diff options
author | nachoparker <nacho@ownyourbits.com> | 2019-06-30 00:15:46 +0300 |
---|---|---|
committer | nachoparker <nacho@ownyourbits.com> | 2019-06-30 00:16:06 +0300 |
commit | fbdab43b96f7ad92935c0ea01f7c9c2ecfb7e712 (patch) | |
tree | b9d9540c159db27f6c87d51cfdd19ea7b914d392 /update.sh | |
parent | ce4477c8a4c101b416ebb2711b3c22a42ffc0051 (diff) |
ncp-web: adjust ipv6 local restrictionsv1.13.5
Signed-off-by: nachoparker <nacho@ownyourbits.com>
Diffstat (limited to 'update.sh')
-rwxr-xr-x | update.sh | 51 |
1 files changed, 51 insertions, 0 deletions
@@ -248,6 +248,57 @@ EOF ncc config:system:set jpeg_quality --value 60 } + # adjust local IPv6 + cat > /etc/apache2/sites-available/ncp.conf <<EOF +Listen 4443 +<VirtualHost _default_:4443> + DocumentRoot /var/www/ncp-web + SSLEngine on + SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem + SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key + + # 2 days to avoid very big backups requests to timeout + TimeOut 172800 + + <IfModule mod_authnz_external.c> + DefineExternalAuth pwauth pipe /usr/sbin/pwauth + </IfModule> + +</VirtualHost> +<Directory /var/www/ncp-web/> + + AuthType Basic + AuthName "ncp-web login" + AuthBasicProvider external + AuthExternal pwauth + + SetEnvIf Request_URI "^" noauth + SetEnvIf Request_URI "^index\.php$" !noauth + SetEnvIf Request_URI "^/$" !noauth + SetEnvIf Request_URI "^/wizard/index.php$" !noauth + SetEnvIf Request_URI "^/wizard/$" !noauth + + <RequireAll> + + <RequireAny> + Require host localhost + Require local + Require ip 192.168 + Require ip 172 + Require ip 10 + Require ip fd00::/8 + Require ip fe80::/10 + </RequireAny> + + <RequireAny> + Require env noauth + Require user ncp + </RequireAny> + + </RequireAll> + +</Directory> +EOF # remove redundant opcache configuration. Leave until update bug is fixed -> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815968 # Bug #416 reappeared after we moved to php7.2 and debian buster packages. (keep last) |