Jones/MastodonHelp
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

...

Browse source
This commit is contained in:
pezcurrel 2020-05-22 17:21:46 +02:00
parent 4ddfcdb326
commit 2b4af94fbc
30 changed files with 2751 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -2,4 +2,4 @@ Un sito di introduzione a Mastodon ([al momento pubblicato qui](https://rame.alt
Se vuoi saperne di più puoi leggere il [wiki](https://git.lattuga.net/pongrebio/MastodonStartpage/wiki).
Puoi provare quel che c'è con un'[immagine docker](https://git.lattuga.net/pongrebio/MastodonStartpage/src/master/docker/), oppure installando mastostart manualmente (vedi il file [INSTALL.md](https://git.lattuga.net/pongrebio/MastodonStartpage/src/master/INSTALL.md) in questa stessa directory).
Puoi provare quel che c'è con un'[immagine docker](https://git.lattuga.net/pongrebio/MastodonStartpage/src/master/docker/prova/), oppure installando mastostart manualmente (vedi il file [INSTALL.md](https://git.lattuga.net/pongrebio/MastodonStartpage/src/master/INSTALL.md) in questa stessa directory).

BIN
docker/files/mastostart_popolato.sql.xz
View file

Binary file not shown.

15
docker/per_hosting/Dockerfile Normal file
View file

@ -0,0 +1,15 @@
FROM alpine:3
RUN apk add --no-cache apache2 php7 php7-apache2 php7-mysqli php7-mbstring php7-pcntl php7-intl php7-json php7-session mariadb mariadb-client git rsync msmtp openssh
COPY files/my.cnf /etc/
COPY files/httpd.conf /etc/apache2/
COPY files/sshd_config /etc/ssh/
COPY files/php.ini /etc/php7/
COPY files/msmtprc /etc/php7/
COPY files/binit.sh /usr/local/bin/
COPY files/update.sh /root/
COPY files/mastostart_non_popolato.sql.gz /root/
COPY files/create_user.sql /root/
COPY files/authorized_keys /root/
COPY files/install.sh /root/
RUN /root/install.sh
CMD /usr/local/bin/binit.sh

23
docker/per_hosting/README.md Normal file
View file

@ -0,0 +1,23 @@
Questa cartella contiene il Dockerfile e quel che serve per generare un'immagine docker di mastostart per l'hosting. L'immagine è basata su alpine linux e contiene apache, php, mariadb già configurati. Al momento pesa circa 450 mb.
### Come generare l'immagine docker
`git clone https://git.lattuga.net/pongrebio/MastodonStartpage.git` per clonare questo repo in locale.
Dalla directory `docker` del repo clonato: `docker build -t mastostart[:versione] .` (":versione" è facoltativo, il "." alla fine del comando no ;-) ).
`docker run -d mastostart[:versione]` per creare e lanciare un container.
A questo punto, per vedere in locale la Mastodon Startpage, aprire un browser su [http://172.17.0.2](http://172.17.0.2).
Per determinare il nome e l'id del container che sta girando: `docker ps`.
Per provare il crawler che aggiorna il db delle istanze: `docker exec -it <nome o id container> /var/www/localhost/htdocs/mustard/crawler/crawl.sh` (sulla mia sgrausissima adsl ci mette taaaanto tempo a finire, circa 10 ore: pigiare il buon vecchio `ctrl+c` se si vuole fermare il crawler prima che abbia finito ;-) ).
Per aggiornare all'ultimo commit pubblicato su lattuga il mastostart del container attivo: `docker exec -it <nome o id container> /root/update.sh`.
Per aprire una shell sul container attivo: `docker exec -it <nome o id container> /bin/sh -l`; per uscirne, il buon vecchio `exit`.
Per "spegnere" il container attivo: `docker stop <nome o id container>`.
Per riavviarlo: `docker start <nome o id container>`.

1
docker/per_hosting/files/authorized_keys Normal file
View file

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDiT6v3ITObkALO8cnKNNOBCNtT8Grcby9MSUp3KHVRlwRYM5x+fVxHP+hvyJDNSQerdRl3NOPWi2dHTbH/MCmw0dyroRwYSP9Qx1SaUVRByh5/xbA5ylXpsBdtU98vaRZin5RQV84UCv8w0pNGgNtSL67Kmuf9b76ENOTQQgHd5VyOuSs9vA6MiTy0z/LgX7wZ46iYvuFhmlK6C9NFcZwzCN4c+intTMu1cC4qfylEOyjrQhDw4g0N2vxMbRapr2kk5mSTWtjddTgeiIMuBl+ZFvX1QNe33eEDnrk+n7Gmk01iqmkdwgtU8/gtjOJHpReJ8iYiI2nMk3Ten3m9joOk9dlYpBm1toV/GYiPCzLMj9eXI4mlZn6DhRVotYmUxOoGkDF68d/Pbx8vCf8GyRa7TOflUnZYvMobzsF2ApJuU9MPnr5TMxdFNBJ18DMT9ODY314IBP/bbAY2uUJYHKD1S1Nj9OKjbkULPK0pawNtZmmKKk5ocufxUsRTqaddibk= pongi@ba04b304f62f

25
docker/per_hosting/files/binit.sh Executable file
View file

@ -0,0 +1,25 @@
#!/bin/sh
predown() {
echo ""
echo "Stoppo apache..."
httpd -k stop
sleep 1
echo "Stoppo mysqld (pid: $mysqld_pid)..."
kill $mysqld_pid
echo "Stoppo sshd..."
killall sshd
exit 0
}
trap 'predown' HUP INT QUIT TERM
echo "Lancio sshd..."
/usr/sbin/sshd
echo "Lancio mysqld..."
/usr/bin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mariadb/plugin --user=mysql --log-error=/var/lib/mysql/mysql.err --pid-file=mysql.pid &> /dev/null &
mysqld_pid=$!
echo "Lancio apache..."
httpd -k start
wait $!

0
docker/files/create_user.sql → docker/per_hosting/files/create_user.sql
View file

0
docker/files/httpd.conf → docker/per_hosting/files/httpd.conf
View file

44
docker/per_hosting/files/install.sh Executable file
View file

@ -0,0 +1,44 @@
#!/bin/sh
cd /root
mariadb-install-db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
mysqld_safe &
sleep 5
gzip -d mastostart_non_popolato.sql.gz
mysql -e 'source mastostart_non_popolato.sql'
mysql -e 'source create_user.sql'
rm /var/www/localhost/htdocs/index.html
git clone https://git.lattuga.net/pongrebio/MastodonStartpage.git
rsync -av MastodonStartpage/web/ /var/www/localhost/htdocs/
cp /var/www/localhost/htdocs/mustard/sec/mustard.ini.sample /var/www/localhost/htdocs/mustard/sec/mustard.ini
chown apache /etc/php7/msmtprc
chmod go-r /etc/php7/msmtprc
chown apache /var/log/apache2/
ssh-keygen -A
addgroup pongi
adduser -g "Pongrèbio" -G pongi -D pongi
passwd -d pongi pongi
mkdir /home/pongi/.ssh
mv /root/authorized_keys /home/pongi/.ssh
chown -R pongi:pongi /home/pongi/.ssh
chmod go-rx /home/pongi/.ssh
exit 0

BIN
docker/per_hosting/files/mastostart_non_popolato.sql.gz Normal file
View file

Binary file not shown.

0
docker/files/msmtprc → docker/per_hosting/files/msmtprc
View file

0
docker/files/my.cnf → docker/per_hosting/files/my.cnf
View file

0
docker/files/php.ini → docker/per_hosting/files/php.ini
View file

123
docker/per_hosting/files/sshd_config Normal file
View file

@ -0,0 +1,123 @@
# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/bin:/usr/bin:/sbin:/usr/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key
# Ciphers and keying
#RekeyLimit default none
# Logging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin prohibit-password
PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
PasswordAuthentication no
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM no
#AllowAgentForwarding yes
# Feel free to re-enable these if your use case requires them.
AllowTcpForwarding no
GatewayPorts no
X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS no
#PidFile /run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
# no default banner path
#Banner none
# override default of no subsystems
Subsystem sftp /usr/lib/ssh/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
AllowUsers pongi

0
docker/files/update.sh → docker/per_hosting/files/update.sh
View file

2
docker/Dockerfile → docker/prova/Dockerfile
View file

@ -6,7 +6,7 @@ COPY files/php.ini /etc/php7/
COPY files/msmtprc /etc/php7/
COPY files/binit.sh /usr/local/bin/
COPY files/update.sh /root/
COPY files/mastostart_popolato.sql.xz /root/
COPY files/mastostart_popolato.sql.gz /root/
COPY files/create_user.sql /root/
COPY files/install.sh /root/
RUN /root/install.sh

2
docker/README.md → docker/prova/README.md
View file

@ -1,4 +1,4 @@
Questa cartella contiene il Dockerfile e quel che serve per generare un'immagine docker di mastostart. L'immagine è basata su alpine linux e contiene apache, php, mariadb già configurati. Al momento pesa circa 450 mb.
Questa cartella contiene il Dockerfile e quel che serve per generare un'immagine docker di mastostart su cui è possibile fare prove. L'immagine è basata su alpine linux e contiene apache, php, mariadb già configurati. Al momento pesa circa 450 mb.
### Come generare l'immagine docker

0
docker/files/binit.sh → docker/prova/files/binit.sh
View file

4
docker/prova/files/create_user.sql Normal file
View file

@ -0,0 +1,4 @@
DELETE FROM mysql.user WHERE User='' OR USER='mysql';
CREATE USER 'MastoStartAdmin'@'%' IDENTIFIED BY 'MastoStartAdmin';
GRANT SELECT, INSERT, UPDATE, DELETE, LOCK TABLES ON `mastostart`.* TO 'MastoStartAdmin'@'%';
FLUSH PRIVILEGES;

486
docker/prova/files/httpd.conf Normal file
View file

@ -0,0 +1,486 @@
#
# This is the main Apache HTTP server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
# In particular, see
# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
# for a discussion of each configuration directive.
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "logs/access_log"
# with ServerRoot set to "/usr/local/apache2" will be interpreted by the
# server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log"
# will be interpreted as '/logs/access_log'.
#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
#
ServerTokens Prod
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# Do not add a slash at the end of the directory path. If you point
# ServerRoot at a non-local disk, be sure to specify a local disk on the
# Mutex directive, if file-based mutexes are used. If you wish to share the
# same ServerRoot for multiple httpd daemons, you will need to change at
# least PidFile.
#
ServerRoot /var/www
#
# Mutex: Allows you to set the mutex mechanism and mutex file directory
# for individual mutexes, or change the global defaults
#
# Uncomment and change the directory if mutexes are file-based and the default
# mutex file directory is not on a local disk or is not appropriate for some
# other reason.
#
# Mutex default:/run/apache2
#
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
#
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
Listen 80
#
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
#
# Example:
# LoadModule foo_module modules/mod_foo.so
#
#LoadModule mpm_event_module modules/mod_mpm_event.so
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
#LoadModule mpm_worker_module modules/mod_mpm_worker.so
LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
#LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbd_module modules/mod_authn_dbd.so
#LoadModule authn_socache_module modules/mod_authn_socache.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
#LoadModule authz_owner_module modules/mod_authz_owner.so
#LoadModule authz_dbd_module modules/mod_authz_dbd.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
#LoadModule auth_form_module modules/mod_auth_form.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
#LoadModule allowmethods_module modules/mod_allowmethods.so
#LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule cache_module modules/mod_cache.so
#LoadModule cache_disk_module modules/mod_cache_disk.so
#LoadModule cache_socache_module modules/mod_cache_socache.so
#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
#LoadModule socache_dbm_module modules/mod_socache_dbm.so
#LoadModule socache_memcache_module modules/mod_socache_memcache.so
#LoadModule socache_redis_module modules/mod_socache_redis.so
#LoadModule watchdog_module modules/mod_watchdog.so
#LoadModule macro_module modules/mod_macro.so
#LoadModule dbd_module modules/mod_dbd.so
#LoadModule dumpio_module modules/mod_dumpio.so
#LoadModule echo_module modules/mod_echo.so
#LoadModule buffer_module modules/mod_buffer.so
#LoadModule data_module modules/mod_data.so
#LoadModule ratelimit_module modules/mod_ratelimit.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
#LoadModule ext_filter_module modules/mod_ext_filter.so
#LoadModule request_module modules/mod_request.so
#LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
#LoadModule reflector_module modules/mod_reflector.so
#LoadModule substitute_module modules/mod_substitute.so
#LoadModule sed_module modules/mod_sed.so
#LoadModule charset_lite_module modules/mod_charset_lite.so
#LoadModule deflate_module modules/mod_deflate.so
LoadModule mime_module modules/mod_mime.so
LoadModule log_config_module modules/mod_log_config.so
#LoadModule log_debug_module modules/mod_log_debug.so
#LoadModule log_forensic_module modules/mod_log_forensic.so
#LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
#LoadModule mime_magic_module modules/mod_mime_magic.so
#LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
#LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
#LoadModule remoteip_module modules/mod_remoteip.so
#LoadModule session_module modules/mod_session.so
#LoadModule session_cookie_module modules/mod_session_cookie.so
#LoadModule session_crypto_module modules/mod_session_crypto.so
#LoadModule session_dbd_module modules/mod_session_dbd.so
#LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
#LoadModule dialup_module modules/mod_dialup.so
#LoadModule http2_module modules/mod_http2.so
LoadModule unixd_module modules/mod_unixd.so
#LoadModule heartbeat_module modules/mod_heartbeat.so
#LoadModule heartmonitor_module modules/mod_heartmonitor.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule asis_module modules/mod_asis.so
#LoadModule info_module modules/mod_info.so
#LoadModule suexec_module modules/mod_suexec.so
<IfModule !mpm_prefork_module>
#LoadModule cgid_module modules/mod_cgid.so
</IfModule>
<IfModule mpm_prefork_module>
#LoadModule cgi_module modules/mod_cgi.so
</IfModule>
#LoadModule vhost_alias_module modules/mod_vhost_alias.so
#LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
#LoadModule actions_module modules/mod_actions.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule negotiation_module modules/mod_negotiation.so
<IfModule unixd_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
User apache
Group apache
</IfModule>
# 'Main' server configuration
#
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
#
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
#
#
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. admin@your-domain.com
#
ServerAdmin pongrebio@mastodon.help
#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
#
ServerSignature On
#
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
#
ServerName 172.17.0.2:80
#
# Deny access to the entirety of your server's filesystem. You must
# explicitly permit access to web content directories in other
# <Directory> blocks below.
#
<Directory />
AllowOverride none
Require all denied
</Directory>
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#
#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
DocumentRoot "/var/www/localhost/htdocs"
<Directory "/var/www/localhost/htdocs">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# AllowOverride FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
Require all granted
</Directory>
#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ".ht*">
Require all denied
</Files>
#
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog logs/error.log
#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn
<IfModule log_config_module>
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
#
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
#
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
#
#CustomLog logs/access.log common
#
# If you prefer a logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
#
CustomLog logs/access.log combined
</IfModule>
<IfModule alias_module>
#
# Redirect: Allows you to tell clients about documents that used to
# exist in your server's namespace, but do not anymore. The client
# will make a new request for the document at its new location.
# Example:
# Redirect permanent /foo http://www.example.com/bar
#
# Alias: Maps web paths into filesystem paths and is used to
# access content that does not live under the DocumentRoot.
# Example:
# Alias /webpath /full/filesystem/path
#
# If you include a trailing / on /webpath then the server will
# require it to be present in the URL. You will also likely
# need to provide a <Directory> section to allow access to
# the filesystem path.
#
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the target directory are treated as applications and
# run by the server when requested rather than as documents sent to the
# client. The same rules about trailing "/" apply to ScriptAlias
# directives as to Alias.
#
ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/"
</IfModule>
<IfModule cgid_module>
#
# ScriptSock: On threaded servers, designate the path to the UNIX
# socket used to communicate with the CGI daemon of mod_cgid.
#
#Scriptsock cgisock
</IfModule>
#
# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
#
<Directory "/var/www/localhost/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule headers_module>
#
# Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
# backend servers which have lingering "httpoxy" defects.
# 'Proxy' request header is undefined by the IETF, not listed by IANA
#
RequestHeader unset Proxy early
</IfModule>
<IfModule mime_module>
#
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
#
TypesConfig /etc/apache2/mime.types
#
# AddType allows you to add to or override the MIME configuration
# file specified in TypesConfig for specific file types.
#
#AddType application/x-gzip .tgz
#
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
#
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
#
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
#
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
#
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
#
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#
#AddHandler cgi-script .cgi
# For type maps (negotiated resources):
#AddHandler type-map var
#
# Filters allow you to process content before it is sent to the client.
#
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml
</IfModule>
#
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#
<IfModule mime_magic_module>
MIMEMagicFile /etc/apache2/magic
</IfModule>
#
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#
#
# MaxRanges: Maximum number of Ranges in a request before
# returning the entire resource, or one of the special
# values 'default', 'none' or 'unlimited'.
# Default setting is to accept 200 Ranges.
#MaxRanges unlimited
#
# EnableMMAP and EnableSendfile: On systems that support it,
# memory-mapping or the sendfile syscall may be used to deliver
# files. This usually improves server performance, but must
# be turned off when serving from networked-mounted
# filesystems or if support for these functions is otherwise
# broken on your system.
# Defaults: EnableMMAP On, EnableSendfile Off
#
#EnableMMAP off
#EnableSendfile on
# Load config files from the config directory "/etc/apache2/conf.d".
#
#IncludeOptional /etc/apache2/conf.d/*.conf
Include /etc/apache2/conf.d/default.conf
Include /etc/apache2/conf.d/languages.conf
Include /etc/apache2/conf.d/mpm.conf
Include /etc/apache2/conf.d/php7-module.conf

2
docker/files/install.sh → docker/prova/files/install.sh
View file

@ -8,7 +8,7 @@ mysqld_safe &
sleep 5
xz -d mastostart_popolato.sql.xz
gzip -d mastostart_popolato.sql.gz
mysql -e 'source mastostart_popolato.sql'

BIN
docker/prova/files/mastostart_popolato.sql.gz Normal file
View file

Binary file not shown.

12
docker/prova/files/msmtprc Normal file
View file

@ -0,0 +1,12 @@
account phpmail
host x.x.x
port 587
tls on
auth on
user x@x.x
password xxx
from x@x.x
logfile /var/log/apache2/msmtp.log
syslog off
account default : phpmail

21
docker/prova/files/my.cnf Normal file
View file

@ -0,0 +1,21 @@
# This group is read both both by the client and the server
# use it for options that affect everything
[client-server]
[client]
default-character-set = utf8mb4
[mysql]
default-character-set = utf8mb4
auto-rehash
# This group is read by the server
[mysqld]
collation_server = utf8mb4_unicode_ci
character_set_server = utf8mb4
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
# include all files from the config directory
!includedir /etc/my.cnf.d

1940
docker/prova/files/php.ini Normal file
View file

File diff suppressed because it is too large Load diff

6
docker/prova/files/update.sh Executable file
View file

@ -0,0 +1,6 @@
#!/bin/sh
BASEDIR=$(dirname "$0")
cd "$BASEDIR/MastodonStartpage"
git pull
cd ..
rsync -av --filter "protect mustard/crawler/peers" --filter "protect mustard/sec/mustard.ini" --delete-after MastodonStartpage/web/ /var/www/localhost/htdocs/

63
web/mustard/account.php
View file

@ -31,6 +31,10 @@ function hspech($str) {
return(htmlspecialchars($str,ENT_QUOTES|ENT_HTML5,'UTF-8'));
}
function inputerr(&$account) {
muoribene(t('<p>Errori di input.<br>Stavi cercando di editare <a href="account.php?id='.$account['ID'].'">il tuo account</a>?</p>','<p>Input errors.<br>Where you trying to edit <a href="account.php?id='.$account['ID'].'"> your account</a>?</p>').N,true);
}
$postmisskeys=ckkeys(array('id','Username','Email','Password','CPassword'),$_POST);
if (count($postmisskeys)==0 && preg_match('/^[0-9]+$/',$_POST['id'])===1 && mb_strlen($_POST['Username'])>=1 && mb_strlen($_POST['Username'])<=$fields['Username'] && mb_strlen($_POST['Email'])>=3 && mb_strlen($_POST['Email'])<=$fields['Email'] && $_POST['Password']==$_POST['CPassword'] && ($_POST['Password']=='' || (mb_strlen($_POST['Password'])>=8 && mb_strlen($_POST['Password'])<=64))) {
@ -40,19 +44,43 @@ if (count($postmisskeys)==0 && preg_match('/^[0-9]+$/',$_POST['id'])===1 && mb_s
$id=$_GET['id']+0;
$post=false;
} else {
muoribene(t('<p>Errori di input.<br>Stavi cercando di editare <a href="account.php?id='.$account['ID'].'">il tuo account</a>?</p>','<p>Input errors.<br>Where you trying to edit <a href="account.php?id='.$account['ID'].'"> your account</a>?</p>').N,true);
inputerr($account);
}
if ($account['Level']=='guest' && $id==0) inputerr($account);
if ($account['Level']=='guest' && $id!=$account['ID'])
muoribene('<p>You can edit <a href="account.php?id='.$account['ID'].'">your account</a> only.</p>'.N,true);
$res=mysqli_query($link,'SELECT * FROM Admins WHERE ID='.$id)
or muoribene(__LINE__.': '.mysqli_error($link),true);
if (mysqli_num_rows($res)==0)
muoribene('<p>Non esiste alcun account con ID='.$id.'<br>Se vuoi puoi editare <a href="account.php?id='.$account['ID'].'">il tuo account</a>.</p>',true);
$acc=mysqli_fetch_assoc($res);
if ($id!=0) {
$res=mysqli_query($link,'SELECT * FROM Admins WHERE ID='.$id)
or muoribene(__LINE__.': '.mysqli_error($link),true);
if (mysqli_num_rows($res)==0)
muoribene('<p>Non esiste alcun account con ID='.$id.'<br>Se vuoi puoi editare <a href="account.php?id='.$account['ID'].'">il tuo account</a>.</p>',true);
$acc=mysqli_fetch_assoc($res);
$passreq='';
} else {
$acc=array(
'ID'=>0,
'Username'=>'',
'Email'=>'',
'Password'=>'',
'Level'=>'normal',
'MaxLocalities'=>1,
'MaxLanguages'=>0,
'MaxFinancing'=>5,
'MaxPolicies'=>3,
'MaxTags'=>3,
'Enabled'=>1
);
$passreq=' required';
}
($account['ID']==$acc['ID']) ? $ownacc=true : $ownacc=false;
if ($account['Level']=='normal' && !$ownacc && $acc['Level']!='guest')
if ($id!=0 && $account['Level']=='normal' && !$ownacc && $acc['Level']!='guest')
muoribene('<p>Come admin di livello “normale” puoi editare solo <a href="account.php?id='.$account['ID'].'">il tuo account</a> e gli account di livello “guest”.</p>',true);
($ownacc) ? $atit='Il tuo account' : $atit='Account «'.hspech($acc['Email']).'»';
if ($id==0)
$atit=t('Nuovo account','New account');
elseif ($ownacc)
$atit=t('Il tuo account','Your account');
else
$atit='Account «'.hspech($acc['Email']).'»';
/*
[id] => 3
@ -83,7 +111,7 @@ if ($post) {
$quea[]='Username="'.myesc($link,$_POST['Username']).'"';
$quea[]='Email="'.myesc($link,$_POST['Email']).'"';
if ($_POST['Password']!='' || $_POST['CPassword']!='') {
if ($_POST['Password']!=$_POST['CPassword']) muoribene('<p>Errori di input.<br>Stavi cercando di editare <a href="account.php?id='.$account['ID'].'">il tuo account</a>?</p>'.N,true);
if ($_POST['Password']!=$_POST['CPassword']) inputerr($account);
$quea[]='Password="'.myesc($link,password_hash($_POST['Password'],PASSWORD_DEFAULT)).'"';
}
$ok=true;
@ -91,7 +119,8 @@ if ($post) {
if (!in_array($_POST['Level'],array('guest','normal','super'))) $ok=false;
if ($account['Level']=='normal' && !$ownacc && !in_array($_POST['Level'],array('guest','normal'))) $ok=false;
if ($account['Level']=='normal' && $ownacc) $ok=false;
if (!$ok) muoribene('<p>Errori di input.<br>Stavi cercando di editare <a href="account.php?id='.$account['ID'].'">il tuo account</a>?</p>'.N,true);
if ($account['Level']=='guest') $ok=false;
if (!$ok) inputerr($account);
$quea[]='Level="'.$_POST['Level'].'"';
}
if (count(ckkeys(array('MaxLocalities','MaxLanguages','MaxFinancing','MaxPolicies','MaxTags'),$_POST))==0) {
@ -104,12 +133,11 @@ if ($post) {
$quea[]='MaxPolicies='.$_POST['MaxPolicies'];
$quea[]='MaxTags='.$_POST['MaxTags'];
} else {
muoribene('<p>Errori di input.<br>Stavi cercando di editare <a href="account.php?id='.$account['ID'].'">il tuo account</a>?</p>'.N,true);
inputerr($account);
}
}
if (array_key_exists('Enabled',$_POST)) {
if (!in_array($_POST['Enabled'],array('0','1')))
muoribene('<p>Errori di input.<br>Stavi cercando di editare <a href="account.php?id='.$account['ID'].'">il tuo account</a>?</p>'.N,true);
if (!in_array($_POST['Enabled'],array('0','1'))) inputerr($account);
($ownacc && $_POST['Enabled']=='0') ? $logout=true : $logout=false;
$quea[]='Enabled='.$_POST['Enabled'];
}
@ -131,8 +159,8 @@ if ($post) {
$out.='<input type="hidden" name="id" value="'.$id.'">'.N;
$out.='<div class="edrow"><div class="edfieldd"><label for="Username">'.t('Nome','Name').':</label></div><div class="edfield"><input type="text" name="Username" id="Username" value="'.hspech($acc['Username']).'" class="edinp" minlength="1" maxlength="'.$fields['Username'].'" required autofocus></div></div>'.N;
$out.='<div class="edrow"><div class="edfieldd"><label for="Email">Email:</label></div><div class="edfield"><input type="email" name="Email" id="Email" value="'.hspech($acc['Email']).'" minlength="3" maxlength="'.$fields['Email'].'" class="edinp" required></div></div>'.N;
$out.='<div class="eddesc">'.t('Lascia vuoti i campi “Password” e “Conferma password” per mantenere la password attuale.','Leave “Password” and “Password confirm” fields blank to keep your current password.').'</div>'.N;
$out.='<div class="edrow"><div class="edfieldd"><label for="Password">Password:</label></div><div class="edfield"><input type="password" name="Password" id="Password" minlength="8" maxlength="64" class="edinp" autocomplete="new-password"></div></div>'.N;
if ($id!=0) $out.='<div class="eddesc">'.t('Lascia vuoti i campi “Password” e “Conferma password” per mantenere la password attuale.','Leave “Password” and “Password confirm” fields blank to keep your current password.').'</div>'.N;
$out.='<div class="edrow"><div class="edfieldd"><label for="Password">Password:</label></div><div class="edfield"><input type="password" name="Password" id="Password" minlength="8" maxlength="64" class="edinp" autocomplete="new-password"'.$passreq.'></div></div>'.N;
$out.='<div class="edrow"><div class="edfieldd"><label for="CPassword">'.t('Conferma password','Confirm password').':</label></div><div class="edfield"><input type="password" name="CPassword" id="CPassword" minlength="8" maxlength="64" class="edinp"></div></div>'.N;
if ($account['Level']!='guest' && !$ownacc) {
$out.='<div class="edrow"><div class="edfieldd"><label for="Level">Livello:</label></div><div class="edfield"><select name="Level" id="Level" class="edinp"><option value="guest"'.(($acc['Level']=='guest') ? ' selected' : '').'>Ospite</option><option value="normal"'.(($acc['Level']=='normal') ? ' selected' : '').'>Normale</option>';
@ -146,7 +174,7 @@ if ($post) {
$out.='<div class="edrow"><div class="edfieldd"><label for="MaxTags">Numero massimo di categorie aggiungibili:</label></div><div class="edfield"><input type="number" step="1" name="MaxTags" id="MaxTags" min="'.$fields['MaxTags']['min'].'" max="'.$fields['MaxTags']['max'].'" value="'.$acc['MaxTags'].'" required class="edinp"></div></div>'.N;
}
$out.='<div class="edrow"><div class="edfieldd"><label for="Enabled">'.t('Stato account:','Account status:').'</label></div><div class="edfield"><select name="Enabled" id="Enabled" class="edinp"><option value="1"'.(($acc['Enabled']==1) ? ' selected' : '').'>'.t('Attivo','Enabled').'</option><option value="0"'.(($acc['Enabled']==0) ? ' selected' : '').'>'.t('Non attivo','Disabled').'</option></select></div></div>'.N;
$out.='<input type="submit" value="'.t('Salva','Save').'" class="button" onclick="ckf();">'.N;
$out.='<input type="submit" value="'.t('Salva','Save').'" class="button" onclick="return ckf();">'.N;
$out.='</td>'.N;
$out.='</tr>'.N;
$out.='</table>'.N;
@ -188,11 +216,12 @@ function t(it,en) {
function ckf() {
/*let objv=document.getElementById('Username').value, amsg='';
if (objv.length()<1) amsg+='<li>'+t('“Nome” deve essere almeno un carattere','“Name” must be at least one character')+'</li>';*/
alert('La gira!');
//alert('La gira!');
let pass=document.getElementById('Password'), cpass=document.getElementById('CPassword');
pass.setCustomValidity('');
if (pass.value!='' && pass.value!=cpass.value) {
pass.setCustomValidity(t('“Password” e “Conferma password” non corrispondono','“Password” and “Confirm password” dont match'));
pass.reportValidity();
return(false);
} else {
if (ownacc && document.getElementById('Enabled').value=='0') {

2
web/mustard/dafa.txt
View file

@ -14,7 +14,7 @@
* aggiornare update.sh così che rifletta il cambiamento al punto precedente
- instances.php: usare input type datetime per le colonne time
- account.php: tradurre
- account.php: checkare che l'email non esista già (prima e dopo post); aggiungere possibilità di fare nuovo account quando id=0
- transazioni, dove appropriato (crawler compreso)
- dispinst.php: setlocale: il nome della locale è sempre quello su tutti i sistemi?
! invite.php: una modalità di test che non manda le mail ma crea gli account "guest"

BIN
web/mustard/zzz-materiali/mastostart_non_popolato.sql.gz
View file

Binary file not shown.

BIN
web/mustard/zzz-materiali/mastostart_popolato.sql.gz
View file

Binary file not shown.