librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

linux - fix unknown scheme error and do nginx reload as root in UI

This commit is contained in:
bunkerity 2021-08-18 13:38:09 +02:00
parent 8a4eb3f2a3
commit fde14d1621
No known key found for this signature in database
GPG Key ID: 3D80806F12602A7C
6 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
helpers/install.sh
View File

@ -836,6 +836,12 @@ if [ "$OS" != "alpine" ] ; then
fi
# Allow RX access to others on /opt/bunkerized-nginx
do_and_check_cmd chmod 755 /opt/bunkerized-nginx
# Allow nginx group to do nginx reload as root
if [ "$OS" != "alpine" ] ; then
do_and_check_cmd chown root:nginx /opt/bunkerized-nginx/ui/nginx-reload.sh
do_and_check_cmd chmod 750 /opt/bunkerized-nginx/ui/nginx-reload.sh
do_and_check_cmd chmod u+s /opt/bunkerized-nginx/ui/nginx-reload.sh
fi
# Prepare log files and folders
echo "[*] Prepare log files and folders"

3
tests/Dockerfile-fedora
View File

@ -12,4 +12,5 @@ rm -f /lib/systemd/system/basic.target.wants/*;\
rm -f /lib/systemd/system/anaconda.target.wants/*;\
rm -f /lib/systemd/system/*tmpfiles*;\
rm -f /lib/systemd/user/*tmpfiles*;\
find /lib/systemd/ -type f -iname "*.service" -exec rm -f {} \;
find /lib/systemd/ -type f -iname "*.service" -exec rm -f {} \;;\
find /etc/systemd/ -type f -inaùe "*.service" -exec rm -f {} \;

2
ui/bunkerized-nginx-ui.service
View File

@ -7,7 +7,7 @@ User=nginx
Group=nginx
WorkingDirectory=/opt/bunkerized-nginx/ui
EnvironmentFile=/opt/bunkerized-nginx/ui/variables.env
ExecStart=gunicorn --bind 127.0.0.1:5000 -m 007 wsgi:app
ExecStart=gunicorn --config config.py --bind 127.0.0.1:5000 -m 007 wsgi:app
[Install]
WantedBy=multi-user.target

1
ui/config.py Normal file
View File

@ -0,0 +1 @@
secure_scheme_headers = {'X-FORWARDED-PROTOCOL': 'https', 'X-FORWARDED-PROTO': 'https', 'X-FORWARDED-SSL': 'on'}

5
ui/linux-reload.sh Normal file
View File

@ -0,0 +1,5 @@
#!/bin/sh
systemctl reload nginx
exit $?

2
ui/src/Instances.py
View File

@ -107,7 +107,7 @@ class Instances :
if proc.returncode != 0 :
result = False
else :
proc = subprocess.run(["/usr/sbin/nginx", "-s", "reload"], capture_output=True)
proc = subprocess.run(["/opt/bunkerized-nginx/ui/nginx-reload.sh"], capture_output=True)
result = proc.returncode == 0
elif instance["type"] == "container" or instance["type"] == "service" :
result = self.__api_request(instance, "/reload")