Sfoglia il codice sorgente

Merge branch 'stretch' of https://github.com/bashrc/freedombone

Bob Mottram 7 anni fa
parent
commit
7c9c42ab6d

+ 11
- 0
src/freedombone-app-gnusocial Vedi File

@@ -724,6 +724,8 @@ function install_gnusocial_main {
724 724
           echo '';
725 725
           echo '  # PHP';
726 726
           echo '  location ~ \.php {';
727
+          echo '    client_max_body_size 50m;';
728
+          echo '    client_body_buffer_size 50m;';
727 729
           echo '    include snippets/fastcgi-php.conf;';
728 730
           echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;';
729 731
           echo '    fastcgi_read_timeout 30;';
@@ -738,6 +740,8 @@ function install_gnusocial_main {
738 740
           echo '';
739 741
           echo '  # Fancy URLs';
740 742
           echo '  location @gnusocial {';
743
+          echo '    client_max_body_size 50m;';
744
+          echo '    client_body_buffer_size 50m;';
741 745
           echo "    rewrite ^(.*)\$ /index.php?p=\$1 last;";
742 746
           echo '  }';
743 747
           echo '';
@@ -771,6 +775,8 @@ function install_gnusocial_main {
771 775
       echo '';
772 776
       echo '  # PHP';
773 777
       echo '  location ~ \.php {';
778
+      echo '    client_max_body_size 50m;';
779
+      echo '    client_body_buffer_size 50m;';
774 780
       echo '    include snippets/fastcgi-php.conf;';
775 781
       echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;';
776 782
       echo '    fastcgi_read_timeout 30;';
@@ -785,6 +791,8 @@ function install_gnusocial_main {
785 791
       echo '';
786 792
       echo '  # Fancy URLs';
787 793
       echo '  location @gnusocial {';
794
+      echo '    client_max_body_size 50m;';
795
+      echo '    client_body_buffer_size 50m;';
788 796
       echo "    rewrite ^(.*)\$ /index.php?p=\$1 last;";
789 797
       echo '  }';
790 798
       echo '';
@@ -794,6 +802,9 @@ function install_gnusocial_main {
794 802
       echo '  }';
795 803
       echo '}'; } >> "$gnusocial_nginx_site"
796 804
 
805
+    function_check gnusocial_set_limits
806
+    gnusocial_set_limits "$gnusocial_nginx_site"
807
+
797 808
     function_check configure_php
798 809
     configure_php
799 810
 

+ 11
- 0
src/freedombone-app-postactiv Vedi File

@@ -738,6 +738,8 @@ function install_postactiv_main {
738 738
           echo '';
739 739
           echo '  # PHP';
740 740
           echo '  location ~ \.php {';
741
+          echo '    client_max_body_size 50m;';
742
+          echo '    client_body_buffer_size 50m;';
741 743
           echo '    include snippets/fastcgi-php.conf;';
742 744
           echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;';
743 745
           echo '    fastcgi_read_timeout 30;';
@@ -752,6 +754,8 @@ function install_postactiv_main {
752 754
           echo '';
753 755
           echo '  # Fancy URLs';
754 756
           echo '  location @postactiv {';
757
+          echo '    client_max_body_size 50m;';
758
+          echo '    client_body_buffer_size 50m;';
755 759
           echo "    rewrite ^(.*)\$ /index.php?p=\$1 last;";
756 760
           echo '  }';
757 761
           echo '';
@@ -785,6 +789,8 @@ function install_postactiv_main {
785 789
       echo '';
786 790
       echo '  # PHP';
787 791
       echo '  location ~ \.php {';
792
+      echo '    client_max_body_size 50m;';
793
+      echo '    client_body_buffer_size 50m;';
788 794
       echo '    include snippets/fastcgi-php.conf;';
789 795
       echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;';
790 796
       echo '    fastcgi_read_timeout 30;';
@@ -799,6 +805,8 @@ function install_postactiv_main {
799 805
       echo '';
800 806
       echo '  # Fancy URLs';
801 807
       echo '  location @postactiv {';
808
+      echo '    client_max_body_size 50m;';
809
+      echo '    client_body_buffer_size 50m;';
802 810
       echo "    rewrite ^(.*)\$ /index.php?p=\$1 last;";
803 811
       echo '  }';
804 812
       echo '';
@@ -808,6 +816,9 @@ function install_postactiv_main {
808 816
       echo '  }';
809 817
       echo '}'; } >> "$postactiv_nginx_site"
810 818
 
819
+    function_check gnusocial_set_limits
820
+    gnusocial_set_limits "$postactiv_nginx_site"
821
+
811 822
     function_check configure_php
812 823
     configure_php
813 824
 

+ 22
- 0
src/freedombone-app-xmpp Vedi File

@@ -60,6 +60,7 @@ xmpp_variables=(ONION_ONLY
60 60
                 XMPP_ECC_CURVE
61 61
                 XMPP_ECC_CURVE
62 62
                 MY_USERNAME
63
+                MY_EMAIL_ADDRESS
63 64
                 DEFAULT_DOMAIN_NAME
64 65
                 XMPP_DOMAIN_CODE)
65 66
 
@@ -431,6 +432,7 @@ function upgrade_xmpp {
431 432
     function_check update_prosody_modules
432 433
     update_prosody_modules
433 434
     xmpp_onion_addresses /etc/prosody/prosody.cfg.lua
435
+    xmpp_contact_info /etc/prosody/prosody.cfg.lua
434 436
 
435 437
     if grep -q "/etc/ssl/certs/xmpp.dhparam" /etc/prosody/prosody.cfg.lua; then
436 438
         cp /etc/ssl/certs/xmpp.dhparam /etc/prosody/xmpp.dhparam
@@ -658,10 +660,27 @@ function xmpp_email_headers {
658 660
     done
659 661
 }
660 662
 
663
+function xmpp_contact_info {
664
+    filename="$1"
665
+
666
+    if grep -q "contact_info =" "$filename"; then
667
+        return
668
+    fi
669
+
670
+    { 'contact_info = {';
671
+      "abuse = { \"mailto:${MY_EMAIL_ADDRESS}\", \"xmpp:${USERNAME}@${HOSTNAME}\" };";
672
+      "admin = { \"mailto:${MY_EMAIL_ADDRESS}\", \"xmpp:${USERNAME}@${HOSTNAME}\" };";
673
+      "feedback = { \"mailto:${MY_EMAIL_ADDRESS}\", \"xmpp:${USERNAME}@${HOSTNAME}\" };";
674
+      "security = { \"xmpp:${USERNAME}@${HOSTNAME}\" };";
675
+      "support = { \"xmpp:${USERNAME}@${HOSTNAME}\" };";
676
+      '};'; } >> "$filename"
677
+}
678
+
661 679
 function xmpp_modules {
662 680
     filename="$1"
663 681
 
664 682
     { echo 'modules_enabled = {';
683
+      echo '  "server_contact_info";';
665 684
       echo '  "pubsub";';
666 685
       echo '  "pubsub_hub";';
667 686
       echo '  "dialback"; -- s2s dialback support';
@@ -706,6 +725,8 @@ function xmpp_modules {
706 725
 function xmpp_onion_addresses {
707 726
     filename="$1"
708 727
 
728
+    sed -i '/onions_map = {/,/};/d' "$filename"
729
+
709 730
     { echo 'onions_map = {';
710 731
       echo '  ["anonymitaet-im-inter.net"] = "rwf5skuv5vqzcdit.onion";';
711 732
       echo '  ["autistici.org"] = "wi7qkxyrdpu5cmvr.onion";';
@@ -754,6 +775,7 @@ function xmpp_create_config {
754 775
     xmpp_modules /etc/prosody/prosody.cfg.lua
755 776
     echo '' >> /etc/prosody/prosody.cfg.lua
756 777
     xmpp_onion_addresses /etc/prosody/prosody.cfg.lua
778
+    xmpp_contact_info /etc/prosody/prosody.cfg.lua
757 779
     { echo '';
758 780
       echo 'allow_registration = false;';
759 781
       echo '';

+ 8
- 0
src/freedombone-utils-gnusocialtools Vedi File

@@ -43,6 +43,14 @@ SHARINGS_THEME_COMMIT='a46ef375d19e8ef6889653668a7e697b0ba2013c'
43 43
 GNUSOCIAL_MARKDOWN_REPO="https://git.gnu.io/chimo/markdown.git"
44 44
 GNUSOCIAL_MARKDOWN_COMMIT='03c53942f94b3376f0946e6e1fe566cc21ccf232'
45 45
 
46
+function gnusocial_set_limits {
47
+    filename="$1"
48
+
49
+    sed -i 's|client_body_buffer_size.*|client_body_buffer_size 5m;|g' "$filename"
50
+    sed -i 's|limit_conn conn_limit_per_ip.*|limit_conn conn_limit_per_ip 100;|g' "$filename"
51
+    sed -i 's|req_limit_per_ip.*|req_limit_per_ip burst=100 nodelay;|g' "$filename"
52
+}
53
+
46 54
 # Stuff to be done after restoring from backup
47 55
 function gnusocial_update_after_restore {
48 56
     gnusocial_variant="$1"

+ 5
- 4
src/freedombone-utils-web Vedi File

@@ -415,11 +415,12 @@ function letsencrypt_renewals {
415 415
 }
416 416
 
417 417
 function configure_php {
418
-    sed -i "s/memory_limit = 128M/memory_limit = ${MAX_PHP_MEMORY}M/g" /etc/php/7.0/fpm/php.ini
418
+    sed -i "s/memory_limit =.*/memory_limit = ${MAX_PHP_MEMORY}M/g" /etc/php/7.0/fpm/php.ini
419 419
     sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php/7.0/fpm/php.ini
420
-    sed -i "s/memory_limit = -1/memory_limit = ${MAX_PHP_MEMORY}M/g" /etc/php/7.0/cli/php.ini
421
-    sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 50M/g" /etc/php/7.0/fpm/php.ini
422
-    sed -i "s/post_max_size = 8M/post_max_size = 50M/g" /etc/php/7.0/fpm/php.ini
420
+    sed -i "s/memory_limit =.*/memory_limit = ${MAX_PHP_MEMORY}M/g" /etc/php/7.0/cli/php.ini
421
+    sed -i "s/upload_max_filesize =.*/upload_max_filesize = 50M/g" /etc/php/7.0/fpm/php.ini
422
+    sed -i "s/upload_max_filesize =.*/upload_max_filesize = 50M/g" /etc/php/7.0/cli/php.ini
423
+    sed -i "s/post_max_size =.*/post_max_size = 50M/g" /etc/php/7.0/fpm/php.ini
423 424
 }
424 425
 
425 426
 function install_web_server_access_control {