summaryrefslogtreecommitdiffstats
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rwxr-xr-xserver/bin/checkperms12
-rwxr-xr-xserver/bin/setsmbpass10
-rw-r--r--server/etc/apache-console3.conf.tmpl58
-rw-r--r--server/etc/apache.conf.tmpl52
4 files changed, 59 insertions, 73 deletions
diff --git a/server/bin/checkperms b/server/bin/checkperms
index 5c558c45..ca9e1d7d 100755
--- a/server/bin/checkperms
+++ b/server/bin/checkperms
@@ -46,16 +46,16 @@ find $OPENGNSYS_DIR/images -maxdepth 1 -type f -exec chmod 664 {} \;
find $OPENGNSYS_DIR/client/{interfaceAdm,scripts} ! -name "*.txt" -exec chmod +x {} \;
chown $OPENGNSYS_USER:$OPENGNSYS_USER $OPENGNSYS_DIR/client/interfaceAdm/CambiarAcceso
chmod 700 $OPENGNSYS_DIR/client/interfaceAdm/CambiarAcceso
-chown root:root $OPENGNSYS_DIR/etc/{ogAdmServer,ogAdmAgent}*.cfg
-chmod 600 $OPENGNSYS_DIR/etc/{ogAdmServer,ogAdmAgent}*.cfg
-chown root:$APACHE_GROUP $OPENGNSYS_DIR/{www/controlacceso*.php,etc/ogAdmRepo*.cfg}
-chmod 640 $OPENGNSYS_DIR/{www/controlacceso*.php,etc/ogAdmRepo*.cfg}
-chown -R $APACHE_USER:$APACHE_GROUP $OPENGNSYS_DIR/www/images/{fotos,iconos}
+rm -fr $OPENGNSYS_DIR/www3/backend/var/cache/*
+mkdir -p $OPENGNSYS_DIR/www3/backend/var/{cache,logs}
+chown -R $OPENGNSYS_USER:$OPENGNSYS_USER $OPENGNSYS_DIR/www3
+chown -R $APACHE_USER:$APACHE_GROUP $OPENGNSYS_DIR/www3/backend/var
+chmod 777 $OPENGNSYS_DIR/www3/backend/var/{cache,logs}
mkdir -p $OPENGNSYS_DIR/www/{api,tmp}
chown -R $APACHE_USER:$APACHE_GROUP $OPENGNSYS_DIR/www/{api,tmp}
chown -R $APACHE_USER:$APACHE_GROUP $OPENGNSYS_DIR/tftpboot/menu.lst
chown -R :$OPENGNSYS_USER $OPENGNSYS_DIR/tftpboot/ogLive*
find -L $OPENGNSYS_DIR/tftpboot -type d -exec chmod 755 {} \;
find -L $OPENGNSYS_DIR/tftpboot -type f -exec chmod 644 {} \;
-chown $APACHE_USER:$APACHE_GROUP $OPENGNSYS_DIR/log/{ogagent,remotepc,rest}.log
+#chown $APACHE_USER:$APACHE_GROUP $OPENGNSYS_DIR/log/{ogagent,remotepc,rest}.log
diff --git a/server/bin/setsmbpass b/server/bin/setsmbpass
index 2162b3be..57c354d7 100755
--- a/server/bin/setsmbpass
+++ b/server/bin/setsmbpass
@@ -19,6 +19,7 @@
PROG=$(basename "$0")
PATH=$PATH:$(dirname "$(realpath "$0")")
OPENGNSYS=${OPENGNSYS:-"/opt/opengnsys"}
+OGCFGFILE=$OPENGNSYS/etc/opengnsys.json
SAMBAUSER="opengnsys" # Usuario por defecto.
TFTPDIR=$OPENGNSYS/tftpboot
INITRD=oginitrd.img
@@ -88,8 +89,13 @@ for OGLIVE in $LIST; do
# FIN CĂ“DIGO TEMPORAL.
# Ticket 565, preparar acceso Rsync cliente.
echo "$SAMBAPASS" > scripts/passrsync
- chown root.root scripts/passrsync
- chmod 400 scripts/passrsync
+ # Guardar tokens de seguridad.
+ cat << EOT > scripts/client.cfg
+CLIENTID=$(jq -r .client.id $OGCFGFILE)
+CLIENTSECRET=$(jq -r .client.secret $OGCFGFILE)
+EOT
+ chown root.root scripts/passrsync scripts/client.cfg
+ chmod 400 scripts/passrsync scripts/client.cfg
# Generar Initrd del cliente.
find . | cpio -H newc -oa | gzip -9c > "$CLIENTINITRD"
else
diff --git a/server/etc/apache-console3.conf.tmpl b/server/etc/apache-console3.conf.tmpl
deleted file mode 100644
index 91b61cfb..00000000
--- a/server/etc/apache-console3.conf.tmpl
+++ /dev/null
@@ -1,58 +0,0 @@
-# OpenGnsys Web Admin Console 3 template configuration for Apache.
-
-Alias /opengnsys/v3 CONSOLEDIR3
-
-# PHP-FPM configuration
-<IfModule proxy_fcgi_module>
- <FilesMatch ".+\.ph(p[3457]?|t|tml)$">
- SetHandler "proxy:fcgi://127.0.0.1:9000"
- </FilesMatch>
-</IfModule>
-
-RewriteEngine On
-
-# Redirect HTTP to HTTPS and default configuration.
-<Directory CONSOLEDIR3>
- RewriteCond %{HTTPS} !=on
- RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R]
- Require all granted
- Options -Indexes +FollowSymLinks
- DirectoryIndex index.html index.php
- AddType octet/stream .pkg
-</Directory>
-
-# Redirect HTTP to HTTPS and RESTful configuration.
-<Directory CONSOLEDIR3/backend/web>
- #RewriteBase /opengnsys3/rest/web
- #RewriteRule .? - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
- #RewriteCond %{HTTPS} !=on
- #RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R]
- #RewriteCond %{REQUEST_FILENAME} !-f
- #RewriteRule ^ index.php [QSA,L]
- DirectoryIndex app.php
-
- <IfModule mod_rewrite.c>
- RewriteEngine On
- RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
- RewriteRule ^(.*) - [E=BASE:%1]
-
- # Sets the HTTP_AUTHORIZATION header removed by apache
- RewriteCond %{HTTP:Authorization} .
- RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
-
- RewriteCond %{ENV:REDIRECT_STATUS} ^$
- RewriteRule ^app\.php(/(.*)|$) %{ENV:BASE}/$2 [R=301,L]
-
- RewriteCond %{REQUEST_FILENAME} -f
- RewriteRule .? - [L]
-
- # Rewrite all other queries to the front controller.
- RewriteRule .? %{ENV:BASE}/app.php [L]
- </IfModule>
-
- <IfModule !mod_rewrite.c>
- <IfModule mod_alias.c>
- RedirectMatch 302 ^/$ /app.php/
- </IfModule>
- </IfModule>
-</Directory>
diff --git a/server/etc/apache.conf.tmpl b/server/etc/apache.conf.tmpl
index edb3fda8..099d9ea5 100644
--- a/server/etc/apache.conf.tmpl
+++ b/server/etc/apache.conf.tmpl
@@ -21,12 +21,50 @@ RewriteEngine On
AddType octet/stream .pkg
</Directory>
+Alias /opengnsys3 CONSOLEDIR3
+
+# Redirect HTTP to HTTPS and default configuration.
+<Directory CONSOLEDIR3>
+ RewriteCond %{HTTPS} !=on
+ RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R]
+ Require all granted
+ Options -Indexes +FollowSymLinks
+ DirectoryIndex index.html index.php
+ AddType octet/stream .pkg
+</Directory>
+
# Redirect HTTP to HTTPS and RESTful configuration.
-<Directory CONSOLEDIR/rest>
- RewriteBase /opengnsys/rest/
- RewriteRule .? - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
- RewriteCond %{HTTPS} !=on
- RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R]
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteRule ^ index.php [QSA,L]
+<Directory CONSOLEDIR3/backend/web>
+ #RewriteBase /opengnsys3/rest/web
+ #RewriteRule .? - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+ #RewriteCond %{HTTPS} !=on
+ #RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R]
+ #RewriteCond %{REQUEST_FILENAME} !-f
+ #RewriteRule ^ index.php [QSA,L]
+ DirectoryIndex app.php
+
+ <IfModule mod_rewrite.c>
+ RewriteEngine On
+ RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
+ RewriteRule ^(.*) - [E=BASE:%1]
+
+ # Sets the HTTP_AUTHORIZATION header removed by apache
+ RewriteCond %{HTTP:Authorization} .
+ RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+
+ RewriteCond %{ENV:REDIRECT_STATUS} ^$
+ RewriteRule ^app\.php(/(.*)|$) %{ENV:BASE}/$2 [R=301,L]
+
+ RewriteCond %{REQUEST_FILENAME} -f
+ RewriteRule .? - [L]
+
+ # Rewrite all other queries to the front controller.
+ RewriteRule .? %{ENV:BASE}/app.php [L]
+ </IfModule>
+
+ <IfModule !mod_rewrite.c>
+ <IfModule mod_alias.c>
+ RedirectMatch 302 ^/$ /app.php/
+ </IfModule>
+ </IfModule>
</Directory>