server when requested rather than as documents sent to the + # client. The same rules about trailing "/" apply to ScriptAlias + # directives as to Alias. + # + ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/" + + + + + # + # ScriptSock: On threaded servers, designate the path to the UNIX + # socket used to communicate with the CGI daemon of mod_cgid. + # + #Scriptsock cgisock + + +# +# "/usr/local/apache2/cgi-bin" should be changed to whatever your ScriptAliased +# CGI directory exists, if you have that configured. +# + + AllowOverride None + Options None + Require all granted + + + + # + # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied + # backend servers which have lingering "httpoxy" defects. + # 'Proxy' request header is undefined by the IETF, not listed by IANA + # + RequestHeader unset Proxy early + + + + # + # TypesConfig points to the file containing the list of mappings from + # filename extension to MIME-type. + # + TypesConfig conf/mime.types + + # + # AddType allows you to add to or override the MIME configuration + # file specified in TypesConfig for specific file types. + # + #AddType application/x-gzip .tgz + # + # AddEncoding allows you to have certain browsers uncompress + # information on the fly. Note: Not all browsers support this. + # + #AddEncoding x-compress .Z + #AddEncoding x-gzip .gz .tgz + # + # If the AddEncoding directives above are commented-out, then you + # probably should define those extensions to indicate media types: + # + AddType application/x-compress .Z + AddType application/x-gzip .gz .tgz + + # + # AddHandler allows you to map certain file extensions to "handlers": + # actions unrelated to filetype. These can be either built into the server + # or added with the Action directive (see below) + # + # To use CGI scripts outside of ScriptAliased directories: + # (You will also need to add "ExecCGI" to the "Options" directive.) + # + #AddHandler cgi-script .cgi + + # For type maps (negotiated resources): + #AddHandler type-map var + + # + # Filters allow you to process content before it is sent to the client. + # + # To parse .shtml files for server-side includes (SSI): + # (You will also need to add "Includes" to the "Options" directive.) + # + #AddType text/html .shtml + #AddOutputFilter INCLUDES .shtml + + +# +# The mod_mime_magic module allows the server to use various hints from the +# contents of the file itself to determine its type. The MIMEMagicFile +# directive tells the module where the hint definitions are located. +# +#MIMEMagicFile conf/magic + +# +# Customizable error responses come in three flavors: +# 1) plain text 2) local redirects 3) external redirects +# +# Some examples: +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html +# + +# +# MaxRanges: Maximum number of Ranges in a request before +# returning the entire resource, or one of the special +# values 'default', 'none' or 'unlimited'. +# Default setting is to accept 200 Ranges. +#MaxRanges unlimited + +# +# EnableMMAP and EnableSendfile: On systems that support it, +# memory-mapping or the sendfile syscall may be used to deliver +# files. This usually improves server performance, but must +# be turned off when serving from networked-mounted +# filesystems or if support for these functions is otherwise +# broken on your system. +# Defaults: EnableMMAP On, EnableSendfile Off +# +#EnableMMAP off +#EnableSendfile on + +# Supplemental configuration +# +# The configuration files in the conf/extra/ directory can be +# included to add extra features or to modify the default configuration of +# the server, or you may simply copy their contents here and change as +# necessary. + +# Server-pool management (MPM specific) +#Include conf/extra/httpd-mpm.conf + +# Multi-language error messages +#Include conf/extra/httpd-multilang-errordoc.conf + +# Fancy directory listings +#Include conf/extra/httpd-autoindex.conf + +# Language settings +#Include conf/extra/httpd-languages.conf + +# User home directories +#Include conf/extra/httpd-userdir.conf + +# Real-time info on requests and configuration +#Include conf/extra/httpd-info.conf + +# Virtual hosts +#Include conf/extra/httpd-vhosts.conf + +# Local access to the Apache HTTP Server Manual +#Include conf/extra/httpd-manual.conf + +# Distributed authoring and versioning (WebDAV) +#Include conf/extra/httpd-dav.conf + +# Various default settings +#Include conf/extra/httpd-default.conf + +# Configure mod_proxy_html to understand HTML4/XHTML1 + +Include conf/extra/proxy-html.conf + + +# Secure (SSL/TLS) connections +#Include conf/extra/httpd-ssl.conf +# +# Note: The following must must be present to support +# starting without SSL on platforms with no /dev/random equivalent +# but a statically compiled-in mod_ssl. +# + +SSLRandomSeed startup builtin +SSLRandomSeed connect builtin + + diff --git a/.docker/config/monit/conf.d/00-global.conf b/.docker/config/monit/conf.d/00-global.conf new file mode 100644 index 000000000..6807ce237 --- /dev/null +++ b/.docker/config/monit/conf.d/00-global.conf @@ -0,0 +1,15 @@ +set daemon 300 # On vérifie toutes les 60 secondes + +set logfile /proc/self/fd/2 + +set mailserver smtp.gmail.com port 587 + username "monitoring.cubedesigners@gmail.com" password "vwkjhyvzrznyrdzh" + using tls +set mail-format { + subject: $SERVICE | $EVENT +} +set alert monitoring.cubedesigners@gmail.com + with reminder on 15 cycles # Destinataire + +set httpd port 8123 + allow root:5XHF26YHYlPcIz # login et mot de passe de connexion diff --git a/.docker/config/monit/conf.d/02-cron.conf b/.docker/config/monit/conf.d/02-cron.conf new file mode 100644 index 000000000..b3ecc9d8c --- /dev/null +++ b/.docker/config/monit/conf.d/02-cron.conf @@ -0,0 +1,6 @@ +# cron +check process cron with pidfile /var/run/crond.pid +group system +start program = "/usr/sbin/service cron start" +stop program = "/usr/sbin/service cron stop" +if 5 restarts within 5 cycles then timeout diff --git a/.docker/config/monit/id b/.docker/config/monit/id new file mode 100644 index 000000000..ea23696e7 --- /dev/null +++ b/.docker/config/monit/id @@ -0,0 +1 @@ +2c6b5d5f8994cde161f9a1c125de5da2 \ No newline at end of file diff --git a/.docker/config/monit/monitrc b/.docker/config/monit/monitrc new file mode 100644 index 000000000..725c65503 --- /dev/null +++ b/.docker/config/monit/monitrc @@ -0,0 +1,307 @@ +############################################################################### +## Monit control file +############################################################################### +## +## Comments begin with a '#' and extend through the end of the line. Keywords +## are case insensitive. All path's MUST BE FULLY QUALIFIED, starting with '/'. +## +## Below you will find examples of some frequently used statements. For +## information about the control file and a complete list of statements and +## options, please have a look in the Monit manual. +## +## +############################################################################### +## Global section +############################################################################### +## +## Start Monit in the background (run as a daemon): +# + set daemon 120 # check services at 2-minute intervals +# with start delay 240 # optional: delay the first check by 4-minutes (by +# # default Monit check immediately after Monit start) +# +# +## Set syslog logging. If you want to log to a standalone log file instead, +## specify the full path to the log file +# + set log /var/log/monit.log + +# +# +## Set the location of the Monit lock file which stores the process id of the +## running Monit instance. By default this file is stored in $HOME/.monit.pid +# +# set pidfile /var/run/monit.pid +# +## Set the location of the Monit id file which stores the unique id for the +## Monit instance. The id is generated and stored on first Monit start. By +## default the file is placed in $HOME/.monit.id. +# +# set idfile /var/.monit.id + set idfile /var/lib/monit/id +# +## Set the location of the Monit state file which saves monitoring states +## on each cycle. By default the file is placed in $HOME/.monit.state. If +## the state file is stored on a persistent filesystem, Monit will recover +## the monitoring state across reboots. If it is on temporary filesystem, the +## state will be lost on reboot which may be convenient in some situations. +# + set statefile /var/lib/monit/state +# +# + +## Set limits for various tests. The following example shows the default values: +## +# set limits { +# programOutput: 512 B, # check program's output truncate limit +# sendExpectBuffer: 256 B, # limit for send/expect protocol test +# fileContentBuffer: 512 B, # limit for file content test +# httpContentBuffer: 1 MB, # limit for HTTP content test +# networkTimeout: 5 seconds # timeout for network I/O +# programTimeout: 300 seconds # timeout for check program +# stopTimeout: 30 seconds # timeout for service stop +# startTimeout: 30 seconds # timeout for service start +# restartTimeout: 30 seconds # timeout for service restart +# } + +## Set global SSL options (just most common options showed, see manual for +## full list). +# +# set ssl { +# verify : enable, # verify SSL certificates (disabled by default but STRONGLY RECOMMENDED) +# selfsigned : allow # allow self signed SSL certificates (reject by default) +# } +# +# +## Set the list of mail servers for alert delivery. Multiple servers may be +## specified using a comma separator. If the first mail server fails, Monit +# will use the second mail server in the list and so on. By default Monit uses +# port 25 - it is possible to override this with the PORT option. +# +# set mailserver mail.bar.baz, # primary mailserver +# backup.bar.baz port 10025, # backup mailserver on port 10025 +# localhost # fallback relay +# +# +## By default Monit will drop alert events if no mail servers are available. +## If you want to keep the alerts for later delivery retry, you can use the +## EVENTQUEUE statement. The base directory where undelivered alerts will be +## stored is specified by the BASEDIR option. You can limit the queue size +## by using the SLOTS option (if omitted, the queue is limited by space +## available in the back end filesystem). +# + set eventqueue + basedir /var/lib/monit/events # set the base directory where events will be stored + slots 100 # optionally limit the queue size +# +# +## Send status and events to M/Monit (for more informations about M/Monit +## see https://mmonit.com/). By default Monit registers credentials with +## M/Monit so M/Monit can smoothly communicate back to Monit and you don't +## have to register Monit credentials manually in M/Monit. It is possible to +## disable credential registration using the commented out option below. +## Though, if safety is a concern we recommend instead using https when +## communicating with M/Monit and send credentials encrypted. The password +## should be URL encoded if it contains URL-significant characters like +## ":", "?", "@". Default timeout is 5 seconds, you can customize it by +## adding the timeout option. +# +# set mmonit http://monit:monit@192.168.1.10:8080/collector +# # with timeout 30 seconds # Default timeout is 5 seconds +# # and register without credentials # Don't register credentials +# +# +## Monit by default uses the following format for alerts if the mail-format +## statement is missing:: +## --8<-- +## set mail-format { +## from: Monit +## subject: monit alert -- $EVENT $SERVICE +## message: $EVENT Service $SERVICE +## Date: $DATE +## Action: $ACTION +## Host: $HOST +## Description: $DESCRIPTION +## +## Your faithful employee, +## Monit +## } +## --8<-- +## +## You can override this message format or parts of it, such as subject +## or sender using the MAIL-FORMAT statement. Macros such as $DATE, etc. +## are expanded at runtime. For example, to override the sender, use: +# +# set mail-format { from: monit@foo.bar } +# +# +## You can set alert recipients whom will receive alerts if/when a +## service defined in this file has errors. Alerts may be restricted on +## events by using a filter as in the second example below. +# +# set alert sysadm@foo.bar # receive all alerts +# +## Do not alert when Monit starts, stops or performs a user initiated action. +## This filter is recommended to avoid getting alerts for trivial cases. +# +# set alert your-name@your.domain not on { instance, action } +# +# +## Monit has an embedded HTTP interface which can be used to view status of +## services monitored and manage services from a web interface. The HTTP +## interface is also required if you want to issue Monit commands from the +## command line, such as 'monit status' or 'monit restart service' The reason +## for this is that the Monit client uses the HTTP interface to send these +## commands to a running Monit daemon. See the Monit Wiki if you want to +## enable SSL for the HTTP interface. +# +# set httpd port 2812 and +# use address localhost # only accept connection from localhost (drop if you use M/Monit) +# allow localhost # allow localhost to connect to the server and +# allow admin:monit # require user 'admin' with password 'monit' +# #with ssl { # enable SSL/TLS and set path to server certificate +# # pemfile: /etc/ssl/certs/monit.pem +# #} + +############################################################################### +## Services +############################################################################### +## +## Check general system resources such as load average, cpu and memory +## usage. Each test specifies a resource, conditions and the action to be +## performed should a test fail. +# +# check system $HOST +# if loadavg (1min) per core > 2 for 5 cycles then alert +# if loadavg (5min) per core > 1.5 for 10 cycles then alert +# if cpu usage > 95% for 10 cycles then alert +# if memory usage > 75% then alert +# if swap usage > 25% then alert +# +# +## Check if a file exists, checksum, permissions, uid and gid. In addition +## to alert recipients in the global section, customized alert can be sent to +## additional recipients by specifying a local alert handler. The service may +## be grouped using the GROUP option. More than one group can be specified by +## repeating the 'group name' statement. +# +# check file apache_bin with path /usr/local/apache/bin/httpd +# if failed checksum and +# expect the sum 8f7f419955cefa0b33a2ba316cba3659 then unmonitor +# if failed permission 755 then unmonitor +# if failed uid "root" then unmonitor +# if failed gid "root" then unmonitor +# alert security@foo.bar on { +# checksum, permission, uid, gid, unmonitor +# } with the mail-format { subject: Alarm! } +# group server +# +# +## Check that a process is running, in this case Apache, and that it respond +## to HTTP and HTTPS requests. Check its resource usage such as cpu and memory, +## and number of children. If the process is not running, Monit will restart +## it by default. In case the service is restarted very often and the +## problem remains, it is possible to disable monitoring using the TIMEOUT +## statement. This service depends on another service (apache_bin) which +## is defined above. +# +# check process apache with pidfile /usr/local/apache/logs/httpd.pid +# start program = "/etc/init.d/httpd start" with timeout 60 seconds +# stop program = "/etc/init.d/httpd stop" +# if cpu > 60% for 2 cycles then alert +# if cpu > 80% for 5 cycles then restart +# if totalmem > 200.0 MB for 5 cycles then restart +# if children > 250 then restart +# if disk read > 500 kb/s for 10 cycles then alert +# if disk write > 500 kb/s for 10 cycles then alert +# if failed host www.tildeslash.com port 80 protocol http and request "/somefile.html" then restart +# if failed port 443 protocol https with timeout 15 seconds then restart +# if 3 restarts within 5 cycles then unmonitor +# depends on apache_bin +# group server +# +# +## Check filesystem permissions, uid, gid, space usage, inode usage and disk I/O. +## Other services, such as databases, may depend on this resource and an automatically +## graceful stop may be cascaded to them before the filesystem will become full and data +## lost. +# +# check filesystem datafs with path /dev/sdb1 +# start program = "/bin/mount /data" +# stop program = "/bin/umount /data" +# if failed permission 660 then unmonitor +# if failed uid "root" then unmonitor +# if failed gid "disk" then unmonitor +# if space usage > 80% for 5 times within 15 cycles then alert +# if space usage > 99% then stop +# if inode usage > 30000 then alert +# if inode usage > 99% then stop +# if read rate > 1 MB/s for 5 cycles then alert +# if read rate > 500 operations/s for 5 cycles then alert +# if write rate > 1 MB/s for 5 cycles then alert +# if write rate > 500 operations/s for 5 cycles then alert +# if service time > 10 milliseconds for 3 times within 5 cycles then alert +# group server +# +# +## Check a file's timestamp. In this example, we test if a file is older +## than 15 minutes and assume something is wrong if its not updated. Also, +## if the file size exceed a given limit, execute a script +# +# check file database with path /data/mydatabase.db +# if failed permission 700 then alert +# if failed uid "data" then alert +# if failed gid "data" then alert +# if timestamp > 15 minutes then alert +# if size > 100 MB then exec "/my/cleanup/script" as uid dba and gid dba +# +# +## Check directory permission, uid and gid. An event is triggered if the +## directory does not belong to the user with uid 0 and gid 0. In addition, +## the permissions have to match the octal description of 755 (see chmod(1)). +# +# check directory bin with path /bin +# if failed permission 755 then unmonitor +# if failed uid 0 then unmonitor +# if failed gid 0 then unmonitor +# +# +## Check a remote host availability by issuing a ping test and check the +## content of a response from a web server. Up to three pings are sent and +## connection to a port and an application level network check is performed. +# +# check host myserver with address 192.168.1.1 +# if failed ping then alert +# if failed port 3306 protocol mysql with timeout 15 seconds then alert +# if failed port 80 protocol http +# and request /some/path with content = "a string" +# then alert +# +# +## Check a network link status (up/down), link capacity changes, saturation +## and bandwidth usage. +# +# check network public with interface eth0 +# if failed link then alert +# if changed link then alert +# if saturation > 90% then alert +# if download > 10 MB/s then alert +# if total uploaded > 1 GB in last hour then alert +# +# +## Check custom program status output. +# +# check program myscript with path /usr/local/bin/myscript.sh +# if status != 0 then alert +# +# +############################################################################### +## Includes +############################################################################### +## +## It is possible to include additional configuration parts from other files or +## directories. +# + include /etc/monit/conf.d/* +# include /etc/monit/conf-enabled/* +# diff --git a/.docker/config/php.ini b/.docker/config/php.ini new file mode 100644 index 000000000..c2fa5624f --- /dev/null +++ b/.docker/config/php.ini @@ -0,0 +1,9 @@ +upload_max_filesize = 10G +post_max_size = 10G +max_file_uploads = 20 +error_log = /proc/self/fd/2 +log_errors = 1 +memory_limit = 24G +session.cookie_lifetime = 604800 +session.gc_maxlifetime = 604800 +disable_functions = diff --git a/.docker/config/ssh/authorized_keys2 b/.docker/config/ssh/authorized_keys2 new file mode 100644 index 000000000..43c5e7d4e --- /dev/null +++ b/.docker/config/ssh/authorized_keys2 @@ -0,0 +1,3 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDwuvRRPH1/Xph5kTo77b/OBRbpumjmu8EZ83h4wFPeg5oy8EpsMKSevYpXWmEuZuUL34HJdmY1WYb+EecUpcOYM1DfLJwGcD324chf7qddpt/85y/fRyplJQNkWcgzUAppA2AXHR21xgNPsqpMYbuIJmqcAAzGLeBznq3TB/sQqSXkoOqcyZxCXPAr4f+UmO+QG7Ct2iuXDjENEiQ3/Ckn4P9bCKNFkol9qQTznM5NN8x+nxU4+Kpkefxr3mhx6Cxl3K2raa5Yq2BzcXXQQR7eJBoqDEJpGcdAybO5IyMeB0LBXIrsSXy6e4zTj0Aj9k7Kr7ilh5eoJ20T4OvO3KFF stephen@cubedesigners.com +ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAtabxRZZMjtmq+r8uXsBmfLgAtkxqwigGpx0e6Mx066ukIWIafFsguity6aV5QNI4UfxXnX3QXROcWeIiyLBV4yDGxuq7ah4r0X1CjqHUvHoGpXwJ2DIWPeaa8XyXnavmj0SNtKn0f1T+oJS0fcryUTLyxY7eOgNsr+pp1fVmgca9Efj0BKUXV/SUIjp8JX3x0/E/3PAqG81zus2SxzuOO1b0FKXDq43Gx6Ov3Ok7+Pje4G4pB56rJiiXlPxrBlY0e8Pz/7+kFF8izCiztJLtZig32Dx0HbLYGtSvIPJKYxK8DDD/RWWpL3mgNPYZ2PE3wHf4c7CTlxLCDP+NeRS1yQ== vincent+2021@cubedesigners.com +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDwRQkEWWqc1KbEyiTxR2doyaYccrlVrtpFETuzoB9QaBp4x+Iz948f1l7s4t+8JKU+AomYoPM7sDNoSaUihMxBz7zsI0HH41Bw5my1X0ugzt6dEPpR6VL31/DMeDRDAvJWH/kCDBjxclOJVv52E8sdPqvsKo3VeCZz1gdw0I+AEVFaTtZGFyXUW5/7iPi6kpxkPOoO83+7Ijb+Jdso/KT99Hp+X6W0NsTUpQiRt4+Vp9AKl8hXfPYzx2Nw86w8Lw/nIp6rwJ/c/ZmgCZFMEN2NrRbfQtV32E7c2QT25ljwNRfNc/wjzH4QJgTB2TPbqid01w/9EQr6G1wcqD0zZZeUe+Fz/rXo/sJkhlTIrvfO4pJx6IS4x+r1pTBECOt++9+6MhiBHUL2TsIUQBu52QPXqLfUP8S/HjPgDNA0bUM7S7t8jBIHj2MuVKIDqWgcSIV4Gcs38aMy2mqR4lh0i1bM7eP2MQfbK3Q1hpHzJkuUiZx9gHgnaie+AA14srMW16k= root@her.cubedesigners.com diff --git a/.docker/config/ssh/id_rsa b/.docker/config/ssh/id_rsa new file mode 100644 index 000000000..4770249ab --- /dev/null +++ b/.docker/config/ssh/id_rsa @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAt7xzRO52uvGlDxcACuId1Vvj0eBmWi7Ewncki3bfPe+IypbT +A31nRGzP/5kDpuJziw5D5G5/k19Brkzbv0pxUz/6pxu3vqfqaobmK78PQhwR7bBq +D2UtWVrOd8Ll27iZmE8yTGjFfnYm0Ydq1/7sx+3QTVUCTBhXEJI66v1J4SU4CmT6 +a4cdrQ1eEZu9hlx+CTovsmrrTO4yttYKcXRVCcu1WjWjwdYqnAopJ/obQjbNZ/AY +1UcADDyPQAenhIH1+vA8lRfNExi8lsZQrphTmVwxC4Tp3ibTtMxTEhLgVV2z5tnz +atY2jGnqoJmakImTTNKOIalv2S3ER9JPoBlxxwIDAQABAoIBAGykogRAfTRNbqxd +jUjiK4Hds/iGF/97aB0VFibhQ1/8I4anaF7H6Cgtr1ATynUDsg6ngL2yGP2rdcr6 +53VVL21qh2wIl73EzHfxDGkRsJQGxRMnHY+84/PSHgPy2rfxj+Df83369cyxUILU +7/iIZLpThLg1bAZS3iiOTwhkfSsDNci1A1tGg5xDBEfydNCYF704wufyR6tDAZMg +2EwadCsEtAltD9HjkFscGKoRkrbMq0t7IS3huqElqJv3kUxmaXFLBj4PZltUOEp3 +6NuGIXz5oNr2Ny11ZtOoyTVn5SrGq/ijbKA3UjEqtrYTO2zbqQ/nhCIIX6o7k3zp +gZF8iAECgYEA6eImFX2r6d7emCCS8dO61TyWTiaipEgHo7Z/BP/CD6x9f9QSp1yd +L/AJ5afKGE2c75J1OqLikP7LIgq5kSc6SmYYY8J6etohZ5Z+vWvnJyvAZkgGL8U3 +E6dm8IuOnLlkjga7KEALsoH2AhIBYMxYPlGc34+RG0+h/5QjjXqkOucCgYEAyRxW +EW0NGVzUtxJI3rQGpsGJ4Og7zsBWg3CTMYpOR3E5SYNhmoa015bHeqJdsblqE8qo +BeEyfPxRcQCql0oZBNhawbh4TDuJ6TKyM8rxdSCxXmSjLbTdA216VW5N+KbjOVQT +IdC144kZYQwZD7K0rNhuajoSZmIL452Bh59yFiECgYEAxjBkE0wGFM1OFN1th8zi +gnWv7JOiuNFs39bytdrAqKWDR4H/OKErdgbTbC+N+qAyP3T9L+39Td8LZVJvQ0hZ +hdgUDN0tCtOzAOOvjHZWT4Qsqr+Xtn1JGbd+bJHmDHqxcgTULdxvzRmBzOlTD6K5 +mD1yUKOI0/rcDQaMRgRKDLsCgYEAijpMuft/VmBk4FPT/CY2sCU0VH6qpOe0TvFw +akuKlDYxTuLbki9mWwwKnbK9vWsYivPu2uO3JQr0Gzx/BC9s1NS0RJQ7MwJ1PvCW +ZVzm6z+GSb/YHJFEm5eCzvda5j4mzX+JCuP+MJ9J71c2XoDRCEBWW/MANJjNXSwk +HIiuDKECgYBEP2JJ1yOKH4rxkGkRJklOqfpF/dUXVyCDs64E1701AptfK+rKjay7 +eTZGuT6pgCqtUAeXS7sb/5QlYOOoJ8YpzCo1TH+KtPS9nZBxir+a+Ui6s9lxcUcK +sbqfaDYxb3dHUevKhOhUIDJLXehq9sw0+zETDM6zMnBonoFcvTBEhQ== +-----END RSA PRIVATE KEY----- diff --git a/.docker/config/ssh/id_rsa.pub b/.docker/config/ssh/id_rsa.pub new file mode 100644 index 000000000..2f7a68c96 --- /dev/null +++ b/.docker/config/ssh/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3vHNE7na68aUPFwAK4h3VW+PR4GZaLsTCdySLdt8974jKltMDfWdEbM//mQOm4nOLDkPkbn+TX0GuTNu/SnFTP/qnG7e+p+pqhuYrvw9CHBHtsGoPZS1ZWs53wuXbuJmYTzJMaMV+dibRh2rX/uzH7dBNVQJMGFcQkjrq/UnhJTgKZPprhx2tDV4Rm72GXH4JOi+yautM7jK21gpxdFUJy7VaNaPB1iqcCikn+htCNs1n8BjVRwAMPI9AB6eEgfX68DyVF80TGLyWxlCumFOZXDELhOneJtO0zFMSEuBVXbPm2fNq1jaMaeqgmZqQiZNM0o4hqW/ZLcRH0k+gGXHH extranet@amarcord.cubedesigners.com diff --git a/.docker/config/ssh/known_hosts b/.docker/config/ssh/known_hosts new file mode 100644 index 000000000..59c896d8f --- /dev/null +++ b/.docker/config/ssh/known_hosts @@ -0,0 +1,56 @@ +|1|3IVVBxZXULg3/WOtSN48ccHM8CE=|kgSZNXrlf9Na7pr0Rznwc72BIF0= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqGqBPO6XTFdvWPXvJPAGMYfugcbPp51KXkVH7NPMmdKeo6/Q9xbBajJmlXRh3jAeeCOehZ8C3acpMFIie0iFcECBaHNT+fElEN45AMRpnP2OHkZUdm9VtbT4FrHhHJKgHh/GHn4rx3PJWO+bPoPHFu3oyn5pDKAjA6Lzb8uqA34Oyv3aDySKgBx9rORzeOI58AFnldOEOsCnJNkF3/3lgbt+h70Pk42ks6gxcOCQk4Ag47FqrZ7jrqKo+qnZW0ybIcXuuJdNh2CPEzLHvCXDppBuVKTYKsF57i/yDYheq4cXTvztYaW9DEwClnJULYX0sEzZaDSAR9wQyseNb3z7Bw== +|1|79Gj1cwpFZ5sfN3wlkBoZBTiJoQ=|l5GsQWwZJ2bYPekKCOO6qXfG3QM= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqGqBPO6XTFdvWPXvJPAGMYfugcbPp51KXkVH7NPMmdKeo6/Q9xbBajJmlXRh3jAeeCOehZ8C3acpMFIie0iFcECBaHNT+fElEN45AMRpnP2OHkZUdm9VtbT4FrHhHJKgHh/GHn4rx3PJWO+bPoPHFu3oyn5pDKAjA6Lzb8uqA34Oyv3aDySKgBx9rORzeOI58AFnldOEOsCnJNkF3/3lgbt+h70Pk42ks6gxcOCQk4Ag47FqrZ7jrqKo+qnZW0ybIcXuuJdNh2CPEzLHvCXDppBuVKTYKsF57i/yDYheq4cXTvztYaW9DEwClnJULYX0sEzZaDSAR9wQyseNb3z7Bw== +|1|JB8CpLWqmxSPxOODwUlZ3BNWNm8=|YNelVJvU8nVRuZtsjEv9tjXi5S0= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9IKKQQsmGCFUJwYTCJ1uEavuYtCVoKni0Hxx6QsxkyP73ehJ/mFucqbwSdgNWLPmuCnRtanHtzb1/pFxi6Om9BKVND0mp8WkAoNIVAt57FkWZ6QacfoPJ3PGeTt+jmEkRX38qrnGqsIzaAVQLNXmDQWsgS1wWl7O/tBBNr4kF4FPXeNvfhvqr32m81UESCgomyPIGFvEoVLSbHLfGIKR2iQveR02k73T1ZYJOdsY40lBl1Qukdgl3a/MtyuuNp6Y5Y1UsAFAgHw+65XpAPE+mIHfVVq61AB1tqO8YclYVc1EcYe0oCXX0pEVAZ6ovgOQp5vwi9XXamdLQwxhCC6Nv +|1|6gvpL4YUhLcoIL7jdxOH1IUlytU=|JBLgxV+tWJTqGZIwx4yzgIw+99c= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/7+EoVIn+sUMZwhBNCz1J7U+dJbUmsV8R7F7JhOIeEMzTb7ZEgV3ai12Rqysi6ig3UkBztsRZWXFmXtBC5BmhB1axfMMIdJLNzX5dZLxT0Py8Sm8i2Xh/JoaiqyVaa9Om+Hd8G+94HDQkelW4bEz1EPLOo021Mja5b8N2P7W47H4ajYZs1IndabjXldG0e4yOu0Yt4fTF+UKc3vD0TgibpJlfFvyEWYIJmvYxwc23IlTut5HxxLDuUmTScFxw08xJibuE/W0fz2+vT8iVZH5ycw1UTb9CJQYI4/jqWMAgF/II7WToZ33CNSfkNKucwOggoqqiq++yx20FxC22l1pJ +|1|Uea6nsxny1zmqQunea1mVrMhj2c=|Wq5ajXUFSpG2nMQYW3q7JWOVv1A= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/7+EoVIn+sUMZwhBNCz1J7U+dJbUmsV8R7F7JhOIeEMzTb7ZEgV3ai12Rqysi6ig3UkBztsRZWXFmXtBC5BmhB1axfMMIdJLNzX5dZLxT0Py8Sm8i2Xh/JoaiqyVaa9Om+Hd8G+94HDQkelW4bEz1EPLOo021Mja5b8N2P7W47H4ajYZs1IndabjXldG0e4yOu0Yt4fTF+UKc3vD0TgibpJlfFvyEWYIJmvYxwc23IlTut5HxxLDuUmTScFxw08xJibuE/W0fz2+vT8iVZH5ycw1UTb9CJQYI4/jqWMAgF/II7WToZ33CNSfkNKucwOggoqqiq++yx20FxC22l1pJ +|1|CXic6YjQjVPYsCXH/qkhlh3M0k0=|BhcTCPYg9r1J2l6G2t43DNy73a0= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/7+EoVIn+sUMZwhBNCz1J7U+dJbUmsV8R7F7JhOIeEMzTb7ZEgV3ai12Rqysi6ig3UkBztsRZWXFmXtBC5BmhB1axfMMIdJLNzX5dZLxT0Py8Sm8i2Xh/JoaiqyVaa9Om+Hd8G+94HDQkelW4bEz1EPLOo021Mja5b8N2P7W47H4ajYZs1IndabjXldG0e4yOu0Yt4fTF+UKc3vD0TgibpJlfFvyEWYIJmvYxwc23IlTut5HxxLDuUmTScFxw08xJibuE/W0fz2+vT8iVZH5ycw1UTb9CJQYI4/jqWMAgF/II7WToZ33CNSfkNKucwOggoqqiq++yx20FxC22l1pJ +|1|A8NgqsDMpVf0ns3j3hYJ4PQdffA=|+vb9SJgj1SWQcYY3VRQfkqtHack= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/7+EoVIn+sUMZwhBNCz1J7U+dJbUmsV8R7F7JhOIeEMzTb7ZEgV3ai12Rqysi6ig3UkBztsRZWXFmXtBC5BmhB1axfMMIdJLNzX5dZLxT0Py8Sm8i2Xh/JoaiqyVaa9Om+Hd8G+94HDQkelW4bEz1EPLOo021Mja5b8N2P7W47H4ajYZs1IndabjXldG0e4yOu0Yt4fTF+UKc3vD0TgibpJlfFvyEWYIJmvYxwc23IlTut5HxxLDuUmTScFxw08xJibuE/W0fz2+vT8iVZH5ycw1UTb9CJQYI4/jqWMAgF/II7WToZ33CNSfkNKucwOggoqqiq++yx20FxC22l1pJ +|1|OjQ1Mm5cchDnVBEtOlqfz7LTLrg=|k2r3tfhHXBBXKfFgWuuw5u4jpWc= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/7+EoVIn+sUMZwhBNCz1J7U+dJbUmsV8R7F7JhOIeEMzTb7ZEgV3ai12Rqysi6ig3UkBztsRZWXFmXtBC5BmhB1axfMMIdJLNzX5dZLxT0Py8Sm8i2Xh/JoaiqyVaa9Om+Hd8G+94HDQkelW4bEz1EPLOo021Mja5b8N2P7W47H4ajYZs1IndabjXldG0e4yOu0Yt4fTF+UKc3vD0TgibpJlfFvyEWYIJmvYxwc23IlTut5HxxLDuUmTScFxw08xJibuE/W0fz2+vT8iVZH5ycw1UTb9CJQYI4/jqWMAgF/II7WToZ33CNSfkNKucwOggoqqiq++yx20FxC22l1pJ +|1|BnxfVgZBBlN7XTDhT0lEF+Zfaxk=|xd+kTDGYOXcR2XM7AtxA5uzbeIY= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKwJElTYlGbB3mkZmRORB1sidkB7c7M0cVjsxHB0/0E9HgvnoFU3n59w/250s+AQvgxd1yVCFTVvoKuenOFsrO4= +|1|Fg32JjcqpbD8G8iqS2/uBg/9utc=|lP7P37zRHrn7tN6gRWdRJIGIrQA= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKwJElTYlGbB3mkZmRORB1sidkB7c7M0cVjsxHB0/0E9HgvnoFU3n59w/250s+AQvgxd1yVCFTVvoKuenOFsrO4= +|1|JK0UKVXeAaqmtsXO+FE09tboyUU=|+6hN9wY1k4g4vRq9EGEJXfnvy+o= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPYP64CSI+tBizZ3/ooWRuKAqElrfO4sgjjeFixkctKtY8AX/nvRBGcbt04GLz0s7MAWC/fD8IHx6hcfMJFIVZE= +|1|Mk2DCVcx82lnw6pHPwwBPkDZxCs=|cNjaLJfVZIIgUCDoA0NkvqorccA= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJeLh7OP6Mm9daVphpXKuy4X4xfRdfbvSv07qEpzJOurT9PYkYZ3/j4TU9RtnwYoBjUlJRd9/RnqM2FI65J8Ry8= +|1|szICOSWCm2u6BXcKG3yiO8WPddM=|JsMpAskGQWAkJnnE+FJhimT9ZUg= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIwustnnEdkm0E6FGbyJOZjOx6L4OitNv8f8IALrYUbUAchWJkZMO+YamJELJNIfrcm52LcZHZJhJ4GEaTLHa1vs7pBF9S2RExpCfAhMFy0f6nL/Wc1n8oEePQX9t4xtHLtkdVqQ2ltjiy74zrNIwsMffpYnNgF1Zbexn+DkSzRSvngMKbt/gJEVBNvKCAuzydEMfjWzgi3sr0fKOvAgMLvK97I5adBHBAn3A9ex12RCGKAPqkkwKeKA6KcP0Uu/fsaXGZ2fy4Gm4Lb7WpZKFod7qIApDlFP2qeToMoItc2SirMULmGiWNvfa+zk51bNl+dwIw9jMdS648wYIcZNy7 +|1|azs4qvB1uhtyask+/kSuwMp9pqU=|ErvvSESJuf5tp8KH62zHgGv5FeI= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIwustnnEdkm0E6FGbyJOZjOx6L4OitNv8f8IALrYUbUAchWJkZMO+YamJELJNIfrcm52LcZHZJhJ4GEaTLHa1vs7pBF9S2RExpCfAhMFy0f6nL/Wc1n8oEePQX9t4xtHLtkdVqQ2ltjiy74zrNIwsMffpYnNgF1Zbexn+DkSzRSvngMKbt/gJEVBNvKCAuzydEMfjWzgi3sr0fKOvAgMLvK97I5adBHBAn3A9ex12RCGKAPqkkwKeKA6KcP0Uu/fsaXGZ2fy4Gm4Lb7WpZKFod7qIApDlFP2qeToMoItc2SirMULmGiWNvfa+zk51bNl+dwIw9jMdS648wYIcZNy7 +|1|W6ssvgu/Pw03xLcqTEXbcnIka8w=|9FbEBUU+S605/ndSN1f611WQXP8= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLOqdqX9xy0b2tPgtANigsFcYNt/p7b5FMhZWeN6vx0VInFpMsZDoM7+lcpeUb+wpi9bs7WLXQUGs7VelYocjII= +|1|4qud+Pr10Vz1fhpUKmunUlm+9kg=|PGblvhJvPTlM/mmIPaR7Cm5hIzY= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBUmAzVaD0rw86Z2y6z7eTY5bC2jwg/UBmNL11uDNjM6 +|1|7Je9LMj8dW01Ujd4XwgFSRuy8B4=|pRykMkdqaN68UFxStxpBvh85aaU= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBUmAzVaD0rw86Z2y6z7eTY5bC2jwg/UBmNL11uDNjM6 +|1|A5z48bDvnhWm6ZVowfPONCogMmo=|+05MEl1MREuhgzccYf+k6DFLotc= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHWYd5yPqlxB5DFpwCnboloHXan7fuXZXvPsf9sg1DflTMcDBiMQByVFiQLo52C05CCbb2N9sr0KjQ1RC/86R98= +|1|jAiyVJJ2D/C9BOEzcU+PA2I+JBc=|HdhP5+tIldDp4z8mgzDVOJtP0i4= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIANFl2JCSaJevMwQgEbkSTskRo9sEPNbPcaCURgxDu6q +|1|LVweLKLBsyUmx8UJHbqzKkq1ZNs=|B2xMwTg2g1LtquygF3ftkYDAYYs= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBUmAzVaD0rw86Z2y6z7eTY5bC2jwg/UBmNL11uDNjM6 +|1|5h/ZI07cOIahqG8ZXlwL07csAng=|qBlVMasAWjyEH2OlbVAQYBb/GOE= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEGI/UefTFGQMkNX5fjbcI6ZIwDbOvWi0Pu2NAdrnqMI7OEHbFZ2PZdyOFkOvg+r6L989kt9xX7UDC4hb7YbFXI= +|1|TyPofypGFkvVPkgf0VPHku/it7E=|SrGBcMs+gITKdRnDYAznuP63K1g= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEGI/UefTFGQMkNX5fjbcI6ZIwDbOvWi0Pu2NAdrnqMI7OEHbFZ2PZdyOFkOvg+r6L989kt9xX7UDC4hb7YbFXI= +|1|1126l6G+5eWpyt6IdlJkxl+BTCY=|BKXnjXNzcawljQpFoTGcVXghxbY= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEGI/UefTFGQMkNX5fjbcI6ZIwDbOvWi0Pu2NAdrnqMI7OEHbFZ2PZdyOFkOvg+r6L989kt9xX7UDC4hb7YbFXI= +|1|xjWEULYYILhbC6bxVj4QHY8zSIU=|DmvZydVvC/Ub3JxXf7Io+wF1NNE= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEGI/UefTFGQMkNX5fjbcI6ZIwDbOvWi0Pu2NAdrnqMI7OEHbFZ2PZdyOFkOvg+r6L989kt9xX7UDC4hb7YbFXI= +|1|t5LTHqQ9UtmJGKXY/oXsiDAbWjY=|oxuNyGtrEFKfkq2OgFLC8ZDZNAA= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEGI/UefTFGQMkNX5fjbcI6ZIwDbOvWi0Pu2NAdrnqMI7OEHbFZ2PZdyOFkOvg+r6L989kt9xX7UDC4hb7YbFXI= +|1|nhLwsXEFCFUpb3mwd3cvgbcKyoY=|yTnzVSfLnUS6ylPzwAdO5E8Zk3g= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEGI/UefTFGQMkNX5fjbcI6ZIwDbOvWi0Pu2NAdrnqMI7OEHbFZ2PZdyOFkOvg+r6L989kt9xX7UDC4hb7YbFXI= +|1|+amZBmoTNV8lvrWIo6hdzaeW6Uo=|rNoMKmaeiWEgAX/fFsSstzp0L1Y= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEGI/UefTFGQMkNX5fjbcI6ZIwDbOvWi0Pu2NAdrnqMI7OEHbFZ2PZdyOFkOvg+r6L989kt9xX7UDC4hb7YbFXI= +|1|aBdXxexDgVPYQsaUl5MDVfWPoXM=|MQPc420PQ7lQ33vvKfoUSVGYF48= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLUeUcxDMT/9EmZ5HR9ZspANuClSEuabhCXQKqudEqyatg6Zlg0mrRoNV/rG1jmw3yyBTnfACfFhSwSTWsApwp0= +|1|yXcm07b0rV+Vd+0JlLAapRggqbg=|8JL8yvNw00WjLAGIdfRMEl+5W20= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLUeUcxDMT/9EmZ5HR9ZspANuClSEuabhCXQKqudEqyatg6Zlg0mrRoNV/rG1jmw3yyBTnfACfFhSwSTWsApwp0= +|1|bXruBwRG47+1nsj6BBaJWNQbXyI=|SBHm20MGcP6FNFHiXSYeVU5jcAI= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIcf3EkFhhbkL74VV3dG/ZN6X7Do+JDfzw0l7VJX6EmuTM3l2oNdg5jDp4vRHT8c9SKVe/JumeiAkIa/h6fVD4Y= +|1|DuHmn7aqZDHihuIgaK34MPl9new=|5sAYc09JmnMpNmxqIB3FlUnMNM4= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIcf3EkFhhbkL74VV3dG/ZN6X7Do+JDfzw0l7VJX6EmuTM3l2oNdg5jDp4vRHT8c9SKVe/JumeiAkIa/h6fVD4Y= +|1|e/eXj9j6o2Ae8lQKYwvDkSZwIqs=|lvP7UWwCudtoa543DeGMSfr0M9o= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNOnVdhduDkhosibtcgg9CM7GMUjBLFPz/sQHEbGtzBaFBKFCIzgWbiaN/9bAu9bkiFrfcIuTLklD7pyiGH7DYw= +|1|BnSbTMCwg4/xW9/mbjFOFpqyOv0=|tX1tppQEqCgVEUR1sdHCJuhGx44= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOvpP7Wfp+QvXpn6uhmGHKiWMpmIs/4m93i3DdS0iEJ5qtY147Nx2Xm5N43mc7fR2DzT1cOifWyVu5brTeM7V28= +|1|lb1wLp7UKxtYVfl1Sz6GZ8SZ3TM=|0NxvxYXqC0k3HUK/6oGZ4OBMUmI= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIh4YMXBzPm6skv/vNIM5o2fX87+BxIGBqayKN0Yt6BaTYkEUjh6YMTIjZaaRtv0OJYae50ZvA7hx0Sgcsz+pg4= +|1|hcGrBWJV3jFU2Q9icCSM6nqZiYI=|+j2fP2bl3xNvjBeIyGm1VOZ1Y9U= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIh4YMXBzPm6skv/vNIM5o2fX87+BxIGBqayKN0Yt6BaTYkEUjh6YMTIjZaaRtv0OJYae50ZvA7hx0Sgcsz+pg4= +|1|AyTiKE/O5JFwb5iTcJ49CsmGc5g=|pBSyS7bev1/c45f41Xo6WvMPKdA= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNNde7ObB2Q4zgKdLdnD94Jj7L0D/zVeYs11gOt0rLKzsnDVv5z9Vof4ymc1xAGh+IXeFGCERVsG7LoyluZ7aSU= +|1|azC61snzpEWt6RFgQ3MmdI43Rk8=|dO5MibdFS5fPYuZwPwa+P/48t1M= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNNde7ObB2Q4zgKdLdnD94Jj7L0D/zVeYs11gOt0rLKzsnDVv5z9Vof4ymc1xAGh+IXeFGCERVsG7LoyluZ7aSU= +|1|9hOelAm5gp0PgOJMz8pvUhr0O4Q=|1JY5lUP0qcY/nSh2AD8vGyFFdeE= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIh4YMXBzPm6skv/vNIM5o2fX87+BxIGBqayKN0Yt6BaTYkEUjh6YMTIjZaaRtv0OJYae50ZvA7hx0Sgcsz+pg4= +|1|rTkfDZ2juQhpp59vVHat9zmcyQA=|+BGz6IkDhsbpDRvygLZqdiJYojM= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIh4YMXBzPm6skv/vNIM5o2fX87+BxIGBqayKN0Yt6BaTYkEUjh6YMTIjZaaRtv0OJYae50ZvA7hx0Sgcsz+pg4= +|1|Z9oypZlgPtxdPOB0YoQPh0gJF+w=|aiqGBZcypAOiabZFvHNuFiNwuTY= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+Mn4735wbGXRTDDAx4hHc6PPytq067B9Dhk7jfh5Y0 +|1|MAbLLIerWNHEO4gG0Y/8UXaJIb8=|aJe5SrLdaNVHW0wjLzBpN2p+9yQ= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+Mn4735wbGXRTDDAx4hHc6PPytq067B9Dhk7jfh5Y0 +|1|eJUcrdux2A3Uks/7xdgGTHwfDZ0=|olrn5CjnV0motVzoGro6GUN30zI= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOvpP7Wfp+QvXpn6uhmGHKiWMpmIs/4m93i3DdS0iEJ5qtY147Nx2Xm5N43mc7fR2DzT1cOifWyVu5brTeM7V28= +|1|BmFYIUzSRlOfd2YgWuPh6i/CQoA=|837lAkMkJyZMDmkvdzF0pgOMhpI= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+Mn4735wbGXRTDDAx4hHc6PPytq067B9Dhk7jfh5Y0 +|1|gsbbO8LvomIad7mJBlhRsrdxpao=|EBaC6cc66xA1ltRQtbCqHjV4+Oc= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+Mn4735wbGXRTDDAx4hHc6PPytq067B9Dhk7jfh5Y0 +|1|C+b8T0nJXzNe+eY3e5wXL9loZsI=|UclVRb+xGrbp+SRe81m4ngSzT4c= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+Mn4735wbGXRTDDAx4hHc6PPytq067B9Dhk7jfh5Y0 +|1|ZdcWTq/KqKWA/KsPS9LOadvUSeM=|Bv/XMe0oOc4GK1xl4WIGx44abOk= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+Mn4735wbGXRTDDAx4hHc6PPytq067B9Dhk7jfh5Y0 +|1|t8EmVmv70OzgBwLOtQ5yUrTZD6I=|zbw2rpHTL+6SziUFqMenyKsruNU= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFfdc+dxNFnjYXUgJ4FybxyM7JMBuy3U/llPOhDyKRyKkllGm1Ao5JxxS8YE5u6LGVZvGLDeT178FdCkbKiXn4k= +|1|sfzJBm/GM+ssETBzO7W/0AZVbwU=|L0FqgovLIp6cSC5rQ68R7WQts6E= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFfdc+dxNFnjYXUgJ4FybxyM7JMBuy3U/llPOhDyKRyKkllGm1Ao5JxxS8YE5u6LGVZvGLDeT178FdCkbKiXn4k= +|1|hgYTRdy0aciJu1ErQoZ2T0lsgO4=|7T0IuuEMD93drXELHXpvCnkW7+0= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBO58Sl069DltxV+qe5/RH0U5lfhzmCxPZkn+OtK7xaM/TUBW7AR4BSEFlB6a0H2g9mDpaLf9pcAAs2R9piOH7oE= +|1|ZC39ZwmyoybZyFOHCZZ3o7e+t9Q=|ZSP26RQPspgfWYPlDmUSHJ5C8+4= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBO58Sl069DltxV+qe5/RH0U5lfhzmCxPZkn+OtK7xaM/TUBW7AR4BSEFlB6a0H2g9mDpaLf9pcAAs2R9piOH7oE= +|1|BrKGN+8Fb97Ub11H8JmtYi3k8Ec=|U1bk8qk1QHcUyuK9Eg09fHVdlMk= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLUeUcxDMT/9EmZ5HR9ZspANuClSEuabhCXQKqudEqyatg6Zlg0mrRoNV/rG1jmw3yyBTnfACfFhSwSTWsApwp0= +|1|RHy+VvewmFiZBxA7YTv7lihtJbs=|+wm1qs6/Au0foAuYH+A3Q2lwNsY= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIh4YMXBzPm6skv/vNIM5o2fX87+BxIGBqayKN0Yt6BaTYkEUjh6YMTIjZaaRtv0OJYae50ZvA7hx0Sgcsz+pg4= +|1|chY5NZ+8E3Z2QCHvKMFulLL8Z7E=|ojACImhNSrgMtYdpCLqgISFwyiU= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIh4YMXBzPm6skv/vNIM5o2fX87+BxIGBqayKN0Yt6BaTYkEUjh6YMTIjZaaRtv0OJYae50ZvA7hx0Sgcsz+pg4= +|1|EmZ7B29Ivw6vXBlnc4XgrTLl9+8=|78a+bA6zcqZqT3mcCSA7DgfgtWQ= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEKmRybFZ/yMrtKp92N7MpKSByOo4TNm1yFa96mvH4ktgxG9Iw5LdRBELGknXZO0hRkysrblSsQ6Opu/8ZOdPuo= +|1|JzPIYF8QCrSBS4t2fVId5Ym7Kyg=|0K3icsRiZpexNkPIchHkADj+UJE= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEKmRybFZ/yMrtKp92N7MpKSByOo4TNm1yFa96mvH4ktgxG9Iw5LdRBELGknXZO0hRkysrblSsQ6Opu/8ZOdPuo= +|1|6wykuWMhStQ5Tv99aBiqb6H+zyY=|cl+8o5TNKooA36tWnHoIAOIvV4k= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEGI/UefTFGQMkNX5fjbcI6ZIwDbOvWi0Pu2NAdrnqMI7OEHbFZ2PZdyOFkOvg+r6L989kt9xX7UDC4hb7YbFXI= diff --git a/.docker/config/sudoers b/.docker/config/sudoers new file mode 100644 index 000000000..136665c47 --- /dev/null +++ b/.docker/config/sudoers @@ -0,0 +1 @@ +extranet ALL=(ALL) NOPASSWD:ALL diff --git a/.docker/docker-compose.yml b/.docker/docker-compose.yml new file mode 100644 index 000000000..31cdc12bd --- /dev/null +++ b/.docker/docker-compose.yml @@ -0,0 +1,157 @@ +version: '3.1' +services: + webserver: + container_name: extranet-httpd + build: /home/extranet/www/.docker/images/httpd + working_dir: /application + volumes: + # Files + - '/data/extranet/ftp:/ftp' + - '/home/extranet/fonts/:/fonts/' + - '/home/extranet/www/:/application/' + - '/home/extranet/share:/application/share' + - '/mnt/sshfs/godzilla/data/fluidbook/docs/:/application/fluidbook/docs/' + - '/home/toolbox/www/resources/fluidbookpublication/player:/application/fluidbook/compile/player' + - '/data/extranet/www/fluidbook/books/audiodescription:/application/fluidbook/books/audiodescription' + - '/data/extranet/www/fluidbook/books/index:/application/fluidbook/books/index' + - '/data/extranet/www/fluidbook/books/links:/application/fluidbook/books/links' + - '/mnt/sshfs/brazil/data/fluidbook/books/pdf:/application/fluidbook/books/pdf' + - '/data/extranet/www/fluidbook/books/seo:/application/fluidbook/books/seo' + - '/data/extranet/www/fluidbook/books/html5:/application/fluidbook/books/html5' + - '/data/extranet/www/fluidbook/books/working:/application/fluidbook/books/working' + - '/data/extranet/www/fluidbook/cache:/application/fluidbook/cache' + - '/data/extranet/www/fluidbook/collections:/application/fluidbook/collections' + - '/data/extranet/www/fluidbook/cover:/application/fluidbook/cover' + - '/mnt/sshfs/fluidbook:/mnt/sshfs/fluidbook' + - '/mnt/sshfs/macparis:/mnt/sshfs/macparis' + - '/mnt/sshfs/codesign:/mnt/sshfs/codesign' + - '/data/extranet/www/fluidbook/cache/nwbuild:/usr/lib/node_modules/nw-builder/cache' + - '/home/toolbox/www:/home/toolbox/www' + # Config + - '/home/extranet/www/.docker/config/httpd/httpd.conf:/usr/local/apache2/conf/httpd.conf' + ports: + - '54198:80' + environment: + VIRTUAL_HOST: exe.workshop.fluidbook.com + LETSENCRYPT_HOST: exe.workshop.fluidbook.com + networks: + - extranet + restart: unless-stopped + + webserver-nb: + container_name: extranet-httpd-nb + build: /home/extranet/www/.docker/images/httpd-nb + working_dir: /application + volumes: + # Files + - '/data/extranet/ftp:/ftp' + - '/home/extranet/fonts/:/fonts/' + - '/home/extranet/www/:/application/' + - '/home/extranet/share:/application/share' + - '/mnt/sshfs/godzilla/data/fluidbook/docs/:/application/fluidbook/docs/' + - '/home/toolbox/www/resources/fluidbookpublication/player:/application/fluidbook/compile/player' + - '/data/extranet/www/fluidbook/books/audiodescription:/application/fluidbook/books/audiodescription' + - '/data/extranet/www/fluidbook/books/index:/application/fluidbook/books/index' + - '/data/extranet/www/fluidbook/books/links:/application/fluidbook/books/links' + - '/mnt/sshfs/brazil/data/fluidbook/books/pdf:/application/fluidbook/books/pdf' + - '/data/extranet/www/fluidbook/books/seo:/application/fluidbook/books/seo' + - '/data/extranet/www/fluidbook/books/html5:/application/fluidbook/books/html5' + - '/data/extranet/www/fluidbook/books/working:/application/fluidbook/books/working' + - '/data/extranet/www/fluidbook/cache:/application/fluidbook/cache' + - '/data/extranet/www/fluidbook/collections:/application/fluidbook/collections' + - '/data/extranet/www/fluidbook/cover:/application/fluidbook/cover' + - '/mnt/sshfs/fluidbook:/mnt/sshfs/fluidbook' + - '/mnt/sshfs/macparis:/mnt/sshfs/macparis' + - '/mnt/sshfs/codesign:/mnt/sshfs/codesign' + - '/data/extranet/www/fluidbook/cache/nwbuild:/usr/lib/node_modules/nw-builder/cache' + - '/home/toolbox/www:/home/toolbox/www' + # Config + - '/home/extranet/www/.docker/config/httpd/httpd-nb.conf:/usr/local/apache2/conf/httpd.conf' + ports: + - '54842:80' + environment: + VIRTUAL_HOST: workshop.fluidbook.com, extranet.cubedesigners.com, statistics.ysl-retailhandbook.com + LETSENCRYPT_HOST: workshop.fluidbook.com, extranet.cubedesigners.com, statistics.ysl-retailhandbook.com + networks: + - extranet + restart: unless-stopped + + php-fpm: + container_name: extranet + build: /home/extranet/www/.docker/images/php + working_dir: /application + hostname: extranet + environment: + TZ: Europe/Paris + HOME: /application + volumes: + # SSH + - '/home/extranet/www/.docker/config/ssh/:/root/.ssh/' + - '/home/extranet/www/.docker/config/ssh/:/application/.ssh/' + # Composer + - '/home/extranet/www/.docker/config/composer/:/root/.config/composer/' + - '/home/extranet/www/.docker/config/composer/:/application/.config/composer/' + # NPM + - '/home/extranet/www/.docker/config/npm/:/root/.npm/' + # GIT + - '/home/extranet/www/.docker/config/gitconfig:/root/.gitconfig' + - '/home/extranet/www/.docker/config/git/:/root/.config/git/' + - '/home/extranet/www/.docker/config/git/:/application/.config/git/' + - '/home/extranet/www/.docker/config/gitconfig:/application/.gitconfig' + # Monit + - '/home/extranet/www/.docker/config/monit/:/etc/monit/' + - '/home/extranet/www/.docker/config/monit/id:/var/lib/monit/id' + # Sudo + - '/home/extranet/www/.docker/config/sudoers:/etc/sudoers.d/extranet' + # PHP + - '/home/extranet/www/.docker/config/php.ini:/etc/php/7.2/fpm/conf.d/99-overrides.ini' + # Crontab + - '/home/extranet/www/.docker/config/crontab:/etc/crontab' + # Files + - '/data/extranet/ftp:/ftp' + - '/home/extranet/fonts/:/fonts/' + - '/home/extranet/www/:/application/' + - '/home/extranet/share:/application/share' + - '/mnt/sshfs/godzilla/data/fluidbook/docs/:/application/fluidbook/docs/' + - '/home/toolbox/www/resources/fluidbookpublication/player:/application/fluidbook/compile/player' + - '/data/extranet/www/fluidbook/books/audiodescription:/application/fluidbook/books/audiodescription' + - '/data/extranet/www/fluidbook/books/index:/application/fluidbook/books/index' + - '/data/extranet/www/fluidbook/books/links:/application/fluidbook/books/links' + - '/mnt/sshfs/brazil/data/fluidbook/books/pdf:/application/fluidbook/books/pdf' + - '/data/extranet/www/fluidbook/books/seo:/application/fluidbook/books/seo' + - '/data/extranet/www/fluidbook/books/html5:/application/fluidbook/books/html5' + - '/data/extranet/www/fluidbook/books/working:/application/fluidbook/books/working' + - '/data/extranet/www/fluidbook/cache:/application/fluidbook/cache' + - '/data/extranet/www/fluidbook/collections:/application/fluidbook/collections' + - '/data/extranet/www/fluidbook/cover:/application/fluidbook/cover' + - '/mnt/sshfs/fluidbook:/mnt/sshfs/fluidbook' + - '/mnt/sshfs/macparis:/mnt/sshfs/macparis' + - '/mnt/sshfs/codesign:/mnt/sshfs/codesign' + - '/data/extranet/www/fluidbook/cache/nwbuild:/usr/lib/node_modules/nw-builder/cache' + - '/home/toolbox/www:/home/toolbox/www' + tmpfs: + #- '/tmp:mode=777,uid=1002,gid=33' + - '/var/log/extranet:uid=1002,gid=33' + ports: + - '51695:8123' + networks: + - extranet + - fluidbook-processfarm + restart: unless-stopped + + redis: + container_name: extranet-redis + image: redis + volumes: + - './redis/data:/data' + networks: + - extranet + restart: unless-stopped +networks: + extranet: + external: + name: extranet + fluidbook-processfarm: + external: + name: fluidbook-processfarm + diff --git a/.docker/images/httpd-nb/Dockerfile b/.docker/images/httpd-nb/Dockerfile new file mode 100644 index 000000000..aab8bc21c --- /dev/null +++ b/.docker/images/httpd-nb/Dockerfile @@ -0,0 +1,3 @@ +FROM httpd +RUN apt-get update && apt-get install -y --no-install-recommends nano less bash libapache2-mod-xsendfile +RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/* diff --git a/.docker/images/httpd/Dockerfile b/.docker/images/httpd/Dockerfile new file mode 100644 index 000000000..aab8bc21c --- /dev/null +++ b/.docker/images/httpd/Dockerfile @@ -0,0 +1,3 @@ +FROM httpd +RUN apt-get update && apt-get install -y --no-install-recommends nano less bash libapache2-mod-xsendfile +RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/* diff --git a/.docker/images/php/Dockerfile b/.docker/images/php/Dockerfile new file mode 100644 index 000000000..35cf1d9f4 --- /dev/null +++ b/.docker/images/php/Dockerfile @@ -0,0 +1,93 @@ +############################################ +# PHPDocker.io PHP 8.1 / CLI and FPM image # +############################################ + +FROM ubuntu:latest AS cli + +WORKDIR "/application" + +# Fixes some weird terminal issues such as broken clear / CTRL+L +ENV TERM=linux + +# Ensure apt doesn't ask questions when installing stuff +ENV DEBIAN_FRONTEND=noninteractive + +# Compile NSISbi +RUN apt update && apt -y --no-install-recommends install build-essential scons mingw-w64 zlib1g-dev curl unzip ca-certificates wget gnupg +RUN cd /root && curl -L https://master.dl.sourceforge.net/project/nsisbi/nsisbi3.08.1/nsis-code-7336-1-NSIS-trunk.zip -o /root/nsis.zip && unzip -o /root/nsis.zip && cd /root/nsis-code-7336-1-NSIS-trunk && scons SKIPUTILS="zip2exe","NSIS Menu" && scons install SKIPUTILS="zip2exe","NSIS Menu" + +# Add additional repositories +RUN curl -fsSL https://deb.nodesource.com/setup_18.x | bash - +RUN sh -c 'echo "deb [arch=amd64] https://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list' +RUN wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - +RUN echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu jammy main" > /etc/apt/sources.list.d/ondrej-php.list \ + && apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 4F4EA0AAE5267A6C + +RUN apt-get update && apt-get -y --no-install-recommends install \ + git \ + php7.2-fpm \ + php7.2-apcu \ + php7.2-cli \ + php7.2-curl \ + php7.2-mbstring \ + php7.2-opcache \ + php7.2-readline \ + php7.2-xml \ + php7.2-zip \ + php7.2-bz2 \ + php7.2-gd \ + php7.2-igbinary \ + php7.2-imap \ + php7.2-imagick \ + php7.2-intl \ + php7.2-memcached \ + php7.2-mysql \ + php7.2-redis \ + php7.2-soap \ + php7.2-ssh2 \ + php7.2-tidy \ + php7.2-xsl \ + php7.2-curl \ + php7.2-mcrypt \ + less nano wget bash lynx + +COPY --from=composer:2 /usr/bin/composer /usr/bin/composer +STOPSIGNAL SIGQUIT + +# Toolbox +RUN apt-get -y --no-install-recommends install nodejs google-chrome-stable +RUN apt-get -y --no-install-recommends install sudo +RUN apt-get -y --no-install-recommends install supervisor ssh rsync +RUN apt-get -y --no-install-recommends install default-jre pdftk poppler-utils inkscape mupdf-tools ghostscript imagemagick netpbm libjpeg-turbo8 libjpeg-turbo-progs +RUN apt-get -y --no-install-recommends install zip unzip gzip 7zip +RUN apt-get -y --no-install-recommends install icoutils fontforge icnsutils +RUN apt-get -y --no-install-recommends install ffmpeg python3 lame x264 vorbis-tools +RUN apt-get -y --no-install-recommends install inkscape mupdf-tools librsvg2-bin +RUN apt-get -y --no-install-recommends install cron monit locate +RUN apt-get -y --no-install-recommends install build-essential chrpath libssl-dev libxft-dev libfreetype6 libfreetype6-dev libfontconfig1 libfontconfig1-dev +RUN apt-get -y --no-install-recommends install libreoffice +RUN apt-get -y --no-install-recommends install sshfs lftp + +RUN cd /root;wget https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-2.1.1-linux-x86_64.tar.bz2;tar xvjf phantomjs-2.1.1-linux-x86_64.tar.bz2;mv phantomjs-2.1.1-linux-x86_64 /usr/local/share;ln -sf /usr/local/share/phantomjs-2.1.1-linux-x86_64/bin/phantomjs /usr/local/bin +RUN cd /root;wget https://github.com/nwutils/Web2Executable/releases/download/v0.7.1b/Web2ExeLinux-CMD.zip;unzip Web2ExeLinux-CMD.zip;mv Web2ExeLinux-CMD /usr/local/web2exe +RUN cd /root;wget https://github.com/RazrFalcon/svgcleaner/releases/download/v0.9.5/svgcleaner_linux_x86_64_0.9.5.tar.gz; tar xvzf svgcleaner_linux_x86_64_0.9.5.tar.gz;mv svgcleaner /usr/local/bin + +RUN curl -L https://github.com/yt-dlp/yt-dlp/releases/latest/download/yt-dlp -o /usr/local/bin/yt-dlp + +RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/* + +RUN groupadd fluidbook;groupadd sudo;useradd -d /application -g 33 -G sudo -s /bin/bash -u 1002 extranet +ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD true +RUN npm install --unsafe-perm --global uglify-js less sass puppeteer favicons nw-builder@3.5.7 + +# PHP-FPM packages need a nudge to make them docker-friendly +COPY overrides.conf /etc/php/7.2/fpm/pool.d/z-overrides.conf + +COPY startup /usr/bin/startup +RUN chmod 0755 /usr/bin/startup +CMD exec /usr/bin/startup + +# Open up fcgi port +EXPOSE 9000 +EXPOSE 9001 +EXPOSE 8123 diff --git a/.docker/images/php/overrides.conf b/.docker/images/php/overrides.conf new file mode 100644 index 000000000..044d0833f --- /dev/null +++ b/.docker/images/php/overrides.conf @@ -0,0 +1,68 @@ +[global] +; Override default pid file +pid = /run/php-fpm.pid + +; Avoid logs being sent to syslog +error_log = /proc/self/fd/2 + +; Set this to php default's max_execution_time to allow children to stop gracefully when fpm is commanded to stop +; This helps avoiding 502's +process_control_timeout = 30 + +; Do not daemonize (eg send process to the background) +daemonize = no + +[www] +; Access from webserver container is via network, not socket file +listen = [::]:9000 + +; Redirect logs to stdout - FPM closes /dev/std* on startup +access.log = /proc/self/fd/1 +catch_workers_output = yes + +; Remove "pool www" decoration from log output (older phpdocker.io containers for php use sed for this) +; decorate_workers_output = no + +; Required to allow config-by-environment +clear_env = no + +user = 1002 +group = 33 + +pm = dynamic +pm.max_children = 400 +pm.start_servers = 50 +pm.min_spare_servers = 40 +pm.max_spare_servers = 100 +pm.max_requests = 500 + +[nonblocking] +; Access from webserver container is via network, not socket file +listen = [::]:9001 + +; Redirect logs to stdout - FPM closes /dev/std* on startup +access.log = /proc/self/fd/1 +catch_workers_output = yes + +; Remove "pool www" decoration from log output (older phpdocker.io containers for php use sed for this) +; decorate_workers_output = no + +; Required to allow config-by-environment +clear_env = no + +user = 1002 +group = 33 + +pm = dynamic +pm.max_children = 400 +pm.start_servers = 50 +pm.min_spare_servers = 40 +pm.max_spare_servers = 100 +pm.max_requests = 500 + +php_admin_value[session.save_handler] = redis +php_admin_value[session.save_path] = tcp://extranet-redis:6379 +php_admin_flag[redis.session.locking_enabled] = off +php_admin_value[redis.session.lock_expire] = 60 +php_admin_value[redis.session.lock_retries] = -1 +php_admin_value[redis.session.lock_wait_time] = 2000 \ No newline at end of file diff --git a/.docker/images/php/startup b/.docker/images/php/startup new file mode 100644 index 000000000..7bd4e78da --- /dev/null +++ b/.docker/images/php/startup @@ -0,0 +1,16 @@ +#!/bin/sh + +chown -R root:root /etc/sudoers.d +#/usr/sbin/service supervisor start +chmod 0644 /etc/crontab && crontab -u root /etc/crontab && /usr/sbin/service cron start +#chown -R toolbox:www-data /application/storage/framework + +# Mount sshfs + + +# Launch monit +chmod -R 700 /etc/monit;chown -R root:root /etc/monit;/usr/bin/monit +sudo chmod -R 777 /etc/monit + +# PHP +/usr/sbin/php-fpm7.2 -O diff --git a/.docker/update b/.docker/update new file mode 100644 index 000000000..48d2d518d --- /dev/null +++ b/.docker/update @@ -0,0 +1,10 @@ +#!/bin/sh +cd /docker/extranet +chown -R extranet:www-data /home/extranet +chown -R extranet:www-data /data/extranet +chmod -R 774 /home/extranet/www/fluidbook/themes3 +chmod -R 777 /home/extranet/share +docker network create extranet +./build +docker compose down +docker compose up -d diff --git a/.htaccess b/.htaccess index b0d961552..1ab9096d5 100644 --- a/.htaccess +++ b/.htaccess @@ -42,18 +42,18 @@ AddCharset UTF-8 log RewriteCond %{HTTP_USER_AGENT} Chrome/87 RewriteRule ^(.*)$ https://exe.workshop.fluidbook.com/$1 [R=301,L] - RewriteCond %{HTTPS} off - RewriteCond %{HTTP_HOST} workshop.fluidbook.com - RewriteCond %{REQUEST_URI} !^/s/ - RewriteCond %{REQUEST_URI} !^/services/ - RewriteCond %{REQUEST_URI} !^/fluidbook/mailer/ - RewriteCond %{REQUEST_URI} !^/tools/ - RewriteCond %{REQUEST_URI} !^/crossdomain.xml - RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] - - RewriteCond %{HTTPS} off - RewriteCond %{HTTP_HOST} extranet.cubedesigners.com - RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] +# RewriteCond %{HTTPS} off +# RewriteCond %{HTTP_HOST} workshop.fluidbook.com +# RewriteCond %{REQUEST_URI} !^/s/ +# RewriteCond %{REQUEST_URI} !^/services/ +# RewriteCond %{REQUEST_URI} !^/fluidbook/mailer/ +# RewriteCond %{REQUEST_URI} !^/tools/ +# RewriteCond %{REQUEST_URI} !^/crossdomain.xml +# RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] + +# RewriteCond %{HTTPS} off +# RewriteCond %{HTTP_HOST} extranet.cubedesigners.com +# RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] RewriteRule (.{255,}) index.php/$1 [L,QSA] diff --git a/composer.json b/composer.json index d24358734..59017d416 100644 --- a/composer.json +++ b/composer.json @@ -19,6 +19,7 @@ "php-mime-mail-parser/php-mime-mail-parser": "2.11.1", "jaybizzle/crawler-detect": "^1.2", "hollodotme/fast-cgi-client": "^3.1", - "cubist/azuretts": "dev-master" + "cubist/azuretts": "dev-master", + "ext-zip": "*" } } diff --git a/fluidbook/tools/convert.pe b/fluidbook/tools/convert.pe index 8c996083f..20074e8ef 100644 --- a/fluidbook/tools/convert.pe +++ b/fluidbook/tools/convert.pe @@ -1,4 +1,4 @@ -#!/usr/local/bin/fontforge +#!/usr/bin/fontforge Open($1) Print("Open font ",$1) Print("Em size : ",$em); diff --git a/fluidbook/tools/convertrn.pe b/fluidbook/tools/convertrn.pe index 76065047d..1f9b1c5bd 100644 --- a/fluidbook/tools/convertrn.pe +++ b/fluidbook/tools/convertrn.pe @@ -1,4 +1,4 @@ -#!/usr/local/bin/fontforge +#!/usr/bin/fontforge Open($1) Print("Open font ",$1) SetOS2Value("FSType",0); diff --git a/fluidbook/tools/descriptors.pe b/fluidbook/tools/descriptors.pe index 9ed55d740..473a6ce9a 100644 --- a/fluidbook/tools/descriptors.pe +++ b/fluidbook/tools/descriptors.pe @@ -1,4 +1,4 @@ -#!/usr/local/bin/fontforge +#!/usr/bin/fontforge Open($1) Print("Open font ",$1) diff --git a/fluidbook/tools/fwstk.sh b/fluidbook/tools/fwstk.sh index 30d3c16c6..15c55586e 100644 --- a/fluidbook/tools/fwstk.sh +++ b/fluidbook/tools/fwstk.sh @@ -1,2 +1,2 @@ #!/bin/sh -/usr/lib/jvm/java-8-openjdk-amd64/bin/java -jar /home/extranet/www/fluidbook/tools/fwstk/out/artifacts/fwstk_jar/fwstk.jar $* \ No newline at end of file +java -jar /application/fluidbook/tools/fwstk/out/artifacts/fwstk_jar/fwstk.jar $* \ No newline at end of file diff --git a/fluidbook/tools/social_screenshot/social_screenshot.js b/fluidbook/tools/social_screenshot/social_screenshot.js index 74bc116fe..645b04ccd 100644 --- a/fluidbook/tools/social_screenshot/social_screenshot.js +++ b/fluidbook/tools/social_screenshot/social_screenshot.js @@ -11,7 +11,14 @@ const optionDefinitions = [ (async () => { const options = commandLineArgs(optionDefinitions); - const browser = await puppeteer.launch({headless: true}); + const browser = await puppeteer.launch({ + headless: true, + args: [ + "--disable-setuid-sandbox", + "--no-sandbox", + ], + executablePath: 'google-chrome-stable', + }); const page = await browser.newPage(); page.on('console', msg => console.log('PAGE LOG:', msg._text)); await page.setViewport({ diff --git a/fluidbook/tools/webvideo b/fluidbook/tools/webvideo index 7eded7b9a..0a0791f7c 100644 --- a/fluidbook/tools/webvideo +++ b/fluidbook/tools/webvideo @@ -17,7 +17,7 @@ then echo echo - /usr/local/bin/ffmpeg -i $1 -y -r 1 -ss 00:00:04 -t 00:00:01 -f image2 $jpg + /usr/bin/ffmpeg -i $1 -y -r 1 -ss 00:00:04 -t 00:00:01 -f image2 $jpg fi @@ -30,7 +30,7 @@ then echo echo - /usr/local/bin/ffmpeg -i $1 -y -r 1 -ss 00:00:00 -t 00:00:01 -f image2 $jpg + /usr/bin/ffmpeg -i $1 -y -r 1 -ss 00:00:00 -t 00:00:01 -f image2 $jpg fi echo 'mp4' diff --git a/inc/commons/class.common.tools.php b/inc/commons/class.common.tools.php index a2983b614..82750303a 100644 --- a/inc/commons/class.common.tools.php +++ b/inc/commons/class.common.tools.php @@ -1308,7 +1308,7 @@ class commonTools public static function youtubedll() { $e = explode("\r", $_POST['list']); - $dir = '/data/extranet/www/cache/youtubedl'; + $dir = '/application/cache/youtubedl'; $paths = []; foreach ($e as $item) { $item = trim($item); @@ -1319,7 +1319,7 @@ class commonTools } - $zipPath = '/data1/extranet/www/cache/youtubedl/batch-' . rand(1, 10000000000) . '.zip'; + $zipPath = '/application/cache/youtubedl/batch-' . rand(1, 10000000000) . '.zip'; CubeIT_Util_Zip::archive($paths, $zipPath); header('Content-Type: application/zip'); @@ -1336,7 +1336,7 @@ class commonTools header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . $path . '"'); - header('X-SendFile: ' . '/data1/extranet/www/cache/youtubedl' . $path); + header('X-SendFile: ' . '/application/cache/youtubedl' . $path); ob_end_clean(); exit; } @@ -1344,7 +1344,7 @@ class commonTools public static function _youtubedl($url, $ch264 = false) { set_time_limit(0); - $dir = '/data/extranet/www/cache/youtubedl/'; + $dir = '/application/cache/youtubedl/'; $opts = ' -f \'bestvideo[ext=mp4]+bestaudio[ext=m4a]/mp4\' -o \'%(id)s-%(title)s.%(ext)s\' --restrict-filenames '; $fname = trim(`youtube-dl --get-filename $opts $url`); diff --git a/inc/config.inc.php b/inc/config.inc.php index 627e3109b..c8fb348dc 100644 --- a/inc/config.inc.php +++ b/inc/config.inc.php @@ -3,27 +3,27 @@ define('DB_DRIVER', 'mysql'); define('DB_ENGINE', 'MyISAM'); -$scheme = isset($_SERVER['REQUEST_SCHEME']) ? $_SERVER['REQUEST_SCHEME'] : 'http'; +$scheme = $_SERVER['HTTP_X_FORWARDED_PROTO'] ?? $_SERVER['REQUEST_SCHEME'] ?? 'http'; define('ROOT', realpath(dirname(__FILE__) . '/..')); define('WEBROOT', ''); define('SITE_PATH', WEBROOT . '/'); -define('FONT_PATH', ROOT . '/fluidbook/fonts/'); -define('FTPROOT', '/data1/extranet/ftp/'); +define('FONT_PATH', '/fonts/'); +define('FTPROOT', '/ftp/'); define('WINDOWS', false); -define('CONVERTER_PATH', '/data/extranet/www/fluidbook/tools:/usr/local/flex:/usr/local/scour'); -define('MXMLC_PATH', '/usr/local/flex/bin/mxmlc'); -define('MXMLC_PATH_3', '/usr/local/flex_sdk_3.6/bin/mxmlc'); -define('AS3_SOURCES', '/home/as/sources/as/as3'); -define('AS3_FLUIDBOOK_SOURCES', '/home/as/sources/fluidbook'); -define('PHONEGAP_PLUGINS', '/home/as/sources/phonegap-plugins'); -define('SSH_KEY', '/data/extranet/.ssh/id_rsa'); +define('CONVERTER_PATH', '/application/fluidbook/tools:/usr/local/flex:/usr/local/scour'); +//define('MXMLC_PATH', '/usr/local/flex/bin/mxmlc'); +//define('MXMLC_PATH_3', '/usr/local/flex_sdk_3.6/bin/mxmlc'); +//define('AS3_SOURCES', '/home/as/sources/as/as3'); +//define('AS3_FLUIDBOOK_SOURCES', '/home/as/sources/fluidbook'); +//define('PHONEGAP_PLUGINS', '/home/as/sources/phonegap-plugins'); +define('SSH_KEY', '/application/.ssh/id_rsa'); define('MONITOR_PERFS', true); -define('PLAYER_SOURCES', AS3_SOURCES . '/com/fluidbook/player'); -define('COMPOSER_SOURCES', AS3_SOURCES . '/com/fluidbook/ws'); +//define('PLAYER_SOURCES', AS3_SOURCES . '/com/fluidbook/player'); +//define('COMPOSER_SOURCES', AS3_SOURCES . '/com/fluidbook/ws'); // Workshop define('THEMES', WEBROOT . '/fluidbook/themes/'); define('ICONS', WEBROOT . '/fluidbook/icones/'); diff --git a/inc/postconfig.inc.php b/inc/postconfig.inc.php index 1517beea4..7bab2217c 100644 --- a/inc/postconfig.inc.php +++ b/inc/postconfig.inc.php @@ -29,7 +29,7 @@ define('DEV', $dev); define('SERVER', 'alien'); //define('DB_HOST', '127.0.0.1'); -define('DB_HOST', '127.0.0.1:12330'); +define('DB_HOST', 'fluidbook-toolbox-mariadb'); //define('DB_HOST', ':/var/run/mysqld/mysqld.sock'); define('AMARCORD', false); define('DB_NAME', 'extranet_clean'); diff --git a/inc/ws/Controlleur/class.ws.ajax.php b/inc/ws/Controlleur/class.ws.ajax.php index df8258183..91f0e0541 100644 --- a/inc/ws/Controlleur/class.ws.ajax.php +++ b/inc/ws/Controlleur/class.ws.ajax.php @@ -720,7 +720,7 @@ class wsAjax extends cubeAjax $exporter = new wsExporter(); file_put_contents(WS_CACHE . '/' . $_POST['book_id'] . '.post.options', print_r($_POST, true)); - $exporter->export($_POST['book_id'], $x, $_POST['action'], $_POST['version'], $dest['dir'], $dest['file'], $_POST['options']); + $exporter->export($_POST['book_id'], $x, $_POST['action'], $_POST['version'], $dest['dir'], $dest['file'], $_POST['options'] ?? []); $x->addClosePopup(); } @@ -792,7 +792,7 @@ class wsAjax extends cubeAjax $defaultDestination['dir'] = cubeText::str2URL($book->nom); } - if ($defaultDestination['file'] == '') { + if (!isset($defaultDestination['file']) || $defaultDestination['file'] == '') { $defaultDestination['file'] = cubeText::str2URL($book->nom) . '.' . $format; } diff --git a/inc/ws/Controlleur/class.ws.conversion.session.php b/inc/ws/Controlleur/class.ws.conversion.session.php index 6dfe41916..5a2730b4d 100644 --- a/inc/ws/Controlleur/class.ws.conversion.session.php +++ b/inc/ws/Controlleur/class.ws.conversion.session.php @@ -20,7 +20,7 @@ class wsConversionSession protected $processedDoc = 0; protected $bookId = null; public $reload = false; - protected $nb_threads = 8; + protected $nb_threads = 16; protected $threads; public function __construct($guid) @@ -239,7 +239,7 @@ class wsConversionSession public static function getCachePath($guid) { - return CACHE . '/conversionSessions/' . $guid . '.obj'; + return '/tmp/conversion-session.' . $guid . '.obj'; } } \ No newline at end of file diff --git a/inc/ws/Controlleur/class.ws.flash.php b/inc/ws/Controlleur/class.ws.flash.php index e390f6107..993fe6fb2 100644 --- a/inc/ws/Controlleur/class.ws.flash.php +++ b/inc/ws/Controlleur/class.ws.flash.php @@ -147,11 +147,12 @@ class wsFlash extends cubeFlashGateway } $session->serialize(); - $executable = '/usr/bin/php7.2'; - if (AMARCORD) { - $executable = '/usr/bin/php5.6'; - } - $php = new cubeCommandLine($executable); +// $url = 'https://' . $_SERVER['HTTP_HOST'] . '/flash/processConversionSessionAsync?user_email=' . urlencode($_SESSION['user_email']) . '&user_password=' . urlencode($_SESSION['user_password']) . '&sessionConversionGUID=' . urlencode($sessionConversionGUID); +// wsMaintenance::timeoutRequest($url, $async ? 1 : 7200); +// error_log($url); + + + $php = new cubeCommandLine('php'); $php->setPath(CONVERTER_PATH); $php->setArg('f', ROOT . '/index.php'); $php->setArg('d', 'memory_limit=4G'); @@ -166,10 +167,8 @@ class wsFlash extends cubeFlashGateway $php->setNohup(true); } $php->execute('exec'); - - file_put_contents(ROOT . '/../log/processConversionSession.txt', print_r($session) . "\n" . $php->commande . "\n" . $php->output); - - $this->xml->addChild('command', html::escapeHTML($php->command)); + error_log($php->commande . ' // ' . $php->output . ' // ' . print_r($session, true)); + $this->xml->addChild('command', html::escapeHTML($php->commande)); if ($async) { exit; } @@ -182,7 +181,7 @@ class wsFlash extends cubeFlashGateway $conversion = wsConversionSession::openFromGUID($_REQUEST['sessionConversionGUID']); $conversion->process(); } catch (Exception $e) { - file_put_contents(CACHE . '/conversionExceptions.txt', print_r($e, true), FILE_APPEND); + die($e->getMessage() . ' at line ' . $e->getLine() . ' (' . $e->getMessage() . ')'); } $conversion->destroy(); } @@ -208,7 +207,7 @@ class wsFlash extends cubeFlashGateway } $fname = $this->args['fieldname'] . '_' . cubeFiles::tidyName($infos['name']); - $tmp = '/data1/extranet/tmp/' . $fname; + $tmp = '/application/share/' . $fname; move_uploaded_file($infos['tmp_name'], $tmp); $api = new ws3API(); @@ -260,7 +259,7 @@ class wsFlash extends cubeFlashGateway $this->_rmSymLink($orig); $this->_rmSymLink($dest); $this->_rmSymLink($png); - `/usr/local/bin/svgcleaner $orig $dest`; + `svgcleaner $orig $dest`; if (!file_exists($dest)) { copy($orig, $dest); } @@ -755,6 +754,7 @@ class wsFlash extends cubeFlashGateway $this->xml->addChild('title', htmlspecialchars($book->nom)); $this->xml->addChild('date', $book->changedate); $this->xml->addChild('lang', $book->lang); + $this->xml->addChild('export', htmlspecialchars($book->exportdatas)); $this->xml->addChild('settings', htmlspecialchars(json_encode($book->parametres->toArray()))); } diff --git a/inc/ws/Controlleur/class.ws.maintenance.php b/inc/ws/Controlleur/class.ws.maintenance.php index be72d4cd5..3dce1237c 100644 --- a/inc/ws/Controlleur/class.ws.maintenance.php +++ b/inc/ws/Controlleur/class.ws.maintenance.php @@ -25,7 +25,7 @@ class wsMaintenance $crop = $root . 'crop.pdf'; if (file_exists($original) && file_exists($crop) && filesize($original) == filesize($crop)) { `rm $crop`; - `cd $root;ln -s original.pdf crop.pdf`; + `cd $root;ln -sf original.pdf crop.pdf`; echo $root . '
'; } } @@ -470,7 +470,7 @@ class wsMaintenance public static function compress() { - `gzip /home/extranet/www/fluidbook/docs/*/p*.csv`; + `gzip /application/fluidbook/docs/*/p*.csv`; `gzip /home/extranet/www/fluidbook/docs/*/*.txt`; } @@ -1320,7 +1320,7 @@ class wsMaintenance $cl = new CubeIT_CommandLine('/usr/local/web2exe/web2exe-linux'); $cl->setPath(CONVERTER_PATH); - $cl->setEnv('TMPDIR', '/home/extranetfiles/tmp'); + $cl->setEnv('TMPDIR', '/tmp'); $cl->setLongArgumentSeparator(' '); $cl->setArg('export-to', $p); $cl->setArg('uncompressed-folder'); @@ -1471,9 +1471,12 @@ class wsMaintenance $book = $dao->selectById($book_id); $count = $book->parametres->pages; + if (!$count) { + return; + } $allPages = range(1, $count); - $coef = wsDocument::isFarmUser() ? 2 : 0.25; + $coef = wsDocument::isFarmUser() ? 4 : 0.25; $it = round($coef * max(4, min(12, ceil($count / 20)))); shuffle($allPages); @@ -1764,13 +1767,16 @@ class wsMaintenance $path = $doc->getFile($page, $file[0], $file[1], $file[2], $file[3], $file[4], true); echo '

' . $path . '

'; $path = str_replace('/data1/extranet/www/', 'https://workshop.fluidbook.com/', $path); + $path = str_replace('/home/extranet/www/', 'https://workshop.fluidbook.com/', $path); + $path = str_replace('/application/', 'https://workshop.fluidbook.com/', $path); echo ''; } } - public function updateHTML5Source(){ + public function updateHTML5Source() + { echo file_get_contents('https://toolbox.fluidbook.com/openmaintenance/updatesources'); } } diff --git a/inc/ws/Controlleur/class.ws.services.php b/inc/ws/Controlleur/class.ws.services.php index fbec6deec..6be12afaf 100644 --- a/inc/ws/Controlleur/class.ws.services.php +++ b/inc/ws/Controlleur/class.ws.services.php @@ -359,7 +359,7 @@ class wsServices extends cubeFlashGateway if (is_null($book)) { $book = $this->callArgs[0]; - $range = $this->callArgs[1]; + $range = $this->callArgs[1]??''; } $daoBook = new wsDAOBook($core->con); @@ -478,7 +478,7 @@ class wsServices extends cubeFlashGateway public function e() { $this->args['cid'] = $this->callArgs[0]; - $this->args['range'] = $this->callArgs[1]; + $this->args['range'] = $this->callArgs[1] ?? ''; return $this->exportpdf(false, false); } @@ -486,14 +486,14 @@ class wsServices extends cubeFlashGateway { $this->outputXML = false; $this->args['cid'] = $this->callArgs[0]; - $this->args['range'] = $this->callArgs[1]; + $this->args['range'] = $this->callArgs[1] ?? ''; return $this->exportpdf(false, true); } public function p() { $this->args['cid'] = $this->callArgs[0]; - $this->args['range'] = $this->callArgs[1]; + $this->args['range'] = $this->callArgs[1] ?? ''; return $this->exportpdf(true, true); } @@ -1341,7 +1341,7 @@ class wsServices extends cubeFlashGateway $current_cell_style = $sheet->getStyleByColumnAndRow($column_index, $current_row); - switch($column_key) { + switch ($column_key) { case 'EAN': // Ensure EAN doesn't contain commas (it's a number, not a string) $EAN = str_replace(',', '', $cart_item[$column_key]); $sheet->setCellValueByColumnAndRow($column_index, $current_row, $EAN); @@ -1458,7 +1458,7 @@ class wsServices extends cubeFlashGateway try { print_r($mail->send($transport)); $result['success'] = true; - } catch (Exception $e){ + } catch (Exception $e) { error_log('#### CFOC: Failed sending message via Mailjet ####'); error_log('ERROR: ' . $e->getMessage()); $result['success'] = false; @@ -1524,7 +1524,7 @@ class wsServices extends cubeFlashGateway $current_cell_style = $sheet->getStyleByColumnAndRow($column_index, $current_row); - switch($column_key) { + switch ($column_key) { case 'ARTICLE CODE': // Explicitly store ARTICLE CODE as text in order to preserve any leading zeros $sheet->setCellValueExplicitByColumnAndRow($column_index, $current_row, $cart_item[$column_key], PHPExcel_Cell_DataType::TYPE_STRING); break; @@ -1608,7 +1608,7 @@ class wsServices extends cubeFlashGateway $default_bastide_address = 'web@hcm-medical.fr'; // Fallback address + destination for all BCC messages - switch(strtolower($recipient_code)) { + switch (strtolower($recipient_code)) { case 'co-guadeloupe': $email_for_bastide = 'commercial@bastide-guadeloupe.com'; break; @@ -1663,7 +1663,7 @@ class wsServices extends cubeFlashGateway 'application/pdf', Zend_Mime::DISPOSITION_ATTACHMENT, Zend_Mime::ENCODING_BASE64, - $attachment_basename . '.pdf' + $attachment_basename . '.pdf' ); // Back to setting up the mail for Bastide @@ -1673,7 +1673,7 @@ class wsServices extends cubeFlashGateway 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', Zend_Mime::DISPOSITION_ATTACHMENT, Zend_Mime::ENCODING_BASE64, - $attachment_basename . '.xlsx' + $attachment_basename . '.xlsx' ); // When the recipient isn't the default Bastide address, we add them in as a BCC so they can track the messages @@ -1687,7 +1687,7 @@ class wsServices extends cubeFlashGateway $mail_to_bastide->send($transport); $mail_to_user->send($transport); $result['success'] = true; - } catch (Exception $e){ + } catch (Exception $e) { error_log('#### Bastide: Failed sending message via Mailjet ####'); error_log('ERROR: ' . $e->getMessage()); $result['success'] = false; diff --git a/inc/ws/Metier/class.ws.document.php b/inc/ws/Metier/class.ws.document.php index b49badb6e..60cef9da5 100644 --- a/inc/ws/Metier/class.ws.document.php +++ b/inc/ws/Metier/class.ws.document.php @@ -294,7 +294,7 @@ class wsDocument extends cubeMetier public function lnCrop() { $root = dirname($this->cropped); - `cd $root;ln -s fixed.pdf crop.pdf`; + `cd $root;ln -sf fixed.pdf crop.pdf`; } public function parseInfos($data) @@ -448,7 +448,7 @@ class wsDocument extends cubeMetier public static function getFarmServers() { if (null === self::$_farmServers) { - self::$_farmServers = json_decode(file_get_contents('/home/extranet/toolbox/storage/fluidbookfarm/servers'), true); + self::$_farmServers = json_decode(file_get_contents('/home/toolbox/www/storage/fluidbookfarm/servers'), true); } return self::$_farmServers; } @@ -456,7 +456,7 @@ class wsDocument extends cubeMetier public static function pickOneFarmServer() { $hat = []; - $pings = json_decode(file_get_contents('/home/extranet/toolbox/storage/fluidbookfarm/pings')); + $pings = json_decode(file_get_contents('/home/toolbox/www/storage/fluidbookfarm/pings')); foreach (self::getFarmServers() as $k => $farmServer) { if (!isset($pings[$k]) || !$pings[$k]) { @@ -501,6 +501,7 @@ class wsDocument extends cubeMetier } else { $o = $output; } + $o = str_replace('/data1/extranet/www/', '/application/', $o); if (file_exists($o)) { $res = $o; } else { diff --git a/inc/ws/Util/class.ws.exporter.php b/inc/ws/Util/class.ws.exporter.php index 90777c176..9d9aaa802 100644 --- a/inc/ws/Util/class.ws.exporter.php +++ b/inc/ws/Util/class.ws.exporter.php @@ -497,7 +497,7 @@ class wsExporter }*/ $cl = new CubeIT_CommandLine_Rsync($src, $dest, $erase); - $cl->setProg('/usr/bin/rsync'); + $cl->setProg('rsync'); $cl->execute(); if (!is_null($chown)) { `chown -R $chown $dest`; diff --git a/inc/ws/Util/class.ws.pdf.convert.php b/inc/ws/Util/class.ws.pdf.convert.php index 4984f8475..7f6158a92 100644 --- a/inc/ws/Util/class.ws.pdf.convert.php +++ b/inc/ws/Util/class.ws.pdf.convert.php @@ -326,7 +326,7 @@ no-reuse-images if (file_exists($tmp)) { if ($format === 'jpg') { - $cjpeg = new cubeCommandLine('/opt/mozjpeg/bin/cjpeg', null, true); + $cjpeg = new cubeCommandLine('cjpeg', null, true); $cjpeg->setArg('-quality ' . ($quality)); $cjpeg->setArg('-outfile ' . $out); $cjpeg->setArg(null, $tmp); @@ -355,9 +355,7 @@ no-reuse-images mkdir($dir, 0777, true); } $image = $dir . '/p' . $page . '.' . $format; - $mtime = filemtime($image); - - if (!file_exists($image) || $mtime < filemtime(__FILE__) || $mtime < filemtime($pdf)) { + if (!file_exists($image) || filemtime($image) < filemtime(__FILE__) || filemtime($image) < filemtime($pdf)) { wsPDFConvert::makeMiniShot($pdf, $image, $page, $format); } diff --git a/inc/ws/Util/class.ws.tools.php b/inc/ws/Util/class.ws.tools.php index 57701cfbc..e6b52254f 100644 --- a/inc/ws/Util/class.ws.tools.php +++ b/inc/ws/Util/class.ws.tools.php @@ -76,7 +76,7 @@ class wsTools public static function _optimizeSVG($in, $out) { - $cmd = "timeout -s 1 120 /usr/local/bin/svgcleaner --allow-bigger-file --paths-coordinates-precision 3 --copy-on-error --stdout $in"; + $cmd = "timeout -s 1 120 svgcleaner --allow-bigger-file --paths-coordinates-precision 3 --copy-on-error --stdout $in"; $svg = `$cmd`; if ($svg == '') { $svg = file_get_contents($in); diff --git a/inc/ws/Util/html5/icon-bar/class.ws.html5.compiler.php b/inc/ws/Util/html5/icon-bar/class.ws.html5.compiler.php index 199796540..f6781ea42 100644 --- a/inc/ws/Util/html5/icon-bar/class.ws.html5.compiler.php +++ b/inc/ws/Util/html5/icon-bar/class.ws.html5.compiler.php @@ -1552,7 +1552,7 @@ class wsHTML5Compiler if (file_exists($tmp) && filesize($tmp) > 0) { if ($hasNonMin) { - $uglify = new CubeIT_CommandLine('/usr/local/bin/uglifyjs'); + $uglify = new CubeIT_CommandLine('uglifyjs'); $uglify->setArg('o', $minimized); $uglify->setArg(null, $tmp); $uglify->execute(); @@ -2085,7 +2085,7 @@ class wsHTML5Compiler // Less files must be copied to temporary directory so they'll // have access to the variables generated in book-variables.less copy($source_less, $destination_less); - $less = new CubeIT_CommandLine('/usr/local/bin/lessc'); + $less = new CubeIT_CommandLine('lessc'); $less->setArg(null, $destination_less); $less->setArg(null, $destination_css); $less->execute(); diff --git a/inc/ws/Util/html5/master/class.ws.html5.compiler.php b/inc/ws/Util/html5/master/class.ws.html5.compiler.php index 2c8c775f2..1427826f7 100644 --- a/inc/ws/Util/html5/master/class.ws.html5.compiler.php +++ b/inc/ws/Util/html5/master/class.ws.html5.compiler.php @@ -1012,7 +1012,7 @@ class wsHTML5Compiler { $currenttime = microtime(true); if (null === $this->logfp) { - $this->logfp = fopen('/var/log/extranet/htmlconversions/' . $this->book_id . '.log', 'w+'); + $this->logfp = fopen('/var/log/extranet/htmlconversion-' . $this->book_id . '.log', 'w+'); } if (null === $this->logtime) { $this->logtime = $currenttime; @@ -2374,6 +2374,11 @@ height="0" width="0" style="display:none;visibility:hidden"> if (in_array($linkData['type'], $ignore)) { continue; } + + if (!isset($linkData['uid'])) { + $linkData['uid'] = wsHTML5Link::generateUID(); + } + if ($linkData['uid'] === 'slider') { $linkData['page'] = 'background'; } @@ -2737,7 +2742,7 @@ height="0" width="0" style="display:none;visibility:hidden"> if (file_exists($tmp) && filesize($tmp) > 0) { if ($hasNonMin) { - $uglify = new CubeIT_CommandLine('/usr/local/bin/uglifyjs'); + $uglify = new CubeIT_CommandLine('uglifyjs'); $uglify->setArg('o', $minimized); $uglify->setArg(null, $tmp); $uglify->execute(); @@ -3266,13 +3271,13 @@ height="0" width="0" style="display:none;visibility:hidden"> // Less files must be copied to temporary directory so they'll // have access to the variables generated in book-variables.less copy($source_less, $destination_less); - $less = new CubeIT_CommandLine('/usr/local/bin/lessc'); + $less = new CubeIT_CommandLine('lessc'); $less->setArg(null, $destination_less); $less->setArg(null, $destination_css); $less->execute(); $less->debug(); if (!file_exists($destination_css)) { - die($less->output); + die('!!' . $less->commande . ' ' . $less->output); continue; } $this->vdir->copy($destination_css, 'style/' . $f . '.css'); diff --git a/inc/ws/Util/html5/master/class.ws.html5.links.php b/inc/ws/Util/html5/master/class.ws.html5.links.php index cbe982e4f..f6273670e 100644 --- a/inc/ws/Util/html5/master/class.ws.html5.links.php +++ b/inc/ws/Util/html5/master/class.ws.html5.links.php @@ -1643,12 +1643,12 @@ class webVideoLink extends videoLink } } - public static function makeVideoTag($link, $width, $height, $compiler = null) + public static function makeVideoTag($linkDatas, $w=null, $h=null, $compiler = null) { - if ($link->video_service == 0) { - return parent::makeVideoTag($link, $width, $height, $compiler); + if ($linkDatas->video_service == 0) { + return parent::makeVideoTag($linkDatas, $w, $h, $compiler); } - return self::getEmbed($link); + return self::getEmbed($linkDatas); } } diff --git a/inc/ws/Util/packager/class.ws.packager.mac.exe.html.php b/inc/ws/Util/packager/class.ws.packager.mac.exe.html.php index fa19bc552..686832cf4 100644 --- a/inc/ws/Util/packager/class.ws.packager.mac.exe.html.php +++ b/inc/ws/Util/packager/class.ws.packager.mac.exe.html.php @@ -52,7 +52,7 @@ class wsPackagerMacEXEHTML extends wsPackagerWinEXEHTML mkdir($this->buildPath, 0777, true); } - $cl = new CubeIT_CommandLine('/data/extranet/node_modules/nw-builder/bin/nwbuild'); + $cl = new CubeIT_CommandLine('nwbuild'); $cl->setPath(CONVERTER_PATH); $cl->setArg('p', $this->nwplatform); $cl->setArg('o', $this->buildPath); @@ -64,6 +64,9 @@ class wsPackagerMacEXEHTML extends wsPackagerWinEXEHTML $cl->debug(); $this->replaceFFMpeg(); + if(!file_exists($this->getAppPath())){ + die('Error while building mac app : '.$cl->commande.' // '.$cl->output); + } $this->signApp(); } diff --git a/inc/ws/Util/packager/class.ws.packager.win.exe.html.php b/inc/ws/Util/packager/class.ws.packager.win.exe.html.php index 73f62ccb4..890695e41 100644 --- a/inc/ws/Util/packager/class.ws.packager.win.exe.html.php +++ b/inc/ws/Util/packager/class.ws.packager.win.exe.html.php @@ -45,7 +45,7 @@ class wsPackagerWinEXEHTML extends wsPackager $cl = new CubeIT_CommandLine('/usr/local/web2exe/web2exe-linux'); $cl->setPath(CONVERTER_PATH); - $cl->setEnv('TMPDIR', '/home/extranetfiles/tmp'); + $cl->setEnv('TMPDIR', '/tmp'); $cl->setLongArgumentSeparator(' '); $cl->setArg('export-to', $this->nwplatform); $cl->setArg('uncompressed-folder'); @@ -68,6 +68,10 @@ class wsPackagerWinEXEHTML extends wsPackager $cl->execute(); $cl->debug(); + if(!file_exists($this->buildPath)){ + die('Error while making exe : '.$cl->commande.' // '.$cl->output); + } + $this->replaceFFMpeg(); $this->signExe(); diff --git a/inc/ws/Util/packager/class.ws.packager.win.inst.html.php b/inc/ws/Util/packager/class.ws.packager.win.inst.html.php index 4d24c183e..fa9b0160f 100644 --- a/inc/ws/Util/packager/class.ws.packager.win.inst.html.php +++ b/inc/ws/Util/packager/class.ws.packager.win.inst.html.php @@ -47,7 +47,7 @@ class wsPackagerWinINSTHTML extends wsPackagerWinEXEHTML $nsi = str_replace('$titre', $title, $nsi); $nsi = str_replace('$lang', $lang->nsis, $nsi); $nsi = str_replace('$nwplatform', $this->nwplatform, $nsi); - $nsi = str_replace('$nsisdir', '/usr/share/nsis', $nsi); + $nsi = str_replace('$nsisdir', '/usr/local/share/nsis', $nsi); $nsi = str_replace('$output', $this->getPathBase('exe'), $nsi); $favicon = $this->vdir . 'data/favicon.ico'; if ($this->theme->parametres->favicon == '') { @@ -82,7 +82,7 @@ class wsPackagerWinINSTHTML extends wsPackagerWinEXEHTML $tmp = cubeFiles::tempnam() . '.nsi'; file_put_contents($tmp, $this->nsi); - $makensis = new CubeIT_CommandLine('/usr/local/bin/makensis'); + $makensis = new CubeIT_CommandLine('makensis'); $makensis->setArg(null,'-V4'); $makensis->setArg(null, $tmp); $makensis->execute(); diff --git a/index.php b/index.php index 320e4e0e2..fa5f913b7 100644 --- a/index.php +++ b/index.php @@ -1,6 +1,7 @@ \ No newline at end of file +phpinfo(); \ No newline at end of file diff --git a/scripts/dockerterminal.bat b/scripts/dockerterminal.bat new file mode 100644 index 000000000..65b39b569 --- /dev/null +++ b/scripts/dockerterminal.bat @@ -0,0 +1,3 @@ +@echo off +cls +C:\tools\cygwin\bin\ssh.exe -t root@toolbox.fluidbook.com 'docker exec -it -u extranet extranet /bin/bash'