From: Patrick Canterino Date: Sun, 18 Aug 2024 15:53:20 +0000 (+0200) Subject: Merge branch 'master' into next-release X-Git-Url: https://git.p6c8.net/jirafeau.git/commitdiff_plain/5aa1e87de607c31282dec602978624de9e636cba?hp=4efa531d11cac24cf1ef486c6050c38d4e86ec02 Merge branch 'master' into next-release This will fix the history after commit 4efa531d in master --- diff --git a/.gitignore b/.gitignore index c911a76..4c13bde 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,7 @@ lib/config.local.php lib/tos.local.txt media/custom/ +media/dark-custom/ var-* *._* composer.phar diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0d2d9c4..bf59897 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,35 +1,45 @@ -# Select docker image from https://hub.docker.com/_/php/ -image: php:8.1 - # Select what we should cache cache: paths: - vendor/ -before_script: - # Install git, the docker php image doesn't have it installed by default - - apt-get update -yqq - - apt-get install git -yqq - - apt-get install zip -yqq - # Enable necessary php extensions - - docker-php-ext-enable curl && docker-php-ext-enable json && docker-php-ext-enable zip && docker-php-ext-enable mbstring && docker-php-ext-enable gd && docker-php-ext-enable pdo_mysql - # Install composer - - curl -sS https://getcomposer.org/installer | php - # Create composer.json file manually, since this is a project without any non-dev dependencies yet - - php composer.phar require --dev php-parallel-lint/php-parallel-lint - - php composer.phar require --dev friendsofphp/php-cs-fixer:3.10.0 - # Install all project dependencies - - php composer.phar install - -# Run tests +# Run tests for php:8.1 job_lint_app_81: image: php:8.1 - script: + before_script: &before_linter_script + # Install git, the docker php image doesn't have it installed by default + - apt-get update -yqq + - apt-get install git -yqq + - apt-get install zip -yqq + # Enable necessary php extensions + - docker-php-ext-enable curl && docker-php-ext-enable json && docker-php-ext-enable zip && docker-php-ext-enable mbstring && docker-php-ext-enable gd && docker-php-ext-enable pdo_mysql + # Install composer + - curl -sS https://getcomposer.org/installer | php + # Create composer.json file manually, since this is a project without any non-dev dependencies yet + - php composer.phar require --dev php-parallel-lint/php-parallel-lint + - php composer.phar require --dev friendsofphp/php-cs-fixer:3.10.0 + # Install all project dependencies + - php composer.phar install + script: &linter_script - ./vendor/bin/parallel-lint --exclude vendor . - ./vendor/bin/php-cs-fixer -vvv fix . --dry-run --using-cache=no --rules=@PSR2 +# Run tests for php:7.4 job_lint_app_74: image: php:7.4 + before_script: *before_linter_script + script: *linter_script + +publish: + image: docker:latest + stage: deploy + services: + - docker:dind script: - - ./vendor/bin/parallel-lint --exclude vendor . - - ./vendor/bin/php-cs-fixer -vvv fix . --dry-run --using-cache=no --rules=@PSR2 + - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY" + - docker build -t $CI_REGISTRY/$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG . + # If we're on the default branch, also tag the image as latest + - docker build -t $CI_REGISTRY/$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG -t $CI_REGISTRY/$CI_REGISTRY_IMAGE:latest . + - docker push $CI_REGISTRY/$CI_REGISTRY_IMAGE --all-tags + only: + - tags diff --git a/Dockerfile b/Dockerfile index 9eb0423..d4854a8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,24 +8,21 @@ RUN apk update && \ ln -snf /usr/share/zoneinfo/Etc/UTC /etc/localtime && \ echo "UTC" > /etc/timezone -COPY docker/cleanup.sh /cleanup.sh -COPY docker/run.sh /run.sh -RUN chmod o=,ug=rx /cleanup.sh /run.sh -COPY docker/docker_config.php /docker_config.php +COPY --chmod=550 docker/cleanup.sh docker/run.sh / +COPY --chmod=640 docker/docker_config.php /docker_config.php -RUN mkdir -p /usr/local/etc/php COPY docker/php.ini /usr/local/etc/php/php.ini COPY docker/lighttpd.conf /etc/lighttpd/lighttpd.conf -# install jirafeau -RUN mkdir /www +# Install Jirafeau WORKDIR /www -# Will ignore some files through .dockerignore -COPY . . -RUN rm -rf docker && \ + +RUN --mount=type=bind,source=.,target=/mnt \ + cp -r /mnt/* /www/ && \ + rm -rf /www/docker && \ touch /www/lib/config.local.php && \ chown -R $(id -u lighttpd).$(id -g www-data) /www && \ - chmod o=,ug=rwX -R /www + chmod 770 /www -CMD /run.sh +CMD ["/run.sh"] EXPOSE 80 \ No newline at end of file diff --git a/README.md b/README.md index 8f4d169..4fff851 100644 --- a/README.md +++ b/README.md @@ -101,9 +101,19 @@ You have several options: - Move var folder to a place on your server which can't be directly accessed - Disable automatic listing on your web server config or place a index.html in var's sub-directory (this is a limited solution) -If you are using Apache, you can add the following line to your configuration to prevent people to access to your `var` folder: +If you are using Apache, you can add the following lines to your configuration to prevent people to access to your `var` folder: -`RedirectMatch 301 ^/var-.* http://my.service.jirafeau` +```apache + + Require all denied + +``` + +Or you can put a `.htaccess` file containing this into your `var` folder: + +```apache +Require all denied +``` If you are using nginx, you can add the following to your $vhost.conf: @@ -206,9 +216,9 @@ Anyway I would recommend you to use another web browser. :) You may change the default theme to any of the existing ones or a custom. -Open your `lib/config.local.php` and change setting in the `style` key to the name of any folder in the `/media` directory. +Open your `lib/config.local.php` and change setting in the `style` key to the name of any folder in the `/media` directory. If you want to change the theme for dark mode, you have to set the `dark_style` key in the config file. -Hint: To create a custom theme just copy the `courgette` folder and name your theme `custom` (this way it will be ignored by git and not overwritten during updates). You are invited to enhance the existing themes and send pull requests however. +Hint: To create a custom theme just copy the `courgette` folder and name your theme `custom` (this way it will be ignored by git and not overwritten during updates). If you want to create a custom theme for dark mode, you have to put it in a folder named `dark-custom`. You are invited to enhance the existing themes and send pull requests however. ### I found a bug, what should I do? diff --git a/docker/README.md b/docker/README.md index 8252795..c506b43 100644 --- a/docker/README.md +++ b/docker/README.md @@ -24,7 +24,7 @@ docker build -t your/jirafeau:latest . You may be interested in running Jirafeau on port 80: ``` -docker run -d -p 80:80 --sysctl net.ipv4.ip_unprivileged_port_start=80 mojo42/jirafeau +docker run -d -p 80:80 --sysctl net.ipv4.ip_unprivileged_port_start=80 registry.gitlab.com/jirafeau/jirafeau ``` Note that Jirafeau image does not provide any SSL/TLS. You may be interested in using [docker compose](https://docs.docker.com/compose/) combined with [Let's Encrypt](https://letsencrypt.org/). @@ -64,7 +64,7 @@ Available options: Example: ``` -docker run -it -p 8080:80 --rm -e ADMIN_PASSWORD='p4ssw0rd' -e WEB_ROOT='jirafeau.mydomain.com/' -e UPLOAD_PASSWORD='foo,bar' -e PREVIEW=0 mojo42/jirafeau:latest +docker run -it -p 8080:80 --rm -e ADMIN_PASSWORD='p4ssw0rd' -e WEB_ROOT='jirafeau.mydomain.com/' -e UPLOAD_PASSWORD='foo,bar' -e PREVIEW=0 registry.gitlab.com/jirafeau/jirafeau:latest ``` ## Data storage @@ -75,7 +75,7 @@ Note that configuration is not stored in /data. Example of using a dedicated volume to store Jirafeau data separately from the container: ``` docker volume create jirafeau_data -docker run -it --rm -p 8080:80 --mount source=jirafeau_data,target=/data mojo42/jirafeau:latest +docker run -it --rm -p 8080:80 --mount source=jirafeau_data,target=/data registry.gitlab.com/jirafeau/jirafeau:latest ``` ## Few notes diff --git a/docker/docker_config.php b/docker/docker_config.php index 634d58b..0becc2d 100644 --- a/docker/docker_config.php +++ b/docker/docker_config.php @@ -194,4 +194,4 @@ function run_setup(&$cfg) } } -run_setup($cfg); \ No newline at end of file +run_setup($cfg); diff --git a/index.php b/index.php index 78c1beb..b7e2606 100644 --- a/index.php +++ b/index.php @@ -25,7 +25,7 @@ require(JIRAFEAU_ROOT . 'lib/settings.php'); require(JIRAFEAU_ROOT . 'lib/functions.php'); require(JIRAFEAU_ROOT . 'lib/lang.php'); -if ($cfg['download_password_requirement'] === "generated"){ +if ($cfg['download_password_requirement'] === "generated") { $download_pass = jirafeau_gen_download_pass($cfg['download_password_gen_len'], $cfg['download_password_gen_chars']); } @@ -114,8 +114,8 @@ elseif (true === jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) {

- +

@@ -204,17 +204,23 @@ elseif (true === jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) { ' . t('ONE_TIME_DL') . ':'; - echo ''; + echo ''; } - if ($cfg['download_password_requirement'] === 'generated'){ + if ($cfg['download_password_requirement'] === 'generated') { echo ''; - }else{ + } else { echo ''; echo ''; diff --git a/lib/config.original.php b/lib/config.original.php index bfa76af..d261f68 100644 --- a/lib/config.original.php +++ b/lib/config.original.php @@ -152,6 +152,11 @@ $cfg['availability_default'] = 'month'; */ $cfg['one_time_download'] = true; +/* When set to "true", the checkbox for deleting the file after the first download + * is preselected. + */ +$cfg['one_time_download_preselected'] = false; + /* Set maximal upload size expressed in MB. * »0« means unlimited upload size. */ diff --git a/lib/functions.php b/lib/functions.php index b87f6c3..4736b7f 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -143,7 +143,6 @@ function jirafeau_human_size($octets) // Convert UTC timestamp to a datetime field function jirafeau_get_datetimefield($timestamp) { - $ts = date_create("@" . $timestamp); $content = '' . date_format($ts, 'Y-m-d H:i') . ' (GMT)'; @@ -879,7 +878,7 @@ function jirafeau_fileperms($path) function jirafeau_admin_bug_report($cfg) { $out = "
" . t('REPORTING_AN_ISSUE') . ""; - $out .= "If you have a problem related to Jirafeau, please open an issue, explain your problem in english and copy-paste the following content:

"; + $out .= "If you have a problem related to Jirafeau, please open an issue, explain your problem in english and copy-paste the following content:

"; $out .= "# Jirafeau
"; $out .= "- version: " . JIRAFEAU_VERSION . "
"; @@ -1239,7 +1238,7 @@ function jirafeau_encrypt_file($fp_src, $fp_dst) $enc = sodium_crypto_secretstream_xchacha20poly1305_push($crypt_state, $to_enc); if (fwrite($w, $enc) === false) { - return ''; + return ''; } } diff --git a/lib/settings.php b/lib/settings.php index 22a2a5a..494dfd2 100644 --- a/lib/settings.php +++ b/lib/settings.php @@ -41,7 +41,9 @@ if ($cfg['debug'] === true) { /* Jirafeau package */ define('JIRAFEAU_PACKAGE', 'Jirafeau'); -define('JIRAFEAU_VERSION', '4.6.0'); +define('JIRAFEAU_VERSION', '4.6.x-dev'); + +define('JIRAFEAU_WEBSITE', 'https://gitlab.com/jirafeau/Jirafeau'); /* Directories. */ define('VAR_FILES', $cfg['var_root'] . 'files/'); diff --git a/lib/template/footer.php b/lib/template/footer.php index e0856a8..efe238f 100644 --- a/lib/template/footer.php +++ b/lib/template/footer.php @@ -3,7 +3,7 @@ ' . t('JI_PROJECT') . '' . + ' ' . t('JI_PROJECT') . '' . ' (AGPL-3.0)'; ?> diff --git a/script.php b/script.php index be29f3d..8ebcce3 100644 --- a/script.php +++ b/script.php @@ -44,7 +44,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count($_GET) == 0) {

Scripting interface

This interface permits to script your uploads and downloads.

-

See source code of this interface to get available calls :)

+

See source code of this interface to get available calls :)

You may download a preconfigured Bash Script to easily send to and get files from the API via command line.


@@ -81,13 +81,13 @@ if (isset($_FILES['file']) && is_writable(VAR_FILES) $key = ''; if (isset($_POST['key'])) { $key = $_POST['key']; - if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex'){ - if (!preg_match($cfg['download_password_policy_regex'], $key)){ + if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex') { + if (!preg_match($cfg['download_password_policy_regex'], $key)) { echo 'Error 14: The download password is not complying to the security standards.'; exit; } } - }elseif ($cfg['download_password_requirement'] !== 'optional'){ + } elseif ($cfg['download_password_requirement'] !== 'optional') { echo 'Error 13: The parameter password is required.'; exit; } @@ -175,13 +175,13 @@ if (isset($_FILES['file']) && is_writable(VAR_FILES) $key = ''; if (isset($_POST['key'])) { $key = $_POST['key']; - if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex'){ - if (!preg_match($cfg['download_password_policy_regex'], $key)){ + if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex') { + if (!preg_match($cfg['download_password_policy_regex'], $key)) { echo 'Error 14: The download password is not complying to the security standards.'; exit; } } - }elseif ($cfg['download_password_requirement'] !== 'optional'){ + } elseif ($cfg['download_password_requirement'] !== 'optional') { echo 'Error 13: The parameter password is required.'; exit; } @@ -451,13 +451,13 @@ elseif (isset($_GET['init_async'])) { $key = ''; if (isset($_POST['key'])) { $key = $_POST['key']; - if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex'){ - if (!preg_match($cfg['download_password_policy_regex'], $key)){ + if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex') { + if (!preg_match($cfg['download_password_policy_regex'], $key)) { echo 'Error 14: The download password is not complying to the security standards.'; exit; } } - }elseif ($cfg['download_password_requirement'] !== 'optional'){ + } elseif ($cfg['download_password_requirement'] !== 'optional') { echo 'Error 13: The parameter password is required.'; exit; }