]> git.p6c8.net - jirafeau.git/blob - docker/docker_config.php
README: Deny access to var on Apache using "Require all denied"
[jirafeau.git] / docker / docker_config.php
1 <?php
2 /*
3 * Jirafeau, your web file repository
4 * Copyright (C) 2020 Jérôme Jutteau <jerome@jutteau.fr>
5 *
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as
8 * published by the Free Software Foundation, either version 3 of the
9 * License, or (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
15 *
16 * You should have received a copy of the GNU Affero General Public License
17 * along with this program. If not, see <https://www.gnu.org/licenses/>.
18 */
19 define('JIRAFEAU_ROOT', '/www/');
20 define('JIRAFEAU_CFG', JIRAFEAU_ROOT . 'lib/config.local.php');
21
22 require(JIRAFEAU_ROOT . 'lib/settings.php');
23 require(JIRAFEAU_ROOT . 'lib/functions.php');
24 require(JIRAFEAU_ROOT . 'lib/lang.php');
25
26 function env_2_cfg_string(&$cfg, $config_name, $default = null)
27 {
28 $env_name = strtoupper($config_name);
29 $r = getenv($env_name);
30 if ($r === false) {
31 if (is_null($default)) {
32 return false;
33 } else {
34 $r = $default;
35 }
36 }
37 echo("setting $config_name to '$r'\n");
38 $cfg[$config_name] = $r;
39 return true;
40 }
41
42 function env_2_cfg_bool(&$cfg, $config_name, $default = null)
43 {
44 $env_name = strtoupper($config_name);
45 $r = getenv($env_name);
46 if ($r === false) {
47 if (is_null($default)) {
48 return false;
49 } else {
50 $r = $default;
51 }
52 } else {
53 $r = ($r == "1") ? true : false;
54 }
55 echo("setting $config_name to " . ($r ? "true" : "false") . "\n");
56 $cfg[$config_name] = $r;
57 return true;
58 }
59
60 function env_2_cfg_int(&$cfg, $config_name, $default = null)
61 {
62 $env_name = strtoupper($config_name);
63 $r = getenv($env_name);
64 if ($r === false) {
65 if (is_null($default)) {
66 return false;
67 } else {
68 $r = $default;
69 }
70 } else {
71 $r = intval($r);
72 }
73 echo("setting $config_name to $r\n");
74 $cfg[$config_name] = $r;
75 return true;
76 }
77
78 function env_2_cfg_string_array(&$cfg, $config_name)
79 {
80 $env_name = strtoupper($config_name);
81 $r = getenv($env_name);
82 if ($r === false) {
83 return;
84 }
85 $r = explode(",", $r);
86 $c = count($r);
87 echo("setting $config_name array with $c value(s)n\n");
88 $cfg[$config_name] = $r;
89 return true;
90 }
91
92 function setup_admin_password(&$cfg)
93 {
94 if (strlen($cfg['admin_password']) > 0) {
95 return true;
96 }
97 echo("setting up admin password\n");
98 $p = getenv('ADMIN_PASSWORD');
99 if ($p === false) {
100 $p = jirafeau_gen_random(20);
101 echo("auto-generated admin password: $p\n");
102 }
103 $cfg['admin_password'] = hash('sha256', $p);
104 return true;
105 }
106
107 function set_rights($path)
108 {
109 $uid = getenv('USER_ID');
110 if ($uid === false) {
111 $uid = 100;
112 }
113 $gid = getenv('GROUP_ID');
114 if ($gid === false) {
115 $gid = 82;
116 }
117 if (!chown($path, $uid)) {
118 echo("setting up user $uid for $path: failed\n");
119 return false;
120 }
121 if (!chgrp($path, $gid)) {
122 echo("setting up group $gid for $path: failed\n");
123 return false;
124 }
125 if (!chmod($path, 0770)) {
126 echo("setting up permissions $path: failed\n");
127 return false;
128 }
129 return true;
130 }
131
132 function setup_var_folder(&$cfg)
133 {
134 env_2_cfg_string($cfg, 'var_root', '/data/');
135 $var_root = $cfg['var_root'];
136 if (!is_dir($var_root)) {
137 mkdir($var_root, 0770, true);
138 }
139 $err = jirafeau_check_var_dir($var_root);
140 if ($err['has_error']) {
141 echo("error: cannot create $var_root folder\n");
142 return false;
143 }
144 return set_rights($var_root) &&
145 set_rights($var_root . 'async') &&
146 set_rights($var_root . 'files') &&
147 set_rights($var_root . 'links');
148 }
149
150 function setup_webroot(&$cfg)
151 {
152 if (!env_2_cfg_string($cfg, 'web_root')) {
153 echo("warning: you may want to have set WEB_ROOT to your website URL (like 'jirafeau.mydomain.tld/')\n");
154 }
155 }
156
157 function run_setup(&$cfg)
158 {
159 $setup_ok = setup_admin_password($cfg) &&
160 setup_var_folder($cfg);
161 setup_webroot($cfg);
162 env_2_cfg_string($cfg, 'file_hash');
163 env_2_cfg_bool($cfg, 'preview');
164 env_2_cfg_string($cfg, 'title', false);
165 env_2_cfg_string($cfg, 'organisation');
166 env_2_cfg_string($cfg, 'contactperson');
167 env_2_cfg_string($cfg, 'style');
168 env_2_cfg_string($cfg, 'availability_default');
169 env_2_cfg_string($cfg, 'dark_style');
170 env_2_cfg_bool($cfg, 'one_time_download');
171 env_2_cfg_bool($cfg, 'enable_crypt');
172 env_2_cfg_bool($cfg, 'debug');
173 env_2_cfg_int($cfg, 'maximal_upload_size');
174 env_2_cfg_string_array($cfg, 'upload_password');
175 env_2_cfg_string_array($cfg, 'upload_ip');
176 env_2_cfg_string_array($cfg, 'admin_ip');
177 env_2_cfg_string_array($cfg, 'upload_ip_nopassword');
178 env_2_cfg_string_array($cfg, 'proxy_ip');
179 env_2_cfg_bool($cfg, 'store_uploader_ip');
180 env_2_cfg_string($cfg, 'download_password_requirement');
181 env_2_cfg_int($cfg, 'download_password_gen_len');
182 env_2_cfg_string($cfg, 'download_password_gen_chars');
183 env_2_cfg_string($cfg, 'download_password_policy');
184 env_2_cfg_string($cfg, 'download_password_policy_regex');
185
186 if ($setup_ok) {
187 $cfg['installation_done'] = true;
188 jirafeau_export_cfg($cfg);
189 echo("You can now connect to your Jirafeau instance\n");
190 exit(0);
191 } else {
192 echo("Some Jirafeau options failed");
193 exit(1);
194 }
195 }
196
197 run_setup($cfg);

patrick-canterino.de