From b9160f17bf08567cb7ceecbb6f060da4087b20ed Mon Sep 17 00:00:00 2001 From: "vincent@cubedesigners.com" Date: Thu, 24 Nov 2022 08:09:07 +0000 Subject: [PATCH] wait #5604 @3 --- .docker/config/passwords | 1 + .docker/config/ssh/server/moduli | 0 .docker/config/ssh/server/ssh_config | 0 .docker/config/ssh/server/ssh_host_dsa_key | 21 ++++ .../config/ssh/server/ssh_host_dsa_key.pub | 1 + .docker/config/ssh/server/ssh_host_ecdsa_key | 9 ++ .../config/ssh/server/ssh_host_ecdsa_key.pub | 1 + .../config/ssh/server/ssh_host_ed25519_key | 7 ++ .../ssh/server/ssh_host_ed25519_key.pub | 1 + .docker/config/ssh/server/ssh_host_rsa_key | 38 ++++++ .../config/ssh/server/ssh_host_rsa_key.pub | 1 + .docker/config/ssh/server/sshd_config | 115 ++++++++++++++++++ .../config/ssh/{ => user}/authorized_keys2 | 0 .docker/config/ssh/{ => user}/id_rsa | 0 .docker/config/ssh/{ => user}/id_rsa.pub | 0 .docker/config/ssh/{ => user}/known_hosts | 0 .docker/docker-compose.yml | 42 ++++--- .docker/images/php/Dockerfile | 2 + .docker/images/php/startup | 8 +- .docker/update | 2 +- bin/fixrights | 19 +-- .../class.ws.packager.win.exe.html.php | 14 ++- .../class.ws.packager.win.inst.html.php | 6 +- 23 files changed, 250 insertions(+), 38 deletions(-) create mode 100644 .docker/config/passwords create mode 100644 .docker/config/ssh/server/moduli create mode 100644 .docker/config/ssh/server/ssh_config create mode 100644 .docker/config/ssh/server/ssh_host_dsa_key create mode 100644 .docker/config/ssh/server/ssh_host_dsa_key.pub create mode 100644 .docker/config/ssh/server/ssh_host_ecdsa_key create mode 100644 .docker/config/ssh/server/ssh_host_ecdsa_key.pub create mode 100644 .docker/config/ssh/server/ssh_host_ed25519_key create mode 100644 .docker/config/ssh/server/ssh_host_ed25519_key.pub create mode 100644 .docker/config/ssh/server/ssh_host_rsa_key create mode 100644 .docker/config/ssh/server/ssh_host_rsa_key.pub create mode 100644 .docker/config/ssh/server/sshd_config rename .docker/config/ssh/{ => user}/authorized_keys2 (100%) rename .docker/config/ssh/{ => user}/id_rsa (100%) rename .docker/config/ssh/{ => user}/id_rsa.pub (100%) rename .docker/config/ssh/{ => user}/known_hosts (100%) diff --git a/.docker/config/passwords b/.docker/config/passwords new file mode 100644 index 000000000..97dd05da3 --- /dev/null +++ b/.docker/config/passwords @@ -0,0 +1 @@ +extranet:QkXKLmz4U3d4DJ \ No newline at end of file diff --git a/.docker/config/ssh/server/moduli b/.docker/config/ssh/server/moduli new file mode 100644 index 000000000..e69de29bb diff --git a/.docker/config/ssh/server/ssh_config b/.docker/config/ssh/server/ssh_config new file mode 100644 index 000000000..e69de29bb diff --git a/.docker/config/ssh/server/ssh_host_dsa_key b/.docker/config/ssh/server/ssh_host_dsa_key new file mode 100644 index 000000000..b814cc0f9 --- /dev/null +++ b/.docker/config/ssh/server/ssh_host_dsa_key @@ -0,0 +1,21 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABsQAAAAdzc2gtZH +NzAAAAgQCnADFd+E6phChygVvaA/I9D6jItqJzG2A/hEwE4cOciXxNC/+wJ/IqW4T7pOH2 +YpINLLqPMCqVNLj7744GeeNStwRjoMfd8f6zYoGBpimYc1WS3yi/QA1CH5o9qBDjgKV4/4 +zfqjvOwpEj7HZj3hNo1nvCfYrfAuVUVpOqt/Lo0wAAABUA7NkJP07kis6ZZ21WqVzFxam7 +cP8AAACAfp8vDPYcvhzECMtc66fIIEW82A3Hf5Ptoq8llPdX4NAlO+tWUg9zx+MqmuhGfP +u+KsI7bY8HRIFqvR+HHABZLS6S3kOU6/o78XXgoUXBJW7mAzQvrxPwEiOty8ZOcSl30GGs +pPKcj9IuRUqWKfTzEJ8q2Yjgz57LtMD0f8QtL+wAAACAdKlWQT2cBqD0hdF0ZnCCFzwlhm +ZFJdkW0/GSci7IOVUH6ov4++NNzTlInsncd7Ft0dK+fFHiAFTYXz0DBpDafX7dp85PHhOT +gCGYpym+aMzj5vTug49aROpRvWb1cDVwJQuc0u43FT8F2o+szWjpB4HwqQ1gs7LqyPOIei +lqWaAAAAHoOhqY1DoamNQAAAAHc3NoLWRzcwAAAIEApwAxXfhOqYQocoFb2gPyPQ+oyLai +cxtgP4RMBOHDnIl8TQv/sCfyKluE+6Th9mKSDSy6jzAqlTS4+++OBnnjUrcEY6DH3fH+s2 +KBgaYpmHNVkt8ov0ANQh+aPagQ44CleP+M36o7zsKRI+x2Y94TaNZ7wn2K3wLlVFaTqrfy +6NMAAAAVAOzZCT9O5IrOmWdtVqlcxcWpu3D/AAAAgH6fLwz2HL4cxAjLXOunyCBFvNgNx3 ++T7aKvJZT3V+DQJTvrVlIPc8fjKproRnz7virCO22PB0SBar0fhxwAWS0ukt5DlOv6O/F1 +4KFFwSVu5gM0L68T8BIjrcvGTnEpd9BhrKTynI/SLkVKlin08xCfKtmI4M+ey7TA9H/ELS +/sAAAAgHSpVkE9nAag9IXRdGZwghc8JYZmRSXZFtPxknIuyDlVB+qL+PvjTc05SJ7J3Hex +bdHSvnxR4gBU2F89AwaQ2n1+3afOTx4Tk4AhmKcpvmjM4+b07oOPWkTqUb1m9XA1cCULnN +LuNxU/BdqPrM1o6QeB8KkNYLOy6sjziHopalmgAAAAFQDRrqQqUf/GssrI/cGr4/M699Bo +hgAAAA1yb290QGV4dHJhbmV0AQIDBAU= +-----END OPENSSH PRIVATE KEY----- diff --git a/.docker/config/ssh/server/ssh_host_dsa_key.pub b/.docker/config/ssh/server/ssh_host_dsa_key.pub new file mode 100644 index 000000000..56cbf2b2f --- /dev/null +++ b/.docker/config/ssh/server/ssh_host_dsa_key.pub @@ -0,0 +1 @@ +ssh-dss AAAAB3NzaC1kc3MAAACBAKcAMV34TqmEKHKBW9oD8j0PqMi2onMbYD+ETAThw5yJfE0L/7An8ipbhPuk4fZikg0suo8wKpU0uPvvjgZ541K3BGOgx93x/rNigYGmKZhzVZLfKL9ADUIfmj2oEOOApXj/jN+qO87CkSPsdmPeE2jWe8J9it8C5VRWk6q38ujTAAAAFQDs2Qk/TuSKzplnbVapXMXFqbtw/wAAAIB+ny8M9hy+HMQIy1zrp8ggRbzYDcd/k+2iryWU91fg0CU761ZSD3PH4yqa6EZ8+74qwjttjwdEgWq9H4ccAFktLpLeQ5Tr+jvxdeChRcElbuYDNC+vE/ASI63Lxk5xKXfQYayk8pyP0i5FSpYp9PMQnyrZiODPnsu0wPR/xC0v7AAAAIB0qVZBPZwGoPSF0XRmcIIXPCWGZkUl2RbT8ZJyLsg5VQfqi/j7403NOUieydx3sW3R0r58UeIAVNhfPQMGkNp9ft2nzk8eE5OAIZinKb5ozOPm9O6Dj1pE6lG9ZvVwNXAlC5zS7jcVPwXaj6zNaOkHgfCpDWCzsurI84h6KWpZoA== root@extranet diff --git a/.docker/config/ssh/server/ssh_host_ecdsa_key b/.docker/config/ssh/server/ssh_host_ecdsa_key new file mode 100644 index 000000000..8108b5051 --- /dev/null +++ b/.docker/config/ssh/server/ssh_host_ecdsa_key @@ -0,0 +1,9 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS +1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQSbzLy1rqsySQVsxKTcPePDOJ/F/7WA +f8HoGHzYGstGjY47dlFqaDhMZV9bp6rHhrmNyZvhBTbpGxrRviQnOFqRAAAAqKv7rQqr+6 +0KAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJvMvLWuqzJJBWzE +pNw948M4n8X/tYB/wegYfNgay0aNjjt2UWpoOExlX1unqseGuY3Jm+EFNukbGtG+JCc4Wp +EAAAAgd72mJWjGx5lR+v5ZKUEe2+PiSQIAkTVMwkyGKq+pxUYAAAANcm9vdEBleHRyYW5l +dAECAw== +-----END OPENSSH PRIVATE KEY----- diff --git a/.docker/config/ssh/server/ssh_host_ecdsa_key.pub b/.docker/config/ssh/server/ssh_host_ecdsa_key.pub new file mode 100644 index 000000000..5a4471334 --- /dev/null +++ b/.docker/config/ssh/server/ssh_host_ecdsa_key.pub @@ -0,0 +1 @@ +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJvMvLWuqzJJBWzEpNw948M4n8X/tYB/wegYfNgay0aNjjt2UWpoOExlX1unqseGuY3Jm+EFNukbGtG+JCc4WpE= root@extranet diff --git a/.docker/config/ssh/server/ssh_host_ed25519_key b/.docker/config/ssh/server/ssh_host_ed25519_key new file mode 100644 index 000000000..38e6486ff --- /dev/null +++ b/.docker/config/ssh/server/ssh_host_ed25519_key @@ -0,0 +1,7 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW +QyNTUxOQAAACBQ5E2YNblWDfVav/msApMfbaih+MSf0f88Ur2V1do17wAAAJD3nHdL95x3 +SwAAAAtzc2gtZWQyNTUxOQAAACBQ5E2YNblWDfVav/msApMfbaih+MSf0f88Ur2V1do17w +AAAECRrP6hmoT6b4xoQtuIOn7ay7r5391GjkrSPhdh1kJX3VDkTZg1uVYN9Vq/+awCkx9t +qKH4xJ/R/zxSvZXV2jXvAAAADXJvb3RAZXh0cmFuZXQ= +-----END OPENSSH PRIVATE KEY----- diff --git a/.docker/config/ssh/server/ssh_host_ed25519_key.pub b/.docker/config/ssh/server/ssh_host_ed25519_key.pub new file mode 100644 index 000000000..6e9080831 --- /dev/null +++ b/.docker/config/ssh/server/ssh_host_ed25519_key.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFDkTZg1uVYN9Vq/+awCkx9tqKH4xJ/R/zxSvZXV2jXv root@extranet diff --git a/.docker/config/ssh/server/ssh_host_rsa_key b/.docker/config/ssh/server/ssh_host_rsa_key new file mode 100644 index 000000000..142cce86d --- /dev/null +++ b/.docker/config/ssh/server/ssh_host_rsa_key @@ -0,0 +1,38 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn +NhAAAAAwEAAQAAAYEAq/9qlHfyHI9gfNk+U01LylXVLlJXC0h72v/+Ph5Ms7kd5VCe6dI+ +lDFutKN3OY9KhFkL6Feq8tM87/7S8Ct3BfLbV7HizyIZsJjsuCjOdOqxQYeR3bgz3ZdDoJ +X66fc94RKkdonJi2WT8Yi3XnA0CnGYOowZD7z+G0IjoeGKRlwVTcOG8+En+wiCPuG1Ko8V +TuUQnnnf49tt8gJ1tpS2XmCP3kSL1TxcOZ8ZROyjgL/Mxkesl14rl4nn7M4MMfmIBOEzHV +kqqBR6tJ6V0SHwcI4lTg+pZ3sfUNA6MK0ZaQZCvVCPxwkUypDlxY3uqVgHet0zm2ZflTeN +MCuwqnP03ydSO2KggGBZqryWjWDWVREc7niXdneTEvvMhhmtMrfwgcusFSPB08L5gqU8Gw +CIQhZP0h2/HpXXfMzRiePasFsXt9Qie2uRkYpEEWANjPOuSyRYtguXctrNc/NZofIgi6Fp +VkUTjo5ZZwqJt0dhb08YSfvVKyfl8VzprQYShoS5AAAFiKx+aQ2sfmkNAAAAB3NzaC1yc2 +EAAAGBAKv/apR38hyPYHzZPlNNS8pV1S5SVwtIe9r//j4eTLO5HeVQnunSPpQxbrSjdzmP +SoRZC+hXqvLTPO/+0vArdwXy21ex4s8iGbCY7LgoznTqsUGHkd24M92XQ6CV+un3PeESpH +aJyYtlk/GIt15wNApxmDqMGQ+8/htCI6HhikZcFU3DhvPhJ/sIgj7htSqPFU7lEJ553+Pb +bfICdbaUtl5gj95Ei9U8XDmfGUTso4C/zMZHrJdeK5eJ5+zODDH5iAThMx1ZKqgUerSeld +Eh8HCOJU4PqWd7H1DQOjCtGWkGQr1Qj8cJFMqQ5cWN7qlYB3rdM5tmX5U3jTArsKpz9N8n +UjtioIBgWaq8lo1g1lURHO54l3Z3kxL7zIYZrTK38IHLrBUjwdPC+YKlPBsAiEIWT9Idvx +6V13zM0Ynj2rBbF7fUIntrkZGKRBFgDYzzrkskWLYLl3LazXPzWaHyIIuhaVZFE46OWWcK +ibdHYW9PGEn71Ssn5fFc6a0GEoaEuQAAAAMBAAEAAAGAFs9vX5ROuCntpnEbOmn4YLOka5 +nA8H6i6mbj3XIgQv+MbvKTuLfI09eAcpVxROFzhPzYPu6Nfdm07bEyYWaqSNAt9cHiLg08 +Mfb+AehrhQbxDhtAJZL90efzMJNjbO78tmJGDHB2mbWVesViaDRiOnZZNX6J/lPWsV/CoP +/r2ivxKViCh8p3BmxY9aTyZVwHe+iWHSZVon7h5GQeH2I2k2qj+drGXre8FWo7rC/j+Tm2 +mx87TPHQvy6rYvTqmiAZCSqj+FlNwKeunWFplge6Pz3Ci1Usj49JaEORQPkQwZLaTxvUxC +6B9c4x9BN10rxXcQU6XB8PesxxRlEugD3KFxbBsYc9IvyNDyTwHuS3dW71qC5jyKdvWdvu +S8X/7POYr/DdzpXVeG9cXzn5VnVyOjVKnUL31sJ+yMZyhoezxmeJDiwJRgLgbLyqJZLixZ +7mmIdPko3BvevBgA/YdGfphYyv+JqHrUFm4o+f/CF8KUC3a5AWSNk6ojLiSmBS6ue/AAAA +wHRks7MMkb7/QLom4nw8JycIVHpmeivfWVPEnyvk+XN9BxupPjYmqICcr/p4EbjUK4vscd +4cRzgUXm7yldd8mjMl6iAIWfnMPIGJGCs0hIvSH/NcjDOcvm1DFXyeZoBO50nHUNIMT4ii +IQo3+890E+6UXAs1/fx0E1yJcJxfBk45VAbEmDNL/7g7x7qDuIC+0bZjtdgRh6H7nhr/UI +naw+cM/jZA/SRpGqZcUf+hETXm5poq2XUKoGO93C8OTmbmhgAAAMEAtY2bbcYHjD+2Jdz7 +g7r6xLIgmYMx4PrfTirNyHP3YpfKyXyPR4Q2rzh4habWaHSrDpqPfRTh2mSHmsrJjjrmcj +Yy69NbGF7XTov5XA+d8QytlVpCZl5dSQGNIILs7p9XtslYVKkr3lyuwEMhXLC1uIqARAgr +SfsPt1e7Z6q7pNLtq2T6vhd7RPo5RZ6PVdheA7AMm9AUQ/qsgplfvdDopdR97Ojuo/mbCD +nMZ2nc+Rmyhd0UIC6nQPzQh2tUxVujAAAAwQDyhrxIZ2FRIVNg6QNlaalIezHIMCk3Akpr +vTE/WKRa8l4ItPnMBJOFGH00qyTaoiyI3rT8PgijqTWo3Rnn8rXU0O94D5zCqPRIXg3JKG +L2Tae0TpB4btzFJ0sGcYtxCtZ0OJqLz5Lm9ROHxi//GjXlYiN0DydM3tUqOkXGu2rEr4un +OjLMVLUgc9upksxTxm9xj8Zij9wz6Ybfuk4fUlXLbtP1IljZpIMcIY9is7pt5/jwmHZ3kg +JH4vaEFvhF4/MAAAANcm9vdEBleHRyYW5ldAECAwQFBg== +-----END OPENSSH PRIVATE KEY----- diff --git a/.docker/config/ssh/server/ssh_host_rsa_key.pub b/.docker/config/ssh/server/ssh_host_rsa_key.pub new file mode 100644 index 000000000..56399c87c --- /dev/null +++ b/.docker/config/ssh/server/ssh_host_rsa_key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCr/2qUd/Icj2B82T5TTUvKVdUuUlcLSHva//4+HkyzuR3lUJ7p0j6UMW60o3c5j0qEWQvoV6ry0zzv/tLwK3cF8ttXseLPIhmwmOy4KM506rFBh5HduDPdl0Oglfrp9z3hEqR2icmLZZPxiLdecDQKcZg6jBkPvP4bQiOh4YpGXBVNw4bz4Sf7CII+4bUqjxVO5RCeed/j223yAnW2lLZeYI/eRIvVPFw5nxlE7KOAv8zGR6yXXiuXiefszgwx+YgE4TMdWSqoFHq0npXRIfBwjiVOD6lnex9Q0DowrRlpBkK9UI/HCRTKkOXFje6pWAd63TObZl+VN40wK7Cqc/TfJ1I7YqCAYFmqvJaNYNZVERzueJd2d5MS+8yGGa0yt/CBy6wVI8HTwvmCpTwbAIhCFk/SHb8eldd8zNGJ49qwWxe31CJ7a5GRikQRYA2M865LJFi2C5dy2s1z81mh8iCLoWlWRROOjllnCom3R2FvTxhJ+9UrJ+XxXOmtBhKGhLk= root@extranet diff --git a/.docker/config/ssh/server/sshd_config b/.docker/config/ssh/server/sshd_config new file mode 100644 index 000000000..f9386d2a9 --- /dev/null +++ b/.docker/config/ssh/server/sshd_config @@ -0,0 +1,115 @@ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +Include /etc/ssh/sshd_config.d/*.conf + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key +#HostKey /etc/ssh/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# Logging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +#PermitRootLogin prohibit-password +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#PubkeyAuthentication yes + +# Expect .ssh/authorized_keys2 to be disregarded by default in future. +#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +#PasswordAuthentication yes +#PermitEmptyPasswords no + +# Change to yes to enable challenge-response passwords (beware issues with +# some PAM modules and threads) +KbdInteractiveAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes +#GSSAPIStrictAcceptorCheck yes +#GSSAPIKeyExchange no + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the KbdInteractiveAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via KbdInteractiveAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and KbdInteractiveAuthentication to 'no'. +UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +PrintMotd no +#PrintLastLog yes +#TCPKeepAlive yes +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS no +#PidFile /run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# Allow client to pass locale environment variables +AcceptEnv LANG LC_* + +# override default of no subsystems +Subsystem sftp /usr/lib/openssh/sftp-server diff --git a/.docker/config/ssh/authorized_keys2 b/.docker/config/ssh/user/authorized_keys2 similarity index 100% rename from .docker/config/ssh/authorized_keys2 rename to .docker/config/ssh/user/authorized_keys2 diff --git a/.docker/config/ssh/id_rsa b/.docker/config/ssh/user/id_rsa similarity index 100% rename from .docker/config/ssh/id_rsa rename to .docker/config/ssh/user/id_rsa diff --git a/.docker/config/ssh/id_rsa.pub b/.docker/config/ssh/user/id_rsa.pub similarity index 100% rename from .docker/config/ssh/id_rsa.pub rename to .docker/config/ssh/user/id_rsa.pub diff --git a/.docker/config/ssh/known_hosts b/.docker/config/ssh/user/known_hosts similarity index 100% rename from .docker/config/ssh/known_hosts rename to .docker/config/ssh/user/known_hosts diff --git a/.docker/docker-compose.yml b/.docker/docker-compose.yml index aa0514420..efbf60d8f 100644 --- a/.docker/docker-compose.yml +++ b/.docker/docker-compose.yml @@ -2,7 +2,7 @@ version: '3.1' services: webserver: container_name: extranet-httpd - build: /home/extranet/www/.docker/images/httpd + build: /home/extranet/.docker/images/httpd working_dir: /application volumes: # Files @@ -30,7 +30,7 @@ services: - '/home/stats/www:/home/stats/www' - '/home/wesco:/home/wesco' # Config - - '/home/extranet/www/.docker/config/httpd/httpd.conf:/usr/local/apache2/conf/httpd.conf' + - '/home/extranet/.docker/config/httpd/httpd.conf:/usr/local/apache2/conf/httpd.conf' ports: - '54198:80' environment: @@ -42,7 +42,7 @@ services: webserver-nb: container_name: extranet-httpd-nb - build: /home/extranet/www/.docker/images/httpd-nb + build: /home/extranet/.docker/images/httpd-nb working_dir: /application volumes: # Files @@ -70,7 +70,7 @@ services: - '/home/stats/www:/home/stats/www' - '/home/wesco:/home/wesco' # Config - - '/home/extranet/www/.docker/config/httpd/httpd-nb.conf:/usr/local/apache2/conf/httpd.conf' + - '/home/extranet/.docker/config/httpd/httpd-nb.conf:/usr/local/apache2/conf/httpd.conf' ports: - '54842:80' environment: @@ -82,7 +82,7 @@ services: php-fpm: container_name: extranet - build: /home/extranet/www/.docker/images/php + build: /home/extranet/.docker/images/php working_dir: /application hostname: extranet environment: @@ -90,28 +90,31 @@ services: HOME: /application volumes: # SSH - - '/home/extranet/www/.docker/config/ssh/:/root/.ssh/' - - '/home/extranet/www/.docker/config/ssh/:/application/.ssh/' + - '/home/extranet/.docker/config/ssh/user/:/root/.ssh/' + - '/home/extranet/.docker/config/ssh/user/:/application/.ssh/' + - '/home/extranet/.docker/config/ssh/server/:/etc/ssh/' # Composer - - '/home/extranet/www/.docker/config/composer/:/root/.config/composer/' - - '/home/extranet/www/.docker/config/composer/:/application/.config/composer/' + - '/home/extranet/.docker/config/composer/:/root/.config/composer/' + - '/home/extranet/.docker/config/composer/:/application/.config/composer/' # NPM - - '/home/extranet/www/.docker/config/npm/:/root/.npm/' + - '/home/extranet/.docker/config/npm/:/root/.npm/' # GIT - - '/home/extranet/www/.docker/config/gitconfig:/root/.gitconfig' - - '/home/extranet/www/.docker/config/git/:/root/.config/git/' - - '/home/extranet/www/.docker/config/git/:/application/.config/git/' - - '/home/extranet/www/.docker/config/gitconfig:/application/.gitconfig' + - '/home/extranet/.docker/config/gitconfig:/root/.gitconfig' + - '/home/extranet/.docker/config/git/:/root/.config/git/' + - '/home/extranet/.docker/config/git/:/application/.config/git/' + - '/home/extranet/.docker/config/gitconfig:/application/.gitconfig' # Monit - - '/home/extranet/www/.docker/config/monit/:/etc/monit/' - - '/home/extranet/www/.docker/config/monit/id:/var/lib/monit/id' + - '/home/extranet/.docker/config/monit/:/etc/monit/' + - '/home/extranet/.docker/config/monit/id:/var/lib/monit/id' # Sudo - - '/home/extranet/www/.docker/config/sudoers:/etc/sudoers.d/extranet' + - '/home/extranet/.docker/config/sudoers:/etc/sudoers.d/extranet' # PHP - - '/home/extranet/www/.docker/config/php.ini:/etc/php/7.2/fpm/conf.d/99-overrides.ini' + - '/home/extranet/.docker/config/php.ini:/etc/php/7.2/fpm/conf.d/99-overrides.ini' - '/home/extranet/sessions/:/var/lib/php/sessions/' # Crontab - - '/home/extranet/www/.docker/config/cron/crontab:/etc/crontab' + - '/home/extranet/.docker/config/cron/crontab:/etc/crontab' + # Passwords + - '/home/extranet/.docker/config/passwords:/root/passwords' # Files - '/data/extranet/ftp:/ftp' - '/home/extranet/fonts/:/fonts/' @@ -141,6 +144,7 @@ services: - '/var/log/extranet:uid=1002,gid=33' ports: - '51695:8123' + - '51895:22' networks: - extranet - fluidbook-processfarm diff --git a/.docker/images/php/Dockerfile b/.docker/images/php/Dockerfile index 2d6417d91..02f3dc149 100644 --- a/.docker/images/php/Dockerfile +++ b/.docker/images/php/Dockerfile @@ -68,6 +68,8 @@ RUN apt-get -y --no-install-recommends install build-essential chrpath libssl-de RUN apt-get -y --no-install-recommends install libreoffice RUN apt-get -y --no-install-recommends install sshfs lftp RUN apt-get -y --no-install-recommends install sshfs python3 python3-pip +RUN apt-get -y --no-install-recommends install openssh-server +RUN apt-get -y --no-install-recommends install wine RUN cd /root;wget https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-2.1.1-linux-x86_64.tar.bz2;tar xvjf phantomjs-2.1.1-linux-x86_64.tar.bz2;mv phantomjs-2.1.1-linux-x86_64 /usr/local/share;ln -sf /usr/local/share/phantomjs-2.1.1-linux-x86_64/bin/phantomjs /usr/local/bin RUN cd /root;wget https://github.com/nwutils/Web2Executable/releases/download/v0.7.1b/Web2ExeLinux-CMD.zip;unzip Web2ExeLinux-CMD.zip;mv Web2ExeLinux-CMD /usr/local/web2exe diff --git a/.docker/images/php/startup b/.docker/images/php/startup index 7bd4e78da..6d1d91e35 100644 --- a/.docker/images/php/startup +++ b/.docker/images/php/startup @@ -1,12 +1,14 @@ #!/bin/sh +umask 0000 +chmod -R 777 /tmp chown -R root:root /etc/sudoers.d -#/usr/sbin/service supervisor start +/usr/sbin/service ssh start chmod 0644 /etc/crontab && crontab -u root /etc/crontab && /usr/sbin/service cron start #chown -R toolbox:www-data /application/storage/framework -# Mount sshfs - +# Set user passwords +chpasswd < /root/passwords # Launch monit chmod -R 700 /etc/monit;chown -R root:root /etc/monit;/usr/bin/monit diff --git a/.docker/update b/.docker/update index 745869b77..baf99419d 100644 --- a/.docker/update +++ b/.docker/update @@ -1,6 +1,6 @@ #!/bin/sh cd /docker/extranet -chown root:root /home/extranet/www/.docker/config/cron/host;ln -sf /home/extranet/www/.docker/config/cron/host /etc/cron.d/extranet +chown root:root /home/extranet/.docker/config/cron/host;ln -sf /home/extranet/.docker/config/cron/host /etc/cron.d/extranet docker network create extranet ./build docker compose down diff --git a/bin/fixrights b/bin/fixrights index dfaf54c38..c275992de 100644 --- a/bin/fixrights +++ b/bin/fixrights @@ -1,15 +1,18 @@ #!/bin/bash -chown -R extranet:www-data /home/extranet -chown root:root /home/extranet/www/.docker/config/cron/host -chown root:root /home/extranet/www/.docker/config/sudoers +chown root:root /home/extranet/.docker/config/cron/host +chown root:root /home/extranet/.docker/config/sudoers +chown -R root:root /home/extranet/.docker/config/ssh +chmod -R 644 /home/extranet/.docker/config/ssh/server +chmod 755 /home/extranet/.docker/config/ssh/server/*.d +chmod 600 /home/extranet/.docker/config/ssh/server/*_key +chmod 600 /home/extranet/.docker/config/ssh/user/id_rsa +chmod 700 /home/extranet/.docker/config/ssh/user/ +chmod 600 /home/extranet/.docker/config/ssh/user/authorized_keys2 +chown -R extranet:www-data /home/extranet/www chown -R extranet:www-data /data/extranet chmod -R 775 /home/extranet/www chmod 750 /home/extranet chmod -R 775 /data/extranet chmod -R 777 /home/extranet/share +chmod -R 777 /home/extranet/www/fluidbook/packager/ chmod -R 777 /home/toolbox/www/resources/fluidbookpublication/player -chmod 600 /home/extranet/www/.docker/config/ssh/id_rsa -chmod 700 /home/extranet/www/.docker/config/ssh/ -chmod 600 /home/extranet/www/.docker/config/ssh/authorized_keys2 -chown root:root /home/extranet/www/.docker/config/cron/host -chown root:root /home/extranet/www/.docker/config/sudoers \ No newline at end of file diff --git a/inc/ws/Util/packager/class.ws.packager.win.exe.html.php b/inc/ws/Util/packager/class.ws.packager.win.exe.html.php index 890695e41..a7e971ee4 100644 --- a/inc/ws/Util/packager/class.ws.packager.win.exe.html.php +++ b/inc/ws/Util/packager/class.ws.packager.win.exe.html.php @@ -43,9 +43,11 @@ class wsPackagerWinEXEHTML extends wsPackager $this->buildPath = WS_PACKAGER . '/nwbuild/' . $this->version . '/' . $this->book_id; + `umask 0000;rm -rf $this->buildPath;mkdir -p 0777 $this->buildPath;chmod -R 777 $this->vdir;mkdir -p 0777 /application/tmp;chmod -R 777 /application/tmp`; + $cl = new CubeIT_CommandLine('/usr/local/web2exe/web2exe-linux'); - $cl->setPath(CONVERTER_PATH); - $cl->setEnv('TMPDIR', '/tmp'); + $cl->setSudo(true); + $cl->setEnv('TMPDIR', '/application/tmp'); $cl->setLongArgumentSeparator(' '); $cl->setArg('export-to', $this->nwplatform); $cl->setArg('uncompressed-folder'); @@ -68,8 +70,10 @@ class wsPackagerWinEXEHTML extends wsPackager $cl->execute(); $cl->debug(); - if(!file_exists($this->buildPath)){ - die('Error while making exe : '.$cl->commande.' // '.$cl->output); + `sudo chown -R extranet:www-data $this->buildPath`; + + if (!file_exists($this->buildPath)) { + die('Error while making exe : ' . $cl->commande . ' // ' . $cl->output); } $this->replaceFFMpeg(); @@ -79,7 +83,7 @@ class wsPackagerWinEXEHTML extends wsPackager function signExe() { - $exe = $this->buildPath . '/' . $this->exeName . '/windows-x64/' . $this->exeName . '.exe'; + $exe = $this->buildPath . '/' . $this->exeName . '/' . $this->nwplatform . '/' . $this->exeName . '.exe'; $this->_sign($exe); } diff --git a/inc/ws/Util/packager/class.ws.packager.win.inst.html.php b/inc/ws/Util/packager/class.ws.packager.win.inst.html.php index fa9b0160f..37d736afb 100644 --- a/inc/ws/Util/packager/class.ws.packager.win.inst.html.php +++ b/inc/ws/Util/packager/class.ws.packager.win.inst.html.php @@ -69,7 +69,9 @@ class wsPackagerWinINSTHTML extends wsPackagerWinEXEHTML unlink($tmp); } $this->copy($icoFile, $favicon); - + if (!file_exists($favicon)) { + $this->copy(WS_COMPILE_ASSETS . '/fluidbook.ico', $favicon); + } } $nsi = str_replace('$favicon', $favicon, $nsi); @@ -83,7 +85,7 @@ class wsPackagerWinINSTHTML extends wsPackagerWinEXEHTML $tmp = cubeFiles::tempnam() . '.nsi'; file_put_contents($tmp, $this->nsi); $makensis = new CubeIT_CommandLine('makensis'); - $makensis->setArg(null,'-V4'); + $makensis->setArg(null, '-V4'); $makensis->setArg(null, $tmp); $makensis->execute(); $makensis->debug(); -- 2.39.5